Bug#246093: marked as done (Samba passwords are shown in plain text)
Debian Bug Tracking System
owner@bugs.debian.org
Thu, 10 Jun 2004 08:18:10 -0700
Your message dated Thu, 10 Jun 2004 11:02:08 -0400
with message-id <E1BYR4C-0008Ey-00@newraff.debian.org>
and subject line Bug#246093: fixed in gnome-cups-manager 0.18-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Apr 2004 07:20:34 +0000
>From root@itais.net Tue Apr 27 00:20:33 2004
Return-path: <root@itais.net>
Received: from 126.red-80-25-94.pooles.rima-tde.net (portatiljl.itais.net) [80.25.94.126]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BIMtN-0000Q1-00; Tue, 27 Apr 2004 00:20:33 -0700
Received: from root by portatiljl.itais.net with local (Exim 3.35 #1 (Debian))
id 1BIMtG-0002eq-00; Tue, 27 Apr 2004 09:20:26 +0200
From: root <root@itais.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Samba passwords are shown in plain text
X-Mailer: reportbug 1.50
Date: Tue, 27 Apr 2004 09:20:26 +0200
Message-Id: <E1BIMtG-0002eq-00@portatiljl.itais.net>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-7.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
X-CrossAssassin-Score: 1
Package: gnome-cups-manager
Version: 0.17-2linex
Severity: critical
Tags: security
Justification: root security hole
When adding samba printers you see the samba password when typing it and later.
Whenever any system user sees this kind of printer properties, he can see the samba password in plain text.
-- System Information
Debian Release: gnulinex
Architecture: i386
Kernel: Linux portatiljl.itais.net 2.6.4 #2 Tue Mar 23 01:06:50 CET 2004 i686
Locale: LANG=spanish, LC_CTYPE=es_ES
Versions of packages gnome-cups-manager depends on:
ii bonobo-ac 1:2.2.2-1woody1 Bonobo Activation Framework
ii libart-2. 2.3.11-3woody1 Library of functions for 2D graphi
ii libatk1.0 1.2.4-1woody1 The ATK accessibility toolkit
ii libaudiof 0.2.3-4woody1 The Audiofile Library
ii libbonobo 1:2.2.2-1woody1 Bonobo Activation Framework -- run
ii libbonobo 2.2.3-1woody1 Bonobo CORBA interfaces library
ii libbonobo 2.2.2-1woody1 The Bonobo UI library
ii libc6 2.2.5-14.3 GNU C Library: Shared libraries an
ii libcupsys 1.1.20final-12.backports.org.1 Common UNIX Printing System(tm) -
ii libesd-al 0.2.29-1woody1 Enlightened Sound Daemon (ALSA) -
ii libesd-al 0.2.29-1woody1 Enlightened Sound Daemon (ALSA) -
ii libgconf2 2.2.1-1woody1 GNOME configuration database syste
ii libgcrypt 1.1.12-2.backports.org.1 LGPL Crypto library - runtime libr
ii libglade2 2.0.1-3woody4 Library to load .glade files at ru
ii libglib2. 2.2.3-0jds1 The GLib library of C routines
ii libgnome2 2.2.3-0jds1 The GNOME 2 library - runtime file
ii libgnomec 2.2.1-1woody1 A powerful object-oriented display
ii libgnomec 0.1.5-0jds1 GNOME library for CUPS interaction
ii libgnomec 0.17-2linex UI extensions to libgnomecups
ii libgnomeu 2.2.2-0jds1 The GNOME 2 libraries (User Interf
ii libgnomev 2.2.5-2woody1 The GNOME virtual file-system libr
ii libgnomev 2.2.5-2woody1 The GNOME virtual file-system libr
ii libgnutls 0.8.1-1woody1 GNU TLS library - runtime library
ii libgtk2.0 2.2.1-3woody1 The GTK+ graphical user interface
ii libjpeg62 6b-5 The Independent JPEG Group's JPEG
ii liblinc1 2:1.0.3-2jds1 library to simplify creating netwo
ii liborbit2 1:2.6.2-1woody2 Libraries for ORBit2 - a CORBA ORB
ii libpango1 1.2.1-1woody1 Layout and rendering of internatio
ii libpopt0 1.6.4-2 lib for parsing cmdline parameters
ii libstdc++ 1:2.95.4-11woody1 The GNU stdc++ library
ii libtasn1- 0.1.2-1woody1 Manage ASN.1 structures (runtime)
ii libxml2 2.5.7-1woody1 GNOME XML library
ii xlibs 4.3.0-0woody4 X Window System client libraries
ii zlib1g 1:1.1.4-1.0woody0 compression library - runtime
---------------------------------------
Received: (at 246093-close) by bugs.debian.org; 10 Jun 2004 15:08:03 +0000
>From katie@ftp-master.debian.org Thu Jun 10 08:08:03 2004
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BYR9v-0005ma-00; Thu, 10 Jun 2004 08:08:03 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1BYR4C-0008Ey-00; Thu, 10 Jun 2004 11:02:08 -0400
From: Ross Burton <ross@debian.org>
To: 246093-close@bugs.debian.org
X-Katie: $Revision: 1.49 $
Subject: Bug#246093: fixed in gnome-cups-manager 0.18-2
Message-Id: <E1BYR4C-0008Ey-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 10 Jun 2004 11:02:08 -0400
Delivered-To: 246093-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Source: gnome-cups-manager
Source-Version: 0.18-2
We believe that the bug you reported is fixed in the latest version of
gnome-cups-manager, which is due to be installed in the Debian FTP archive:
gnome-cups-manager_0.18-2.diff.gz
to pool/main/g/gnome-cups-manager/gnome-cups-manager_0.18-2.diff.gz
gnome-cups-manager_0.18-2.dsc
to pool/main/g/gnome-cups-manager/gnome-cups-manager_0.18-2.dsc
gnome-cups-manager_0.18-2_i386.deb
to pool/main/g/gnome-cups-manager/gnome-cups-manager_0.18-2_i386.deb
libgnomecupsui1.0-1_0.18-2_i386.deb
to pool/main/g/gnome-cups-manager/libgnomecupsui1.0-1_0.18-2_i386.deb
libgnomecupsui1.0-dev_0.18-2_i386.deb
to pool/main/g/gnome-cups-manager/libgnomecupsui1.0-dev_0.18-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 246093@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ross Burton <ross@debian.org> (supplier of updated gnome-cups-manager package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 10 Jun 2004 15:37:41 +0100
Source: gnome-cups-manager
Binary: libgnomecupsui1.0-dev gnome-cups-manager libgnomecupsui1.0-1
Architecture: source i386
Version: 0.18-2
Distribution: unstable
Urgency: low
Maintainer: Ross Burton <ross@debian.org>
Changed-By: Ross Burton <ross@debian.org>
Description:
gnome-cups-manager - CUPS printer admin tool for GNOME
libgnomecupsui1.0-1 - UI extensions to libgnomecups
libgnomecupsui1.0-dev - UI extensions to libgnomecups (headers)
Closes: 246093 253609
Changes:
gnome-cups-manager (0.18-2) unstable; urgency=low
.
* Build-depend on intltool (closes: #253609)
* Hide the Samba password (closes: #246093)
Files:
f853ec7ef5ce9cf9195792ffdb3d2a3b 1577 gnome optional gnome-cups-manager_0.18-2.dsc
c25db182c92cfc91eeef6056956393d4 4936 gnome optional gnome-cups-manager_0.18-2.diff.gz
4323885216c1d199f3d1f8fd34e0823d 199762 gnome optional gnome-cups-manager_0.18-2_i386.deb
7a8201d89d6bef9096db16091200f7fb 15872 libs optional libgnomecupsui1.0-1_0.18-2_i386.deb
93db2edad9b256b04876da501866ec7d 14976 libdevel optional libgnomecupsui1.0-dev_0.18-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAyHTeLQnkR9C0M98RAnktAJ983xlUpJs+Q6qPuEoZJNXxnKcjVgCfRkPy
visy/7VAc2axixtk5YJycAo=
=6Hn3
-----END PGP SIGNATURE-----