[Pkg-citadel-devel] Bug#653959: citadel-server was auto-selected and installed by dist-upgrade for what appears to be no good reason, and apt-get purge citadel-server failed to back out all system changes

Michael Meskes meskes at debian.org
Tue Jan 24 11:27:04 UTC 2017


severity normal
thanks

On Sun, Jan 01, 2012 at 02:42:07PM -0800, Joshua wrote:
> Source: citadel-server
> Version: wheezy
> Severity: serious
> Tags: security
> Justification: Policy 3.5
> 
> apt-get dist-upgrade decided to install citadel-server (no I didn't know what it was) for who-knows-what reason.
> Install created a new publicly listening service (never a good thing security-wise)
> Install created a new user & group
> an immediate apt-get purge citadel-server failed to back out the user,group,extra directories in /var

Sorry for the very late reply, but I did not see this report in my list before earlier this week. 
Chances are you don't even remember the details anymore, but in case you do,
which directory was not deleted? This seems to be the only real bug in here. 

Michael
-- 
Michael Meskes
Michael at Fam-Meskes dot De, Michael at Meskes dot (De|Com|Net|Org)
Meskes at (Debian|Postgresql) dot Org
Jabber: michael at xmpp dot meskes dot org
VfL Borussia! Força Barça! Go SF 49ers! Use Debian GNU/Linux, PostgreSQL



More information about the Pkg-citadel-devel mailing list