[Pkg-nagios-devel] Bug#465530: Bug#465530: nagios-plugins 1.4-6sarge1 lacks check_procs
luk at debian.org
Wed Feb 13 22:19:08 UTC 2008
Moritz Muehlenhoff wrote:
> Luk Claes wrote:
>>> okay, it looks like the problem was that the person who did the security
>>> upload built the package in a sarge chroot without /proc mounted (i can
>>> duplicate the problem unmounting /proc in my pbuilder chroot).
>>> so, my question is what are the next steps? can the security team just
>>> trigger a rebuild/binNMU, or do we need another sourceful upload? if so
>>> should i provide an update in debian/rules that checks for /proc to be
>>> mounted just in case this happens again?
>> I think I can schedule binNMUs now though the buildds have to have proc
>> mounted beforehand or the one signing has to be careful enough not to
>> sign if it's not yet fixed with the binNMU.
>> So I guess that's up to the Security Team to decide.
> I don't really remember if/why procfs wasn't mounted. I build Sarge in a
> chroot and Etch on a stable-only, real system.
> Unfortunately it wasn't spotted neither by myself, nor the people that
> also tested the update prior to release. I'll add a note, that we
> integrate the existing bin-checker into the planned security update
> beta test program.
> Please go ahead with a binNMU: Only the broken i386 manual build
> should be affected AFAICS.
More information about the Pkg-nagios-devel