Debian Bug report logs - #598303
tau: CVE-2010-3382: insecure library loading

version graph

Package: tau; Maintainer for tau is Yann Dirson <dirson@debian.org>; Source for tau is src:tau.

Reported by: Raphael Geissert <geissert@debian.org>

Date: Tue, 28 Sep 2010 04:25:09 UTC

Severity: grave

Tags: patch, security

Found in version tau/2.16.4-1.3

Fixed in version tau/2.16.4-1.4

Done: Anibal Monsalve Salazar <anibal@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Tue, 28 Sep 2010 04:25:12 GMT) Full text and rfc822 format available.

Acknowledgement sent to Raphael Geissert <geissert@debian.org>:
New Bug report received and forwarded. Copy sent to Yann Dirson <dirson@debian.org>. (Tue, 28 Sep 2010 04:25:12 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Raphael Geissert <geissert@debian.org>
To: submit@bugs.debian.org
Subject: tau: CVE-2010-3382: insecure library loading
Date: Tue, 28 Sep 2010 04:22:52 +0000
Package: tau
Version: 2.16.4-1.3
Severity: grave
Tags: security
User: team@security.debian.org
Usertags: ldpath

Hello,

During a review of the Debian archive, I've found your package to
contain a script that can be abused by an attacker to execute arbitrary
code.

The vulnerability is introduced by an insecure change to
LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for
libraries on a directory other than the standard paths.

Vulnerable code follows:

/usr/bin/tauex line 197:
export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH

When there's an empty item on the colon-separated list of
LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
If the given script is executed from a directory where a potential,
local, attacker can write files to, there's a chance to exploit this
bug.

This vulnerability has been assigned the CVE id CVE-2010-3382. Please make sure
you mention it when forwarding this report to upstream and when fixing
this bug (everywhere: upstream and here at Debian.)

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3382
[1] http://security-tracker.debian.org/tracker/CVE-2010-3382

Sincerely,
Raphael Geissert




Added tag(s) patch. Request was from Aníbal Monsalve Salazar <anibal@debian.org> to control@bugs.debian.org. (Wed, 06 Oct 2010 10:45:12 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 10:57:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aníbal Monsalve Salazar <anibal@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 10:57:02 GMT) Full text and rfc822 format available.

Message #12 received at 598303@bugs.debian.org (full text, mbox):

From: Aníbal Monsalve Salazar <anibal@debian.org>
To: control@bugs.debian.org
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 10:43:08 +0000
package tau                                                                                                                                                                                                                       
tags 598303 + patch                                                                                                                                                                                                               
stop


debdiff tau_2.16.4-1.3.dsc tau_2.16.4-1.4.dsc | diffstat
 debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff |   59 ++++++++++
 tau-2.16.4/debian/changelog                                          |    9 +
 tau-2.16.4/debian/patches/series                                     |    1 
 3 files changed, 69 insertions(+)

debdiff tau_2.16.4-1.3.dsc tau_2.16.4-1.4.dsc
diff -u tau-2.16.4/debian/changelog tau-2.16.4/debian/changelog
--- tau-2.16.4/debian/changelog
+++ tau-2.16.4/debian/changelog
@@ -1,3 +1,12 @@
+tau (2.16.4-1.4) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix CVE-2010-3382 insecure library loading
+    Add debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
+    Closes: 598303
+
+ -- Anibal Monsalve Salazar <anibal@debian.org>  Wed, 06 Oct 2010 20:55:41 +1100
+
 tau (2.16.4-1.3) unstable; urgency=low
 
   * Non-maintainer upload
diff -u tau-2.16.4/debian/patches/series tau-2.16.4/debian/patches/series
--- tau-2.16.4/debian/patches/series
+++ tau-2.16.4/debian/patches/series
@@ -6,0 +7 @@
+06-598303-CVE-2010-3382-insecure-library-loading.diff
only in patch2:
unchanged:
--- tau-2.16.4.orig/debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
+++ tau-2.16.4/debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
@@ -0,0 +1,59 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3382
+http://security-tracker.debian.org/tracker/CVE-2010-3382
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598303
+
+Raphael Geissert have found that this package contains a script that
+can be abused by an attacker to execute arbitrary code.
+
+The vulnerability is introduced by an insecure change to
+LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for
+libraries on a directory other than the standard paths.
+
+Vulnerable code follows:
+
+/usr/bin/tauex line 197:
+export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH
+
+When there's an empty item on the colon-separated list of
+LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
+If the given script is executed from a directory where a potential,
+local, attacker can write files to, there's a chance to exploit this
+bug.
+
+Patch by Anibal Monsalve Salazar <anibal@debian.org>
+
+--- a/tools/src/tauex.in	2007-05-19 09:04:55.000000000 +1000
++++ b/tools/src/tauex.in	2010-10-06 19:03:38.000000000 +1100
+@@ -194,7 +194,31 @@ for c in $Counters ; do 
+ done
+ 
+ 
+-export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH
++add_dir()
++{
++    local dir
++    dir="$1";
++
++    if [ -n "$dir" ]
++    then
++        case "$LD_LIBRARY_PATH" in
++            "$dir"|"$dir":*|*:"$dir"|*:"$dir":*)
++                # already already_in $LD_LIBRARY_PATH
++                ;;
++            "")
++                # $LD_LIBRARY_PATH is empty, don't add a separator
++                LD_LIBRARY_PATH="$dir"
++                ;;
++            *)
++                # add $dir
++                LD_LIBRARY_PATH="$dir":"$LD_LIBRARY_PATH"
++                ;;
++        esac
++    fi
++    echo "$LD_LIBRARY_PATH"
++}
++
++export LD_LIBRARY_PATH="$( add_dir "$TAUROOT/$TAUARCH/lib/$theBinding" )"
+ 
+ if [ $verbose = "true" ] ; then
+     echo "Matching bindings: $bindings"




Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 11:12:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Julien Cristau <jcristau@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 11:12:02 GMT) Full text and rfc822 format available.

Message #17 received at 598303@bugs.debian.org (full text, mbox):

From: Julien Cristau <jcristau@debian.org>
To: Aníbal Monsalve Salazar <anibal@debian.org>, 598303@bugs.debian.org
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 13:09:07 +0200
[Message part 1 (text/plain, inline)]
On Wed, Oct  6, 2010 at 10:43:08 +0000, Aníbal Monsalve Salazar wrote:

> +--- a/tools/src/tauex.in	2007-05-19 09:04:55.000000000 +1000
> ++++ b/tools/src/tauex.in	2010-10-06 19:03:38.000000000 +1100
> +@@ -194,7 +194,31 @@ for c in $Counters ; do 
> + done
> + 
> + 
> +-export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH
> ++add_dir()
> ++{
> ++    local dir
> ++    dir="$1";
> ++
> ++    if [ -n "$dir" ]
> ++    then
> ++        case "$LD_LIBRARY_PATH" in
> ++            "$dir"|"$dir":*|*:"$dir"|*:"$dir":*)
> ++                # already already_in $LD_LIBRARY_PATH
> ++                ;;
> ++            "")
> ++                # $LD_LIBRARY_PATH is empty, don't add a separator
> ++                LD_LIBRARY_PATH="$dir"
> ++                ;;
> ++            *)
> ++                # add $dir
> ++                LD_LIBRARY_PATH="$dir":"$LD_LIBRARY_PATH"
> ++                ;;
> ++        esac
> ++    fi
> ++    echo "$LD_LIBRARY_PATH"
> ++}
> ++
> ++export LD_LIBRARY_PATH="$( add_dir "$TAUROOT/$TAUARCH/lib/$theBinding" )"
> + 
> + if [ $verbose = "true" ] ; then
> +     echo "Matching bindings: $bindings"
> 
Yay overengineering.

What's wrong with a simple
export LD_LIBRARY_PATH="$TAUROOT/$TAUARCH/lib/$thebinding${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
?

Cheers,
Julien
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 11:39:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aníbal Monsalve Salazar <anibal@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 11:39:08 GMT) Full text and rfc822 format available.

Message #22 received at 598303@bugs.debian.org (full text, mbox):

From: Aníbal Monsalve Salazar <anibal@debian.org>
To: Julien Cristau <jcristau@debian.org>
Cc: Aníbal Monsalve Salazar <anibal@debian.org>, 598303@bugs.debian.org
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 11:37:15 +0000
[Message part 1 (text/plain, inline)]
> Yay overengineering.
> 
> What's wrong with a simple
> export LD_LIBRARY_PATH="$TAUROOT/$TAUARCH/lib/$thebinding${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
> ?

In the general case where you have a $foo before
${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
the result is not good if $foo is empty.

See for example:

set -x
LD_LIBRARY_PATH="/lib"; LD_LIBRARY_PATH="$foo${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
+ LD_LIBRARY_PATH=/lib
+ LD_LIBRARY_PATH=:/lib
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 11:42:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Julien Cristau <jcristau@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 11:42:05 GMT) Full text and rfc822 format available.

Message #27 received at 598303@bugs.debian.org (full text, mbox):

From: Julien Cristau <jcristau@debian.org>
To: Aníbal Monsalve Salazar <anibal@debian.org>
Cc: 598303@bugs.debian.org
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 13:40:51 +0200
[Message part 1 (text/plain, inline)]
On Wed, Oct  6, 2010 at 11:37:15 +0000, Aníbal Monsalve Salazar wrote:

> > Yay overengineering.
> > 
> > What's wrong with a simple
> > export LD_LIBRARY_PATH="$TAUROOT/$TAUARCH/lib/$thebinding${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
> > ?
> 
> In the general case where you have a $foo before
> ${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
> the result is not good if $foo is empty.
> 
> See for example:
> 
> set -x
> LD_LIBRARY_PATH="/lib"; LD_LIBRARY_PATH="$foo${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
> + LD_LIBRARY_PATH=/lib
> + LD_LIBRARY_PATH=:/lib

This makes absolutely no sense.  "$TAUROOT/$TAUARCH/lib/$thebinding is
not empty.

Cheers,
Julien
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 11:57:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aníbal Monsalve Salazar <anibal@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 11:57:03 GMT) Full text and rfc822 format available.

Message #32 received at 598303@bugs.debian.org (full text, mbox):

From: Aníbal Monsalve Salazar <anibal@debian.org>
To: Julien Cristau <jcristau@debian.org>
Cc: 598303@bugs.debian.org
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 11:53:08 +0000
[Message part 1 (text/plain, inline)]
On Wed, Oct 06, 2010 at 01:40:51PM +0200, Julien Cristau wrote:
>This makes absolutely no sense.  "$TAUROOT/$TAUARCH/lib/$thebinding is
>not empty.

I know that.

I was talking about a general case where you have just one variable.

See the end of
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598549#35
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Yann Dirson <dirson@debian.org>:
Bug#598303; Package tau. (Wed, 06 Oct 2010 23:27:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Aníbal Monsalve Salazar <anibal@debian.org>:
Extra info received and forwarded to list. Copy sent to Yann Dirson <dirson@debian.org>. (Wed, 06 Oct 2010 23:27:03 GMT) Full text and rfc822 format available.

Message #37 received at 598303@bugs.debian.org (full text, mbox):

From: Aníbal Monsalve Salazar <anibal@debian.org>
To: 598303@bugs.debian.org
Cc: Julien Cristau <jcristau@debian.org>
Subject: Re: Bug#598303: tau: CVE-2010-3382: insecure library loading
Date: Wed, 6 Oct 2010 23:23:44 +0000
[Message part 1 (text/plain, inline)]
A new patchset is below.

debdiff tau_2.16.4-1.3.dsc tau_2.16.4-1.4.dsc | diffstat
 debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff |   35 ++++++++++
 tau-2.16.4/debian/changelog                                          |    9 ++
 tau-2.16.4/debian/patches/series                                     |    1 
 3 files changed, 45 insertions(+)

debdiff tau_2.16.4-1.3.dsc tau_2.16.4-1.4.dsc
diff -u tau-2.16.4/debian/changelog tau-2.16.4/debian/changelog
--- tau-2.16.4/debian/changelog
+++ tau-2.16.4/debian/changelog
@@ -1,3 +1,12 @@
+tau (2.16.4-1.4) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fix CVE-2010-3382 insecure library loading
+    Add debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
+    Closes: 598303
+
+ -- Anibal Monsalve Salazar <anibal@debian.org>  Wed, 06 Oct 2010 20:55:41 +1100
+
 tau (2.16.4-1.3) unstable; urgency=low
 
   * Non-maintainer upload
diff -u tau-2.16.4/debian/patches/series tau-2.16.4/debian/patches/series
--- tau-2.16.4/debian/patches/series
+++ tau-2.16.4/debian/patches/series
@@ -6,0 +7 @@
+06-598303-CVE-2010-3382-insecure-library-loading.diff
only in patch2:
unchanged:
--- tau-2.16.4.orig/debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
+++ tau-2.16.4/debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
@@ -0,0 +1,35 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3382
+http://security-tracker.debian.org/tracker/CVE-2010-3382
+http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598303
+
+Raphael Geissert have found that this package contains a script that
+can be abused by an attacker to execute arbitrary code.
+
+The vulnerability is introduced by an insecure change to
+LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for
+libraries on a directory other than the standard paths.
+
+Vulnerable code follows:
+
+/usr/bin/tauex line 197:
+export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH
+
+When there's an empty item on the colon-separated list of
+LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
+If the given script is executed from a directory where a potential,
+local, attacker can write files to, there's a chance to exploit this
+bug.
+
+Patch by Julien Cristau <jcristau@debian.org>
+
+--- a/tools/src/tauex.in	2007-05-19 09:04:55.000000000 +1000
++++ b/tools/src/tauex.in	2010-10-06 19:03:38.000000000 +1100
+@@ -194,7 +194,7 @@ for c in $Counters ; do 
+ done
+ 
+ 
+-export LD_LIBRARY_PATH=$TAUROOT/$TAUARCH/lib/$theBinding:$LD_LIBRARY_PATH
++export LD_LIBRARY_PATH="$TAUROOT/$TAUARCH/lib/$thebinding${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
+ 
+ if [ $verbose = "true" ] ; then
+     echo "Matching bindings: $bindings"
[signature.asc (application/pgp-signature, inline)]

Reply sent to Anibal Monsalve Salazar <anibal@debian.org>:
You have taken responsibility. (Thu, 07 Oct 2010 01:21:03 GMT) Full text and rfc822 format available.

Notification sent to Raphael Geissert <geissert@debian.org>:
Bug acknowledged by developer. (Thu, 07 Oct 2010 01:21:03 GMT) Full text and rfc822 format available.

Message #42 received at 598303-close@bugs.debian.org (full text, mbox):

From: Anibal Monsalve Salazar <anibal@debian.org>
To: 598303-close@bugs.debian.org
Subject: Bug#598303: fixed in tau 2.16.4-1.4
Date: Thu, 07 Oct 2010 01:17:11 +0000
Source: tau
Source-Version: 2.16.4-1.4

We believe that the bug you reported is fixed in the latest version of
tau, which is due to be installed in the Debian FTP archive:

python-tau_2.16.4-1.4_mipsel.deb
  to main/t/tau/python-tau_2.16.4-1.4_mipsel.deb
tau-examples_2.16.4-1.4_all.deb
  to main/t/tau/tau-examples_2.16.4-1.4_all.deb
tau-racy_2.16.4-1.4_all.deb
  to main/t/tau/tau-racy_2.16.4-1.4_all.deb
tau_2.16.4-1.4.diff.gz
  to main/t/tau/tau_2.16.4-1.4.diff.gz
tau_2.16.4-1.4.dsc
  to main/t/tau/tau_2.16.4-1.4.dsc
tau_2.16.4-1.4_mipsel.deb
  to main/t/tau/tau_2.16.4-1.4_mipsel.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 598303@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Anibal Monsalve Salazar <anibal@debian.org> (supplier of updated tau package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 06 Oct 2010 20:55:41 +1100
Source: tau
Binary: tau tau-racy python-tau tau-examples
Architecture: source all mipsel
Version: 2.16.4-1.4
Distribution: unstable
Urgency: low
Maintainer: Yann Dirson <dirson@debian.org>
Changed-By: Anibal Monsalve Salazar <anibal@debian.org>
Description: 
 python-tau - Tuning and Analysis Utilities - support for python bindings
 tau        - Tuning and Analysis Utilities - base profiling toolkit
 tau-examples - Tuning and Analysis Utilities - examples
 tau-racy   - Tuning and Analysis Utilities - Tcl/tk profiler GUI
Closes: 598303
Changes: 
 tau (2.16.4-1.4) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Fix CVE-2010-3382 insecure library loading
     Add debian/patches/06-598303-CVE-2010-3382-insecure-library-loading.diff
     Closes: 598303
Checksums-Sha1: 
 591d069f2a7f96e5323e0bd23f6804dc83f98b02 1706 tau_2.16.4-1.4.dsc
 0bc14f478887e8d44c260c97e8ac8cd80e4e8bc3 15225 tau_2.16.4-1.4.diff.gz
 95fa9b058fc93687625f473a5ac5aec1ba41ca43 110926 tau-racy_2.16.4-1.4_all.deb
 38d94b961b142777a48d58bfe3a65c0c967c2a81 140708 tau-examples_2.16.4-1.4_all.deb
 bef3c60990df378f5e02daa200d00894185c2f08 411082 tau_2.16.4-1.4_mipsel.deb
 e1d99b54b5146224e3e07d315e7a8db62ce7b626 31122 python-tau_2.16.4-1.4_mipsel.deb
Checksums-Sha256: 
 fc8a73b7ca43f5e952ec2b3e3b99d3d168b47b8514a50c2ab814d38902445d42 1706 tau_2.16.4-1.4.dsc
 a34f6d861d30aca6c84c72670d851e8c55946b4f0e1d89a46bb5ec5dbcf34e75 15225 tau_2.16.4-1.4.diff.gz
 b441d8f62cbd620ed62c4da2c3230dc21d7eca325cae49b1d724c45bd7cb5fe4 110926 tau-racy_2.16.4-1.4_all.deb
 d7a916c8e08f8ffac437e795d5662a07349d6b2c15d1b03206a1748b640bf2e4 140708 tau-examples_2.16.4-1.4_all.deb
 5b872f311316b3643451f69aa57be5f5bb9c8292b8f01d498d35f91918eebdd8 411082 tau_2.16.4-1.4_mipsel.deb
 3db8b2f80da2f0f5156f6f14e9a0f39c44d41e1a6ad030766c8f182fadc0cb18 31122 python-tau_2.16.4-1.4_mipsel.deb
Files: 
 7722eaa2960d2666bd9f4567f220fd74 1706 devel optional tau_2.16.4-1.4.dsc
 f31d7baa5458c1394b6ba73382c80f33 15225 devel optional tau_2.16.4-1.4.diff.gz
 d7e267b83726099dd117055986a44210 110926 devel optional tau-racy_2.16.4-1.4_all.deb
 80cb6c2b589a708b744fd66db249d115 140708 devel optional tau-examples_2.16.4-1.4_all.deb
 d73d5fd45cedaed5c32efb27464a4fd2 411082 devel optional tau_2.16.4-1.4_mipsel.deb
 777c652a984dc9224171e13d7db907d6 31122 python optional python-tau_2.16.4-1.4_mipsel.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQIcBAEBCAAGBQJMrR08AAoJEHxWrP6UeJfYTuMQAJGgKR9FIohkUjUdUFuG03X2
YUpu6m+xr7Es9pZ7pj3UCrn0kb4Gs6I3ItxxWAo/V+BLtFkOeE6yCzazkyqGC61e
ZD/tiqbdvwDVevDxzPAO7uKdi/YNp5YBnLP6yKWTihVNJznth/2HxNuOTB9DHr0S
e/NDjrjbBz8bHQokT5W4f99xm9fcbVtVFzyvv1m98VKKwnEegVP9dBgaUxan5qGj
bm8nRRBXxyhRRhOLdthE9saz4dHtmzgri5YLF+zhlCuEwEyizNfw2jFY8bB4MNeQ
Dq+jNqzAAGSuyitNNhI6FdlMOFUyj548mVH+DDv9MU9JgSXbbHkFMJYix5r7rBJQ
jyod+Cc71SkzLjewkfOmS9CmcWmbdZE/k1suGm3qjxK/6Pkrk35CneBnbmIWu6N/
FUJ2RYUdq9bXljCub59nxwEQH0m+uK6b3HbG7hpO+KtVVnf1flo0bfiz7XCZYSb6
BsOUQe8oM6PxOzsyTg41PCv+jzeevWgnupdlBp/VF9O+6hBeEBuZYXhnkOJSAgxQ
DMc/9FZ9Aoj/SLKAFNvLHGGK7zLwwVaE4JYz2KBqNYhTauwnPtW+qtKmgdRtV+Bo
5fd2OtdHdsaDkjgcwX9s7a3GpWdgM3yAnxbqRcuE46UPXk66scCQmphaODb+O5AA
WNwmpZZQgonfoF5bG9Qr
=Jfg/
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 14 Nov 2010 07:30:06 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 03:05:37 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.