Debian Bug report logs - #570773
LDAP/TLS cert handling problems when "ldap" DNS name already exists

version graph

Package: debian-edu-config; Maintainer for debian-edu-config is Debian Edu Developers <debian-edu@lists.debian.org>; Source for debian-edu-config is src:debian-edu-config.

Reported by: Holger Levsen <holger@layer-acht.org>

Date: Sun, 21 Feb 2010 12:30:01 UTC

Severity: normal

Found in version debian-edu-config/1.436

Fixed in version debian-edu-config/1.447

Done: Petter Reinholdtsen <pere@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Sun, 21 Feb 2010 12:30:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Holger Levsen <holger@layer-acht.org>:
New Bug report received and forwarded. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Sun, 21 Feb 2010 12:30:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Holger Levsen <holger@layer-acht.org>
To: submit@bugs.debian.org
Subject: squeeze: LDAP connections using TLS do not work
Date: Sun, 21 Feb 2010 13:27:18 +0100
[Message part 1 (text/plain, inline)]
package: debian-edu-config
severity: serious
version: 1.436
User: debian-edu@lists.debian.org
Usertags: debian-edu

Hi,

Something is wrong with the generation and/or with the distribution of the 
LDAP SSL certificate. LDAP connections using TLS do not work.

Filing as serious as having LDAP configured out of the box is a core feature 
of Debian Edu.


cheers,
	Holger
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Wed, 24 Feb 2010 12:03:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petter Reinholdtsen <pere@hungry.com>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Wed, 24 Feb 2010 12:03:06 GMT) Full text and rfc822 format available.

Message #10 received at 570773@bugs.debian.org (full text, mbox):

From: Petter Reinholdtsen <pere@hungry.com>
To: 570773@bugs.debian.org
Subject: Re: Bug#570773: squeeze: LDAP connections using TLS do not work
Date: Wed, 24 Feb 2010 13:01:39 +0100
[Holger Levsen]
> Something is wrong with the generation and/or with the distribution of the 
> LDAP SSL certificate. LDAP connections using TLS do not work.
> 
> Filing as serious as having LDAP configured out of the box is a core
> feature of Debian Edu.

I suspect the cause of my problems during testing is that I install on
a network where the 'ldap' DNS name already exist, causing the
installer to download the wrong server certificate to
/etc/ldap/ssl/ldap-server-pubkey.pem on the main server (it should be
copied from the local disk instead).  The certificate is then wrong
when I disconnect the main-server from the local network to test it
after installation.

If I am right, this problem will affect lenny installations too.

I have added some test code to testsuite/ldap-server in svn to detect
when that happen, and hope it will make it posible to verify my
suspicion.

Happy hacking,
-- 
Petter Reinholdtsen




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Fri, 26 Feb 2010 14:39:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to "Andreas B. Mundt" <andi.mundt@web.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 26 Feb 2010 14:39:06 GMT) Full text and rfc822 format available.

Message #15 received at 570773@bugs.debian.org (full text, mbox):

From: "Andreas B. Mundt" <andi.mundt@web.de>
To: 570773@bugs.debian.org
Subject: /etc/ldap/ssl/ldap-server-pubkey.pem missing
Date: Fri, 26 Feb 2010 15:34:59 +0100
Hi,

some observations, probably more or less known, just as a reminder for
further tests (and for myself :)): 

After the installation of a combined squeeze tjener/terminalserver (as
known automatic partitions are too small, I therefore used a single
one), I explored the following:  

nslcd.conf has to be edited (probab. already fixed, see
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=570781 )

/etc/ldap/ssl/ldap-server-pubkey.pem is missing on tjener.

Therefore lwat does also not work. The creation of the missing file
from /etc/ldap/ssl/slapd.pem fixed the issue. This should happen by
debian-edu-config (ltsp-make-client) automatically.   

Regards

	Andi




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Mon, 26 Apr 2010 19:00:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Petter Reinholdtsen <pere@hungry.com>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Mon, 26 Apr 2010 19:00:06 GMT) Full text and rfc822 format available.

Message #20 received at 570773@bugs.debian.org (full text, mbox):

From: Petter Reinholdtsen <pere@hungry.com>
To: 570773@bugs.debian.org
Subject: Re: Bug#570773: squeeze: LDAP connections using TLS do not work
Date: Mon, 26 Apr 2010 20:58:11 +0200
severity 570773 normal
thanks

[Petter Reinholdtsen]
> I have added some test code to testsuite/ldap-server in svn to
> detect when that happen, and hope it will make it posible to verify
> my suspicion.

I've now verified that LDAP and TLS work when not installing on a
network where the ldap DNS name already is defined.  Because of this,
I lower the severity to normal.

I believe we should still look at making the certificate handling more
robust.

Happy hacking,
-- 
Petter Reinholdtsen




Severity set to 'normal' from 'serious' Request was from Petter Reinholdtsen <pere@hungry.com> to control@bugs.debian.org. (Mon, 26 Apr 2010 19:00:10 GMT) Full text and rfc822 format available.

Changed Bug title to 'LDAP/TLS cert handling problems when "ldap" DNS name already exists' from 'squeeze: LDAP connections using TLS do not work' Request was from Holger Levsen <holger@layer-acht.org> to control@bugs.debian.org. (Thu, 04 Nov 2010 17:48:06 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Fri, 08 Apr 2011 22:03:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 08 Apr 2011 22:03:06 GMT) Full text and rfc822 format available.

Message #29 received at 570773@bugs.debian.org (full text, mbox):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: 570773@bugs.debian.org
Subject: Re: LDAP/TLS cert handling problems when "ldap" DNS name already exists
Date: Fri, 08 Apr 2011 23:24:11 +0200
[Message part 1 (text/plain, inline)]
Hi Petter, hi Holger,

just checked on a fresh tjener install. The LDAP server returned by  
debian-edu-ldapserver is ,,ldap.intern''.

As the FQDN is returned by that script I guess this issue can be  
closed? There has been work on the debian-edu-ldapserver script  
because of the recent Kerberos work.

Greets,
Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Fri, 02 Sep 2011 17:39:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Mike Gabriel <mike.gabriel@das-netzwerkteam.de>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Fri, 02 Sep 2011 17:39:07 GMT) Full text and rfc822 format available.

Message #34 received at 570773@bugs.debian.org (full text, mbox):

From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
To: debian-edu@lists.debian.org
Cc: 570773@bugs.debian.org
Subject: closing #570773
Date: Fri, 02 Sep 2011 19:34:51 +0200
[Message part 1 (text/plain, inline)]
Hi all,

from my perspective #570773 really can be closed... Any objections?

Thanks,
Mike

-- 

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Edu Developers <debian-edu@lists.debian.org>:
Bug#570773; Package debian-edu-config. (Sat, 03 Sep 2011 07:03:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Holger Levsen <holger@layer-acht.org>:
Extra info received and forwarded to list. Copy sent to Debian Edu Developers <debian-edu@lists.debian.org>. (Sat, 03 Sep 2011 07:03:03 GMT) Full text and rfc822 format available.

Message #39 received at 570773@bugs.debian.org (full text, mbox):

From: Holger Levsen <holger@layer-acht.org>
To: control@bugs.debian.org
Cc: 570773@bugs.debian.org
Subject: Re: closing #570773
Date: Sat, 3 Sep 2011 08:58:33 +0200
tags 570773 + pending
thanks

Hi,

On Freitag, 2. September 2011, Mike Gabriel wrote:
> from my perspective #570773 really can be closed... Any objections?

yes. please add an approriate Closes entry in debian/changelog :)


cheers,
	Holger




Added tag(s) pending. Request was from Holger Levsen <holger@layer-acht.org> to control@bugs.debian.org. (Sat, 03 Sep 2011 07:03:07 GMT) Full text and rfc822 format available.

Reply sent to Petter Reinholdtsen <pere@debian.org>:
You have taken responsibility. (Fri, 06 Jan 2012 10:21:08 GMT) Full text and rfc822 format available.

Notification sent to Holger Levsen <holger@layer-acht.org>:
Bug acknowledged by developer. (Fri, 06 Jan 2012 10:21:15 GMT) Full text and rfc822 format available.

Message #46 received at 570773-close@bugs.debian.org (full text, mbox):

From: Petter Reinholdtsen <pere@debian.org>
To: 570773-close@bugs.debian.org
Subject: Bug#570773: fixed in debian-edu-config 1.447
Date: Fri, 06 Jan 2012 10:17:57 +0000
Source: debian-edu-config
Source-Version: 1.447

We believe that the bug you reported is fixed in the latest version of
debian-edu-config, which is due to be installed in the Debian FTP archive:

debian-edu-config-gosa-netgroups_1.447_all.deb
  to main/d/debian-edu-config/debian-edu-config-gosa-netgroups_1.447_all.deb
debian-edu-config_1.447.dsc
  to main/d/debian-edu-config/debian-edu-config_1.447.dsc
debian-edu-config_1.447.tar.gz
  to main/d/debian-edu-config/debian-edu-config_1.447.tar.gz
debian-edu-config_1.447_all.deb
  to main/d/debian-edu-config/debian-edu-config_1.447_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 570773@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Petter Reinholdtsen <pere@debian.org> (supplier of updated debian-edu-config package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 06 Jan 2012 10:39:54 +0100
Source: debian-edu-config
Binary: debian-edu-config debian-edu-config-gosa-netgroups
Architecture: source all
Version: 1.447
Distribution: unstable
Urgency: low
Maintainer: Debian Edu Developers <debian-edu@lists.debian.org>
Changed-By: Petter Reinholdtsen <pere@debian.org>
Description: 
 debian-edu-config - Configuration files for Skolelinux systems
 debian-edu-config-gosa-netgroups - netgroups plugin for GOsa²
Closes: 570773 650366 654023 654024 654529
Changes: 
 debian-edu-config (1.447) unstable; urgency=low
 .
   [ Mike Gabriel ]
   * Fix of usage check in ldap-add-host-to-netgroup script.
   * Search Debian Edu code for ldapsearch statements and remove
     line breaks from DN search results (by piping the output through
     perl -p0e 's/\n //g'). Several ldapsearch commands had their
     output already piped through the named Perl expression, but for a
     few (more recent) scripts this had not been applied yet.
     Closes: #650366.
   * Add LTSP client builder script that removes 70-persistent-net.rules
     from /etc/udev/rules.d.
   * Call gosa-sync-dns-nfs as postcreate, postremove and postmodify hooks
     from GOsa² whenever a GOsa² system is touched.
   * Make the netgroupAccount tab visible for user accounts.
 .
   [ Petter Reinholdtsen ]
   * Add donation link on the start web page.
   * Change Nagios description on the start web page to reflect the
     fact that we now set up predefined password for the nagiosadmin
     user.  This calls for updated translations.
   * Raise trigger point for adding entropy from 100 to 130, and log
     the new pool size after adding entropy.
   * Kill entropy gathering background job when cfengine is done, to
     avoid blocking umount at the end of the installation.
   * Update cfengine rules for iceweasel to ensure created file
     /etc/skel/.mozilla/firefox/profiles.ini is readable by everyone
     and not only the root user.
   * Fix incorrect package name credited for the divert in
     update-iceweasel-homepage.
   * Add cfengine rule to change default start page for iceweasel.  For
     standalone profiles, use http://www.skolelinux.org/, while for all
     other profiles fetch the URL from LDAP the same way the default
     welcome page is fetched from LDAP.  Make sure to use double quotes
     and escape : in shellcommands.  Restructure how cf.iceweasel is
     included to set up default page also on standalone profiles.
     Syslog when the default start page is changed.  Make sure
     everybody can read /etc/iceweasel/browserconfig.properties.
   * Adjust show-welcome-webpage to make sure first time users on
     Standalone profiles also get to see a welcoming web page.  Also
     change it to only fetch page URL from LDAP for Networked profiles,
     to ensure Standalone installations get http://www.skolelinux.org/
     also when booted for the first time in a network where the DNS
     name ldap exist and provide start page information.
   * Add init.d script iceweasel-ldapconf to update Iceweasel default
     start page at boot, to make it possible to update the default by
     rebooting instead of having to reinstall.  Only execute it on
     networked profiles to not change Standalone setups.  Make sure
     init.d/iceweasel-ldapconf do not run on LTSP clients (Closes: #654529).
   * Check that /opt/ltsp/i386/etc/ldap/ssl/ldap-server-pubkey.pem is
     readable by everyone, to detect problem reported by Klaus Ade
     Johnstad.
   * Make sure the /opt/ltsp/i386/etc/ldap/ssl/ldap-server-pubkey.pem
     file is readable by everyone when it is copied in place using the
     fetch-ldap-cert init.d scripts.
   * Make code checking permissions for /etc/resolv.conf report the
     current permission when it is wrong.
   * Add LDAP indexes for zoneName, relativeDomainName and sudoUser to
     avoid warnings in syslog and speed up LDAP searches.
   * Increase LDAP server file descriptor limit from 1024 to 32768,
     to raise the number of clients working out of the box from ~110
     to ~5500.
   * Print something when setting up kerberos, to be able to find
     the script run in the log.
   * Log processes using mount points below /target/ from
     finish-install, to detect leftover processes.  Tried to kill them
     but this seem to kill more than it should.  Report an error if
     there any such processes, while ignoring mount points and paths
     that can not be opened..
   * Move pre-pkgsel code to create localadmin user the
     debian-edu-install package.  Add breaks debian-edu-install (<<
     1.521~svn74617) to ensure a new version of the debian-edu-install
     package is used.
   * Move pre-pkgsel code to pass root password to the kerberos setup
     process to the debian-edu-install package.
   * Fix standalone installation by making sure missing ldap-password
     and kerberos-password templates are ignored in the finish-install
     script.
   * Do not add the localadmin user to the groups audio, video, cdrom,
     floppy and plugdev, as device access should be handled using
     policykit these days.
   * Change mkslapdcert to save the public certificate in
     /etc/ldap/ssl/ldap-server-pubkey.pem to ensure samba and kerberos
     find it when they look for it, and removing the need to download
     it on the main-server at first boot.  This fixes the kerberos
     setup.  Also avoid problem when installing Main-Server via PXE on
     a network with the ldap DNS name defined (Closes: #570773).
   * To reduce the default home directory footprint for users and
     reduce the IO strain on the file server when a classroom full of
     new users log in, reduce the akonadi disk usage by changing the
     mysql innodb log file size from 64 to 4 MiB.
   * debian-edu-ltsp-audiodivert: Drop audacity from diverted audio
     applications as it seem to work with PulseAudio now.  Add FIXME
     to remind us to review the application list regularly.
   * Add new tool gosa-sync-dns-nfs to update DNS from LDAP and
     re-export NFS exports when a host is added to DNS and netgroups.
   * Partly revert NTP change introduced by Mike Gabriel in version
     1.446~svn73330.  Reintroduce local clock on the main-server to
     ensure clients can sync with the main-server even when all the
     machines are disconnected from the Internet.  When they are on the
     Internet, all will sync with pool.ntp.org machines.  Add comment
     in cf.ntp explaining the purpose of the change.
   * Adjust default PXE menu, lift menu entries higher on the screen to
     allow all lines to show on the default screen resolution.
   * Update PXE setup on the Main-Servers first boot, to make sure
     proxy settings show up in /etc/debian-edu/www/debian-edu-install.dat.
   * Quiet down sbin/debian-edu-pxeinstall by removing 'set -x'.  The
     script is working well and do not always need debug output.
   * Avoid editing nsswitch.conf on roaming workstations, as the
     default setup with sssd should be working fine.
   * Remove obsolete readahead tuning code in run-at-first-boot.  We
     no longer use a readahead implementation where it is relevant.
   * Update from Lenny to Squeeze our PXE installation workaround used to
     ensure our updated udebs are used.
   * Fix fallback code for setting up roaming workstations to avoid
     crashing when symlinking our static sssd configuration in place.
   * Test suite:
     - Correct DNS lookup test to find ltsp servers at new FQDN.
     - Extend LDAP server test to verify that search work also before
       flodding the server with LDAP connections.
     - Tried to extend the flood test to use use 33000 connections
       instead of 1200, to test the new limit, but this caused too much
       load, needed too much memory and extending file-max, so the
       change was undone.  Keeping the test to check 1200 connections,
       to ensure the server do not have the original limit on 1024 file
       descriptors.
     - Make sure to increase /proc/sys/fs/file-max before flodding the
       LDAP server with connections, to avoid running out.
     - Extend LDAP server test to report number of connections per
       client.
     - Add kerberos test to check for network services kerberos/udp,
       kpasswd/tcp and kerberos-adm/tcp.
     - Move common test code from individual test scripts to
       /usr/share/debian-edu-config/testsuite-lib.sh.
     - Add DNS test to detect if ldap2zone still send email every hour
       (BTS #653053).
     - Add new test reporting the number of FIXMEs in the
       documentation.
     - Add new test to verify that etckeeper is installed and active.
     - Add LTSP tests to verify that the LTSP chroot is NFS exported
       and working as it should.
     - Remove xfs testsuite test, as xfs is no longer used by
       LTSP clients and will be removed from our task list.
 .
   [ Holger Levsen ]
   * www/index.html.en:
     - add "GOsa²" to all "LDAP administration" strings
     - mention that GOsa² can also be used to add+edit machines.
     - move "local services" section in the right menu above "debian-edu"
       section.
     - improve grammar.
     - improve ordering of local services.
   * www/*.po:
     - update to reflect changes in english source.
     - add "GOsa²" to many "LDAP administration" strings.
     - update german .po file for the "add+edit machines" addition.
   * www/Makefile: accept translations with 70% translation rate (down
     from default 80%).
 .
   [ Petter Reinholdtsen ]
   * www/Makefile: Move translation rate limit to a variable to make it
     easier to change.
   * www/index.html.en: Convert Debian-edu, debian-edu and variations to
     Debian Edu to be consistent with the project documentation and the
     official web pages.
 .
   * Translation updates (from before the last rewrite):
     - Updates for www/zh.po from Andrew Lee (李健秋).
 .
   * Translation updates (after the last rewrite):
     - Updates for www/nb.po from Petter Reinholdtsen.
     - Updates for www/ca.po from Hector Oron (Closes: #654024).
     - Updates for www/es.po from Hector Oron (Closes: #654023).
     - Updates for www/de.po from Jürgen Leibner and Holger Levsen.
     - Updates for www/it.po from Claudio Carboncini.
Checksums-Sha1: 
 3a7edc31009f1f900953950ac29e023cae9b53c6 1447 debian-edu-config_1.447.dsc
 592131794f7aaae601c48cca0b212622a4a6bf70 491585 debian-edu-config_1.447.tar.gz
 686a1dbac6ca630e5d65ee35dbda27896eb4828b 379670 debian-edu-config_1.447_all.deb
 928574b9546edace7b7f9aa1943f414c05ea397a 105748 debian-edu-config-gosa-netgroups_1.447_all.deb
Checksums-Sha256: 
 be317cb2d555ffa3060dbf0125924e1a09ee7a64d4638685c8681eeffe74b844 1447 debian-edu-config_1.447.dsc
 518a92df1d8de58bdb006ed9dc03df694df5dafc54b21ebd15a63dd2ec228e0a 491585 debian-edu-config_1.447.tar.gz
 7fabc7752aec31251270f1516f13d5901babcfbb3959b29f0ad9b3fbbbad2036 379670 debian-edu-config_1.447_all.deb
 d40ab202f05f68db05596b038597c4ca33d62c295f61ef7ea4af749f5dc7f95b 105748 debian-edu-config-gosa-netgroups_1.447_all.deb
Files: 
 18d4eb342e748084161623bfc97a94b8 1447 misc extra debian-edu-config_1.447.dsc
 cdd1470d069438b71113eb9b686e2969 491585 misc extra debian-edu-config_1.447.tar.gz
 b160f1a39b17fb36863e4685e28dac0f 379670 misc extra debian-edu-config_1.447_all.deb
 9d559cefcc07dd82e67d816ce7815e7c 105748 misc extra debian-edu-config-gosa-netgroups_1.447_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFPBseJ20zMSyow1ykRAv1zAKC7+3jrTcK+cKFDXSb5tHzgmbbj5ACgwbrR
W6ukGrmH+3bhpZDQfQetRmw=
=pGp8
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 04 Feb 2012 07:38:34 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 11:49:13 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.