Debian Bug report logs - #924398
corekeeper can be confused with whitespace in exectuable names

version graph

Package: corekeeper; Maintainer for corekeeper is Paul Wise <pabs@debian.org>; Source for corekeeper is src:corekeeper (PTS, buildd, popcon).

Reported by: Jakub Wilk <jwilk@jwilk.net>

Date: Tue, 12 Mar 2019 14:54:04 UTC

Severity: normal

Tags: patch, security

Found in version corekeeper/1.6

Fixed in versions corekeeper/1.7, corekeeper/1.7~deb9u1

Done: Paul Wise <pabs@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, jwilk@jwilk.net, Paul Wise <pabs@debian.org>:
Bug#924398; Package corekeeper. (Tue, 12 Mar 2019 14:54:06 GMT) (full text, mbox, link).


Message #3 received at submit@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@jwilk.net>
To: submit@bugs.debian.org
Subject: corekeeper can be confused with whitespace in exectuable names
Date: Tue, 12 Mar 2019 15:50:43 +0100
Package: corekeeper
Version: 1.6
Tags: security

(I reported this privately in 2016...)

/usr/lib/corekeeper/dump does this:

  # Check how many arguments the kernel sent us.
  if [ $# -eq 2 ] ; then
  	# Awww, old kernel that does not support %d
  	# Cannot set the core file owner safely, use root
  	# See v3.6-6800-g12a2b4b in linux.git for more info
  	uid="$1"
  	core="$2"
  	owner="0"
  elif [ $# -eq 3 ] ; then
  	# Yay! A kernel that does support %d
  	uid="$2"
  	core="$3"
  	owner="$2"
  	# Set the core file owner safely
  	if [ $1 -eq 2 ] ; then
  		owner="0"
  	fi
  else
  	# Something is majorly broken.
  	echo "This script should be run with three arguments and a core file on stdin" 1>&2
  	exit 1
  fi

The majorly broken thing is, unfortunately, the Linux kernel. It does 
argument splitting only _after_ it expanded the macros. If the 
executable name contains spaces, you will get more than 2 or 3 
arguments. On kernels that don't support %d, this allows an attacker to 
control the "owner" variable.

-- 
Jakub Wilk



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Wed, 13 Mar 2019 00:57:03 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Wed, 13 Mar 2019 00:57:03 GMT) (full text, mbox, link).


Message #8 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: Jakub Wilk <jwilk@jwilk.net>, 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Wed, 13 Mar 2019 08:54:26 +0800
[Message part 1 (text/plain, inline)]
On Tue, 2019-03-12 at 15:50 +0100, Jakub Wilk wrote:

> The majorly broken thing is, unfortunately, the Linux kernel.
> It does argument splitting only _after_ it expanded the macros.

I think that this is a bug in the Linux kernel that needs to be fixed,
would you mind sending either a bug or a patch for this issue?

> If the executable name contains spaces, you will get more than 2 or 3 
> arguments. On kernels that don't support %d, this allows an attacker to 
> control the "owner" variable.

I think I can workaround this using this core pattern:

kernel.core_pattern = |/usr/lib/corekeeper/dump %u %d -- %p-%u-%g-%s-%t-%h-%E.core

For old kernels this will be run:

/usr/lib/corekeeper/dump 1000 -- ...!file name.core

For new kernels this will be run:

/usr/lib/corekeeper/dump 1000 1 -- ...!file name.core

Then the code will simply check for -- in $2 and $3 instead of checking
for the number of arguments and bundle the remaining arguments into the
core file name.

Do you think this approach will work correctly?

PS: do you think spaces in the filenames passed by the kernel
should also be replaced with dashes in the core file names?

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Wed, 13 Mar 2019 06:24:02 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Wed, 13 Mar 2019 06:24:02 GMT) (full text, mbox, link).


Message #13 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: 924398@bugs.debian.org, Jakub Wilk <jwilk@jwilk.net>
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Wed, 13 Mar 2019 14:21:51 +0800
[Message part 1 (text/plain, inline)]
Control: tags -1 + patch

On Wed, 13 Mar 2019 08:54:26 +0800 Paul Wise wrote:

> Then the code will simply check for -- in $2 and $3 instead of checking
> for the number of arguments and bundle the remaining arguments into the
> core file name.

I've attached the updated dump script and patch, please review it.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[0002-Handle-older-versions-of-the-Linux-kernel-in-a-safer.patch (text/x-patch, attachment)]
[dump (application/x-shellscript, attachment)]
[signature.asc (application/pgp-signature, inline)]

Added tag(s) patch. Request was from Paul Wise <pabs@debian.org> to 924398-submit@bugs.debian.org. (Wed, 13 Mar 2019 06:24:02 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Wed, 13 Mar 2019 06:24:05 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Wed, 13 Mar 2019 06:24:05 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org, Paul Wise <pabs@debian.org>:
Bug#924398; Package corekeeper. (Wed, 13 Mar 2019 15:45:02 GMT) (full text, mbox, link).


Message #23 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@jwilk.net>
To: 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Wed, 13 Mar 2019 16:41:02 +0100
* Paul Wise <pabs@debian.org>, 2019-03-13, 08:54:
>>The majorly broken thing is, unfortunately, the Linux kernel. It does 
>>argument splitting only _after_ it expanded the macros.
>
>I think that this is a bug in the Linux kernel that needs to be fixed, 
>would you mind sending either a bug or a patch for this issue?

Yes, I think this is something that should be ultimately fixed on the 
kernel side.

I looked briefly at the source (fs/coredump.c, grep for 
"format_corename" and "argv_split"), but unfortunately it's not trivial 
to fix. I'm afraid my kernel fu is too weak to write a patch.

I might file a bug at some point, but feel free to beat me to it. :-)

>>If the executable name contains spaces, you will get more than 2 or 3 
>>arguments. On kernels that don't support %d, this allows an attacker 
>>to control the "owner" variable.

On a second thought, the faked owner would always start with pid, uid, 
gid and so on... There's not much damage you could do this way. The 
worst you could is to pollute /var/crash with bogus root-owned 
directories.

>I think I can workaround this using this core pattern:
>
>kernel.core_pattern = |/usr/lib/corekeeper/dump %u %d -- %p-%u-%g-%s-%t-%h-%E.core

The core pattern and the dump executable will be out-of-sync at least 
for a brief moment during upgrade (possibly much longer if the user 
modified the conffile and kept the old one on upgrade), so it's 
desirable to keep the original order of arguments.

We could append or prepend a character to %d to make sure the argument 
won't disappear after %-expansion, for example:

  |/usr/lib/corekeeper/dump +%d %u %p-%u-%g-%s-%t-%h-%E.core

Keeping the number of arguments (almost) constant should also make 
parsing easier.

-- 
Jakub Wilk



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Fri, 15 Mar 2019 05:00:03 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Fri, 15 Mar 2019 05:00:03 GMT) (full text, mbox, link).


Message #28 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: 924398@bugs.debian.org, Jakub Wilk <jwilk@jwilk.net>
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Fri, 15 Mar 2019 12:56:22 +0800
[Message part 1 (text/plain, inline)]
On Wed, 13 Mar 2019 16:41:02 +0100 Jakub Wilk wrote:

> We could append or prepend a character to %d to make sure the argument 
> won't disappear after %-expansion, for example:

I decided to just check if the arguments are integers, attached the patch.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[0002-Handle-older-versions-of-the-Linux-kernel-in-a-safer.patch (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Paul Wise <pabs@debian.org>:
Bug#924398; Package corekeeper. (Fri, 15 Mar 2019 22:39:03 GMT) (full text, mbox, link).


Message #31 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@jwilk.net>
To: 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Fri, 15 Mar 2019 23:35:51 +0100
[Message part 1 (text/plain, inline)]
* Paul Wise <pabs@debian.org>, 2019-03-15, 12:56:
>I decided to just check if the arguments are integers, attached the 
>patch.

I like the idea, but how about the attached patch instead?

It's less repetitive, the diff is smaller, and it's hopefully slightly 
easier to understand.

-- 
Jakub Wilk
[corekeeper-count-num-args.diff (text/x-diff, attachment)]

Information forwarded to debian-bugs-dist@lists.debian.org, Paul Wise <pabs@debian.org>:
Bug#924398; Package corekeeper. (Fri, 15 Mar 2019 22:51:02 GMT) (full text, mbox, link).


Message #34 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@jwilk.net>
To: 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Fri, 15 Mar 2019 23:46:33 +0100
* Jakub Wilk <jwilk@jwilk.net>, 2019-03-15, 23:35:
>+for arg; do
>+       case "$1" in

Ooops, that should be "$arg", not "$1".

BTW, what is the uid variable for? It's not used anywhere...

-- 
Jakub Wilk



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Sat, 16 Mar 2019 06:39:03 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Sat, 16 Mar 2019 06:39:03 GMT) (full text, mbox, link).


Message #39 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: Jakub Wilk <jwilk@jwilk.net>, 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Sat, 16 Mar 2019 14:34:52 +0800
[Message part 1 (text/plain, inline)]
On Fri, 2019-03-15 at 23:35 +0100, Jakub Wilk wrote:

> I like the idea, but how about the attached patch instead?

I prefer mine because it ensures the first argument is always numeric. 

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Sat, 16 Mar 2019 06:42:03 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Sat, 16 Mar 2019 06:42:03 GMT) (full text, mbox, link).


Message #44 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: Jakub Wilk <jwilk@jwilk.net>, 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Sat, 16 Mar 2019 14:38:19 +0800
[Message part 1 (text/plain, inline)]
On Fri, 2019-03-15 at 23:46 +0100, Jakub Wilk wrote:

> BTW, what is the uid variable for? It's not used anywhere...

Not sure, it was there in the initial script but was never used.

Anyways, I've removed it in my wip branch:

https://salsa.debian.org/pabs/corekeeper/commits/wip
https://salsa.debian.org/debian/corekeeper

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Paul Wise <pabs@debian.org>:
Bug#924398; Package corekeeper. (Sat, 16 Mar 2019 10:45:02 GMT) (full text, mbox, link).


Message #47 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@jwilk.net>
To: 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Sat, 16 Mar 2019 11:40:16 +0100
* Paul Wise <pabs@debian.org>, 2019-03-16, 14:34:
>>I like the idea, but how about the attached patch instead?
>I prefer mine because it ensures the first argument is always numeric.

Mine does it too, unless I'm missing something.

If the first argument wasn't numeric, numargs would be 0, and then the 
"Something is majorly broken" path would be taken.

-- 
Jakub Wilk



Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#924398; Package corekeeper. (Tue, 19 Mar 2019 06:36:03 GMT) (full text, mbox, link).


Acknowledgement sent to Paul Wise <pabs@debian.org>:
Extra info received and forwarded to list. (Tue, 19 Mar 2019 06:36:03 GMT) (full text, mbox, link).


Message #52 received at 924398@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: 924398@bugs.debian.org
Subject: Re: Bug#924398: corekeeper can be confused with whitespace in executable names
Date: Tue, 19 Mar 2019 14:32:52 +0800
[Message part 1 (text/plain, inline)]
On Sat, 16 Mar 2019 11:40:16 +0100 Jakub Wilk wrote: 

> Mine does it too, unless I'm missing something.
> 
> If the first argument wasn't numeric, numargs would be 0, and then the 
> "Something is majorly broken" path would be taken.

Ack. Due to #924717 I'm now thinking of a different approach that will
work with both issues and need a new core pattern, but I'll use your
solution for the situation where the old core pattern is in use.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

[signature.asc (application/pgp-signature, inline)]

Added tag(s) pending. Request was from Paul Wise <pabs@debian.org> to control@bugs.debian.org. (Mon, 15 Apr 2019 23:51:02 GMT) (full text, mbox, link).


Reply sent to Paul Wise <pabs@debian.org>:
You have taken responsibility. (Sun, 12 May 2019 03:36:05 GMT) (full text, mbox, link).


Notification sent to Jakub Wilk <jwilk@jwilk.net>:
Bug acknowledged by developer. (Sun, 12 May 2019 03:36:05 GMT) (full text, mbox, link).


Message #59 received at 924398-close@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: 924398-close@bugs.debian.org
Subject: Bug#924398: fixed in corekeeper 1.7
Date: Sun, 12 May 2019 03:33:29 +0000
Source: corekeeper
Source-Version: 1.7

We believe that the bug you reported is fixed in the latest version of
corekeeper, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 924398@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Paul Wise <pabs@debian.org> (supplier of updated corekeeper package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 04 May 2019 14:53:44 +0800
Source: corekeeper
Architecture: source
Version: 1.7
Distribution: unstable
Urgency: medium
Maintainer: Paul Wise <pabs@debian.org>
Changed-By: Paul Wise <pabs@debian.org>
Closes: 924397 924398
Changes:
 corekeeper (1.7) unstable; urgency=medium
 .
   * Do not use a world-writable /var/crash with the dumper script
     and fix the permissions on upgrade as dpkg doesn't do that.
     (Closes: #924397) (See-also: #515211)
   * Handle older versions of the Linux kernel in a safer way
     (Closes: #924398)
   * Harden ownership determination and core file names
   * Do not truncate core names for executables with spaces
   * Update VCS URLs from alioth to salsa
Checksums-Sha1:
 92af0ea48086f93371afdeec82e3168ea7868188 1535 corekeeper_1.7.dsc
 178dc81ae008210bb9623fb0838ff87844630da7 6124 corekeeper_1.7.tar.xz
Checksums-Sha256:
 c6369fba3a211a145c8afecb6c6e761670d44bbf751849622fc584ec0e446f31 1535 corekeeper_1.7.dsc
 353dbcc4ae320ed1cc415f8cc0971e9d559e9be3e4afdf56c860216b99d75a48 6124 corekeeper_1.7.tar.xz
Files:
 3fa5bad85732792ceefdc5a9e6389c9f 1535 admin extra corekeeper_1.7.dsc
 65f9483e5ea428c7d29945fe42338979 6124 admin extra corekeeper_1.7.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAlzXkx0ACgkQMRa6Xp/6
aaMprw/+IoiXiA5covM6vgK2NAe6iiAn6T8jItXt8pqdT9zltFXW2ukPVgMUoWSN
IfQ72M8CuP4WH3zvse33LVBk+kb1f07h0amQQAAnOhFA4qWsLpQTxwoBQEyT6Ukw
iWiXnWJEOEvwkGCOtJ6d6z0XL+GNJmkAKaqkXd4lyxLBzORkZlNt54QQDlDQy/kY
nw/sgKE/qQxXrdetMOL40fW/fZrSiMdeSjNxbiC5rsZsAfGEG4hPB1h9g2+kLoRE
q6vpgmrO9VtSYCall7FsGSixwtOA3Y321RujEEG+NhfPgWs4H6XLz0DqeFfdtdNh
pNS58+kvQHQZTfkOGYgOGaIG8RILniF7/O/5rZtizJKBx0zkQ4R99NLhjkhosLzV
gaqnv8s375g5qe+7O0jdRiJXPg5s5CYa0NLlSe310xLSdfgSCejfl9ba5Uwr2ATU
Tj1uBMce5Df8vVdcitp+ETeWtJRFbYqBvwwAOkDLtj2eBeH60cKT0KqKRVQkw4Ta
zKuMACePp7Zbg6PGscA1oQlkaNJupEQ7SXYB1tGhFl86PSSoqE7Sw2cojfe7mi09
0yUnofc60P/qqQnfIjcreMSbRfd/GLUlDqDkCMle/d5bWY3oU9Zx5e9CDhnyX0rK
fRZqGRRzmUgLHw95I7X7D6Ddyvghxfz3EVMdBohjS7rzTmxhwkk=
=tX2/
-----END PGP SIGNATURE-----




Reply sent to Paul Wise <pabs@debian.org>:
You have taken responsibility. (Sat, 08 Jun 2019 17:36:09 GMT) (full text, mbox, link).


Notification sent to Jakub Wilk <jwilk@jwilk.net>:
Bug acknowledged by developer. (Sat, 08 Jun 2019 17:36:10 GMT) (full text, mbox, link).


Message #64 received at 924398-close@bugs.debian.org (full text, mbox, reply):

From: Paul Wise <pabs@debian.org>
To: 924398-close@bugs.debian.org
Subject: Bug#924398: fixed in corekeeper 1.7~deb9u1
Date: Sat, 08 Jun 2019 17:32:08 +0000
Source: corekeeper
Source-Version: 1.7~deb9u1

We believe that the bug you reported is fixed in the latest version of
corekeeper, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 924398@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Paul Wise <pabs@debian.org> (supplier of updated corekeeper package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 20 May 2019 11:55:22 +0800
Source: corekeeper
Architecture: source
Version: 1.7~deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Paul Wise <pabs@debian.org>
Changed-By: Paul Wise <pabs@debian.org>
Closes: 924397 924398
Changes:
 corekeeper (1.7~deb9u1) stretch; urgency=medium
 .
   * Backport security hardening fixes to stretch
 .
 corekeeper (1.7) unstable; urgency=medium
 .
   * Do not use a world-writable /var/crash with the dumper script
     and fix the permissions on upgrade as dpkg doesn't do that.
     (Closes: #924397) (See-also: #515211)
   * Handle older versions of the Linux kernel in a safer way
     (Closes: #924398)
   * Harden ownership determination and core file names
   * Do not truncate core names for executables with spaces
   * Update VCS URLs from alioth to salsa
Checksums-Sha1:
 15ed8511ee60739f69e18990ce10087ec161df3d 1563 corekeeper_1.7~deb9u1.dsc
 8c7ed3adcb277590cd17501e46383387f978c440 6096 corekeeper_1.7~deb9u1.tar.xz
Checksums-Sha256:
 3d22d4a11bbf539165715a1379570c095d2edc8b254cf534ce599e808390c35d 1563 corekeeper_1.7~deb9u1.dsc
 01cc3e48abec174138b2e13e2b9a2be64426ec67f17cc5a450ee9a4b5ed3f404 6096 corekeeper_1.7~deb9u1.tar.xz
Files:
 68bbb194d76e95bdfab84c4322e1e4b9 1563 admin extra corekeeper_1.7~deb9u1.dsc
 1b0801e2a9dc3e5869b1221e00190f1e 6096 admin extra corekeeper_1.7~deb9u1.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEYQsotVz8/kXqG1Y7MRa6Xp/6aaMFAlz115oACgkQMRa6Xp/6
aaOsSQ//VANYFOzVHj2fhCMbbZuyXUOljYO9bLU1mz3H8yJz5W+0kb6DBpeRsPns
UqvkVqay/t5w9ESNO2IKTHQk/6Uq+SGKgX/6sZEr3eudjAjbHSxxNk3aobrdqojp
71pn648yGRGEV2KnXzDoT//jlnw+n4yJtsZCUZi4pz8BywS5CzqQn/FDueBKywIR
oPtMY8gb0gDQF6mPOZCq2PySuydDwE7gE18EFfotm1swHCwqp+KRs/qHeHllxV/x
clnqtMP8OGDxdcBko3PWSdCRWTyxm7/qlgH3GMvhe4yRnem3+N+OL3XjC1cr7S6w
B1ZJTUnMYh3jurSAsGucS/Cqbq67d8skOF6u9IsgIQ5RPJD2vIgmFSA3n3+VNb7m
O5ozeRv6H3ErVNTnlBVnv0AACtD1mtO5lI9GOADpcHyxEAzeFvhGD7EeBfySZutU
FeZvrlej1Y8G4MsmceICif8P2DGJixEijg/tJcTdbBKovoLpMWE9Jr07qSh/E+PK
N/0AxgsPLWDJ473QHwgRLxPkv5QDAqbD5bHbKrrQnHp4KG5rtaJuhJ3+k5KcPIqT
OzCankoVoL1CptCnYRVkOMDMfz+YBMSB2dZfYqAI0TJ7l4Uj+dgHXu4e51d5huFi
kc6t1wtER/99eimB0DOrYlWK7usBa2Io1R8uNQkAN90Ods7PQfM=
=D8A2
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 07 Jul 2019 08:04:01 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Mar 29 00:31:41 2021; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.