Debian Bug report logs -
#926043
CVE-2019-0816
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Sat, 30 Mar 2019 19:15:01 UTC
Severity: important
Tags: security
Found in version cloud-init/18.3-5
Fixed in version cloud-init/18.3-6
Done: Thomas Goirand <zigo@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Sat, 30 Mar 2019 19:15:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Sat, 30 Mar 2019 19:15:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: cloud-init
Severity: grave
Tags: security
This was assigned CVE-2019-0816:
https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
Is this something that affects cloud-init as shipped in Debian or in the way we generate Debian
images for Azure?
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Sat, 30 Mar 2019 23:36:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Thomas Goirand <zigo@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Sat, 30 Mar 2019 23:36:03 GMT) (full text, mbox, link).
Message #10 received at 926043@bugs.debian.org (full text, mbox, reply):
On 3/30/19 8:10 PM, Moritz Muehlenhoff wrote:
> Package: cloud-init
> Severity: grave
> Tags: security
>
> This was assigned CVE-2019-0816:
> https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
> https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
>
> Is this something that affects cloud-init as shipped in Debian or in the way we generate Debian
> images for Azure?
>
> Cheers,
> Moritz
Hi Moritz,
If I understand well the problem, the issue is simply that some extra
Microsoft keys may end up being setup into an Azure Debian instance. I
don't see this as a very "grave" security issue because:
1/ Azure users must trust Azure anyways, otherwise, they should just
stop doing hosting there.
2/ It only affects Azure users.
I'm not even sure that our image is really using cloud-init to do the
ssh key provisioning, if I'm not mistaking, it's using the Azure agent
to do that (can Bastian confirm this?).
In any case, can we downgrade this bug to "important"? Or am I missing
something here?
Cheers,
Thomas Goirand (zigo)
Marked as found in versions cloud-init/18.3-5.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 31 Mar 2019 06:45:02 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Mon, 01 Apr 2019 21:48:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Mon, 01 Apr 2019 21:48:02 GMT) (full text, mbox, link).
Message #17 received at 926043@bugs.debian.org (full text, mbox, reply):
Hi Thomas,
On Sun, Mar 31, 2019 at 12:33:45AM +0100, Thomas Goirand wrote:
> If I understand well the problem, the issue is simply that some extra
> Microsoft keys may end up being setup into an Azure Debian instance. I
> don't see this as a very "grave" security issue because:
>
> 1/ Azure users must trust Azure anyways, otherwise, they should just
> stop doing hosting there.
It's still a big difference whether Microsoft has access during the provision
phase vs. the running system (where it may contain sensitive data).
Metaphorically speaking, I'm fine with builders having access to my house
while it's under construction, but not with them having the keys once the
house is built.
> 2/ It only affects Azure users.
But Azure is an official use case, isn't it? We only recently pushed
a DSA for the Azure agent e.g.
> I'm not even sure that our image is really using cloud-init to do the
> ssh key provisioning, if I'm not mistaking, it's using the Azure agent
> to do that (can Bastian confirm this?).
I don't know, if it can be confirmed it doesn't affect Debian, when we
can close the bug, ofc.
> In any case, can we downgrade this bug to "important"? Or am I missing
> something here?
Instead of arguing over bug severities, can't we rather fix the bug?
Ubuntu fixed this already and their versions seems fairly close.
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Tue, 02 Apr 2019 08:12:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Bastian Blank <waldi@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Tue, 02 Apr 2019 08:12:03 GMT) (full text, mbox, link).
Message #22 received at 926043@bugs.debian.org (full text, mbox, reply):
On Sat, Mar 30, 2019 at 08:10:39PM +0100, Moritz Muehlenhoff wrote:
> Is this something that affects cloud-init as shipped in Debian or in the way we generate Debian
> images for Azure?
No, it is not affected as we don't support cloud-init based
provisioning, yet.
Regards,
Bastian
--
No one can guarantee the actions of another.
-- Spock, "Day of the Dove", stardate unknown
Severity set to 'important' from 'grave'
Request was from Bastian Blank <waldi@debian.org>
to control@bugs.debian.org
.
(Tue, 02 Apr 2019 09:39:03 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Tue, 02 Apr 2019 10:42:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Thomas Goirand <zigo@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Tue, 02 Apr 2019 10:42:04 GMT) (full text, mbox, link).
Message #29 received at 926043@bugs.debian.org (full text, mbox, reply):
On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> Instead of arguing over bug severities, can't we rather fix the bug?
Sure.
> Ubuntu fixed this already and their versions seems fairly close.
That's the thing. I went into the launchpad bug report, and it's full of
small, incremental commits, from which it is very hard to figure out
which one is really fixing the issue. Also, the Ubuntu package is just
getting a snapshot from upstream, it's not integrating any patch. If
someone can point at the correct patch, I'll do the update work.
Cheers,
Thomas Goirand (zigo)
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Tue, 02 Apr 2019 10:51:13 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Tue, 02 Apr 2019 10:51:13 GMT) (full text, mbox, link).
Message #34 received at 926043@bugs.debian.org (full text, mbox, reply):
On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> > Instead of arguing over bug severities, can't we rather fix the bug?
>
> Sure.
>
> > Ubuntu fixed this already and their versions seems fairly close.
>
> That's the thing. I went into the launchpad bug report, and it's full of
> small, incremental commits, from which it is very hard to figure out
> which one is really fixing the issue. Also, the Ubuntu package is just
> getting a snapshot from upstream, it's not integrating any patch. If
> someone can point at the correct patch, I'll do the update work.
Actually, given Bastian's reply, we can just close the bug, or am I missing
something?
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Tue, 02 Apr 2019 12:00:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Thomas Goirand <zigo@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Tue, 02 Apr 2019 12:00:06 GMT) (full text, mbox, link).
Message #39 received at 926043@bugs.debian.org (full text, mbox, reply):
On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
>> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
>>> Instead of arguing over bug severities, can't we rather fix the bug?
>>
>> Sure.
>>
>>> Ubuntu fixed this already and their versions seems fairly close.
>>
>> That's the thing. I went into the launchpad bug report, and it's full of
>> small, incremental commits, from which it is very hard to figure out
>> which one is really fixing the issue. Also, the Ubuntu package is just
>> getting a snapshot from upstream, it's not integrating any patch. If
>> someone can point at the correct patch, I'll do the update work.
>
> Actually, given Bastian's reply, we can just close the bug, or am I missing
> something?
>
> Cheers,
> Moritz
Well, not 100%. "we" don't support cloud-init provisioning yet. Though
someone running Debian, building their own image, cloud be affected by
the bug. Which is why I'd suggest downgrading the bug to important, as
it would only affect, only potentially, a very small subset of users.
I still believe we should try to get this fixed in time for Buster, and
backport it to Stretch.
Cheers,
Thomas Goirand (zigo)
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Tue, 02 Apr 2019 20:33:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Mühlenhoff <jmm@inutil.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Tue, 02 Apr 2019 20:33:03 GMT) (full text, mbox, link).
Message #44 received at 926043@bugs.debian.org (full text, mbox, reply):
severity 926043 important
thanks
On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> >> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> >>> Instead of arguing over bug severities, can't we rather fix the bug?
> >>
> >> Sure.
> >>
> >>> Ubuntu fixed this already and their versions seems fairly close.
> >>
> >> That's the thing. I went into the launchpad bug report, and it's full of
> >> small, incremental commits, from which it is very hard to figure out
> >> which one is really fixing the issue. Also, the Ubuntu package is just
> >> getting a snapshot from upstream, it's not integrating any patch. If
> >> someone can point at the correct patch, I'll do the update work.
> >
> > Actually, given Bastian's reply, we can just close the bug, or am I missing
> > something?
> >
> > Cheers,
> > Moritz
>
> Well, not 100%. "we" don't support cloud-init provisioning yet. Though
> someone running Debian, building their own image, cloud be affected by
> the bug. Which is why I'd suggest downgrading the bug to important, as
> it would only affect, only potentially, a very small subset of users.
OK, I see! Downgrading makes total sense, then. Doing that now.
> I still believe we should try to get this fixed in time for Buster, and
> backport it to Stretch.
Ack.
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Wed, 24 Apr 2019 20:06:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Wed, 24 Apr 2019 20:06:02 GMT) (full text, mbox, link).
Message #49 received at 926043@bugs.debian.org (full text, mbox, reply):
Hi Thomas,
On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
> severity 926043 important
> thanks
>
> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
> > On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
> > > On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
> > >> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
> > >>> Instead of arguing over bug severities, can't we rather fix the bug?
> > >>
> > >> Sure.
> > >>
> > >>> Ubuntu fixed this already and their versions seems fairly close.
> > >>
> > >> That's the thing. I went into the launchpad bug report, and it's full of
> > >> small, incremental commits, from which it is very hard to figure out
> > >> which one is really fixing the issue. Also, the Ubuntu package is just
> > >> getting a snapshot from upstream, it's not integrating any patch. If
> > >> someone can point at the correct patch, I'll do the update work.
> > >
> > > Actually, given Bastian's reply, we can just close the bug, or am I missing
> > > something?
> > >
> > > Cheers,
> > > Moritz
> >
> > Well, not 100%. "we" don't support cloud-init provisioning yet. Though
> > someone running Debian, building their own image, cloud be affected by
> > the bug. Which is why I'd suggest downgrading the bug to important, as
> > it would only affect, only potentially, a very small subset of users.
>
> OK, I see! Downgrading makes total sense, then. Doing that now.
>
> > I still believe we should try to get this fixed in time for Buster, and
> > backport it to Stretch.
>
> Ack.
Did you had a chance to look into this specifically for unstable and
possibly buster (still agreeing on the reasoning, but was looking
trough some pending mails and spotted the intend above).
Regards,
Salvatore
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Thu, 25 Apr 2019 06:42:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Thomas Goirand <zigo@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Thu, 25 Apr 2019 06:42:02 GMT) (full text, mbox, link).
Message #54 received at 926043@bugs.debian.org (full text, mbox, reply):
On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
>>>> On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
>>>>> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
>>>>>> Instead of arguing over bug severities, can't we rather fix the bug?
>>>>>
>>>>> Sure.
>>>>>
>>>>>> Ubuntu fixed this already and their versions seems fairly close.
>>>>>
>>>>> That's the thing. I went into the launchpad bug report, and it's full of
>>>>> small, incremental commits, from which it is very hard to figure out
>>>>> which one is really fixing the issue. Also, the Ubuntu package is just
>>>>> getting a snapshot from upstream, it's not integrating any patch. If
>>>>> someone can point at the correct patch, I'll do the update work.
>>>>
>>>> Actually, given Bastian's reply, we can just close the bug, or am I missing
>>>> something?
>>>>
>>>> Cheers,
>>>> Moritz
>>>
>>> Well, not 100%. "we" don't support cloud-init provisioning yet. Though
>>> someone running Debian, building their own image, cloud be affected by
>>> the bug. Which is why I'd suggest downgrading the bug to important, as
>>> it would only affect, only potentially, a very small subset of users.
>>
>> OK, I see! Downgrading makes total sense, then. Doing that now.
>>
>>> I still believe we should try to get this fixed in time for Buster, and
>>> backport it to Stretch.
>>
>> Ack.
>
> Did you had a chance to look into this specifically for unstable and
> possibly buster (still agreeing on the reasoning, but was looking
> trough some pending mails and spotted the intend above).
>
> Regards,
> Salvatore
Hi,
We are probably better off packaging the latest upstream release, as
it's kind of hard to find out what commit fixes the issue. However, I'm
really not sure if the release team is comfortable with it at this point.
Your thoughts?
Cheers,
Thomas Goirand (zigo)
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Cloud Team <debian-cloud@lists.debian.org>
:
Bug#926043
; Package cloud-init
.
(Thu, 25 Apr 2019 06:51:11 GMT) (full text, mbox, link).
Acknowledgement sent
to Thomas Goirand <zigo@debian.org>
:
Extra info received and forwarded to list. Copy sent to Debian Cloud Team <debian-cloud@lists.debian.org>
.
(Thu, 25 Apr 2019 06:51:11 GMT) (full text, mbox, link).
Message #59 received at 926043@bugs.debian.org (full text, mbox, reply):
On 4/24/19 10:02 PM, Salvatore Bonaccorso wrote:
> Hi Thomas,
>
> On Tue, Apr 02, 2019 at 10:29:33PM +0200, Moritz Mühlenhoff wrote:
>> severity 926043 important
>> thanks
>>
>> On Tue, Apr 02, 2019 at 01:56:35PM +0200, Thomas Goirand wrote:
>>> On 4/2/19 12:46 PM, Moritz Muehlenhoff wrote:
>>>> On Tue, Apr 02, 2019 at 12:33:10PM +0200, Thomas Goirand wrote:
>>>>> On 4/1/19 11:44 PM, Moritz Mühlenhoff wrote:
>>>>>> Instead of arguing over bug severities, can't we rather fix the bug?
>>>>>
>>>>> Sure.
>>>>>
>>>>>> Ubuntu fixed this already and their versions seems fairly close.
>>>>>
>>>>> That's the thing. I went into the launchpad bug report, and it's full of
>>>>> small, incremental commits, from which it is very hard to figure out
>>>>> which one is really fixing the issue. Also, the Ubuntu package is just
>>>>> getting a snapshot from upstream, it's not integrating any patch. If
>>>>> someone can point at the correct patch, I'll do the update work.
>>>>
>>>> Actually, given Bastian's reply, we can just close the bug, or am I missing
>>>> something?
>>>>
>>>> Cheers,
>>>> Moritz
>>>
>>> Well, not 100%. "we" don't support cloud-init provisioning yet. Though
>>> someone running Debian, building their own image, cloud be affected by
>>> the bug. Which is why I'd suggest downgrading the bug to important, as
>>> it would only affect, only potentially, a very small subset of users.
>>
>> OK, I see! Downgrading makes total sense, then. Doing that now.
>>
>>> I still believe we should try to get this fixed in time for Buster, and
>>> backport it to Stretch.
>>
>> Ack.
>
> Did you had a chance to look into this specifically for unstable and
> possibly buster (still agreeing on the reasoning, but was looking
> trough some pending mails and spotted the intend above).
>
> Regards,
> Salvatore
My appologies, I found the patch in the cloud-init Git, and it applies
almost cleanly to the current Sid/Buster release of cloud-init (just a
few offsets...). I'm uploading the fix then...
Thanks for pushing me to do a better job! :)
Cheers,
Thomas Goirand (zigo)
Reply sent
to Thomas Goirand <zigo@debian.org>
:
You have taken responsibility.
(Thu, 25 Apr 2019 07:21:13 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Thu, 25 Apr 2019 07:21:13 GMT) (full text, mbox, link).
Message #64 received at 926043-close@bugs.debian.org (full text, mbox, reply):
Source: cloud-init
Source-Version: 18.3-6
We believe that the bug you reported is fixed in the latest version of
cloud-init, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 926043@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <zigo@debian.org> (supplier of updated cloud-init package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 25 Apr 2019 08:54:18 +0200
Source: cloud-init
Binary: cloud-init
Architecture: source all
Version: 18.3-6
Distribution: unstable
Urgency: high
Maintainer: Debian Cloud Team <debian-cloud@lists.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
cloud-init - initialization system for infrastructure cloud instances
Closes: 926043
Changes:
cloud-init (18.3-6) unstable; urgency=high
.
* CVE-2019-0816: Extraneous SSH Public Keys added to Authorized Keys file.
Applied a refreshed patch from upstream: azure: Filter list of ssh keys
pulled from fabric (Closes: #926043).
Checksums-Sha1:
7e0242a1e8a484901d905968a56fe52fd8d67522 2375 cloud-init_18.3-6.dsc
e10158ddd7f4fbc7da7b9031e28b84faf1051fd6 33632 cloud-init_18.3-6.debian.tar.xz
9e93c969da3921d6f902fe50506373d5499eff75 403280 cloud-init_18.3-6_all.deb
b95cc3316d7db562f05cab3b81e05c1f32979c2f 7983 cloud-init_18.3-6_amd64.buildinfo
Checksums-Sha256:
acf6d90808345b2152bc8b3904d1a6589a454f3c7b390059594b95da4ca4ac3c 2375 cloud-init_18.3-6.dsc
c14327d9106bcfe8c74650db5521bf8ba3fd9400f0cf88fafd3e4137d2f3a6c8 33632 cloud-init_18.3-6.debian.tar.xz
085f7af8e7ecca9ab9c4ee041e818b01850fe3a5b53bda9b45ae299416b6a99c 403280 cloud-init_18.3-6_all.deb
99bd208e29703790b2858836a830aac0119dd051f6a53c0fbe0e391f056b7f10 7983 cloud-init_18.3-6_amd64.buildinfo
Files:
4dfec23986ec555e976518feef9ecead 2375 admin optional cloud-init_18.3-6.dsc
e05be5270470060796a28d66f1c2e572 33632 admin optional cloud-init_18.3-6.debian.tar.xz
d8051e59ece0310760af99c1434ce140 403280 admin optional cloud-init_18.3-6_all.deb
8641b9147fa0049e8045c18b555f135e 7983 admin optional cloud-init_18.3-6_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEtKCq/KhshgVdBnYUq1PlA1hod6YFAlzBWr4ACgkQq1PlA1ho
d6Zqqg/9Gy7rkttsDk88ie7ymBR6tjQW10THJ5Cszt8SQWWIBXe24RZ5e5fF1lrv
sy3o/PkUh46NjeJTIiReR1qD6EsEg8xurEUJUniiZro9GQ+KUO6Zw10iZa4tVvKh
fOO3azQyxy7duxfCSbif5bnTjp0RFqErPiMYD+xmYuTE/1F8UiY+BJw5YyhNO2No
Ez1FenFXmgupBxShjHMf8mdiZyo4FnJXOpRnWlwmSaiIaQvYTaDn+wj8Buf5NDE2
OdcIsz6wFr0TuMWQfJ1MpsRq5VJ2X4cWOcpP4eZ0N8SMasvB2avTL73lMr+s7mTQ
P6FrS9P8kFfDlvWwBkcph62h9TA/LIBBSl5TOEuMkyhkQS1Kb6NPK92FB+a4bJR5
+bPo90OOFfguoymxE5u94DLWmh6JvR0WhOEazo8gXNMdrHNYvh0YbDwVP9Zl7XoS
vNMB3KrQmOIhmWiy1dIiPgXw1KWy40KP0STqxIGbfJHkz0cvtEKZvIrm5qiGOP/X
btDkxfoGhXILsx+H+plhw6R2F3b3hu2nia5lCiLjuwV0dijiOZU/cXIX9NfOlJ4K
yqrLdyDLs/Fx2FRhSr42TR7zo9Vi0Ln2v0Nr2l8FdoVndkcMQ7A7VzZucHriRi64
Hll1JgUUnYfIOj+NQZcZke5xQHwR9059+bAfDbo4B6ReUqTuxUs=
=EdiY
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sat, 25 May 2019 07:26:30 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:55:32 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.