This Tuesday Robert Felber released a new upstream version. It is a (local) security bugfix (and some minor fixes) which was reported on Sunday by Chris Howells to the Debian Security Team (as well as to other vendors). Today DSA-1531 was released.
Right from the DSA:
“… created its socket in an insecure way, which may be exploited to overwrite or remove arbitary files from the local system.”
So please update you systems if you use this package asap.
While we are at policyd-weight… there is one bug open (#471645) where I’m unsure if I want to fix it, cause only stable is effected and the problem can be solved by providing a adjusted array of rbl in the config file. Should I ask for inclusion directly into stable? But it’s a really minor issue. Or try to get 0.1.14.15 uploaded to volatile? I’m really unsure and suggestions are welcome.
Today a customer asked for hosting several domains with different content on one apache virtual host. The little tricky part was, that the sites should not be accessed by subdirs like http://domain20.org/subdir20/ and http://domain21.org/subdir21/ which can be done with a little script which parses the $_SERVER['HTTP_HOST']. So mod_rewrite is an option.
To make it user accessable, we use .htaccess. This requires “AllowOverride +FileInfo” to be set for the DocumentRoot in the vhost config. The .htaccess in DocumentRoot could look something like:
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} domain10.org$ [OR]
RewriteCond %{HTTP_HOST} domain11.org$
RewriteCond %{REQUEST_FILENAME} !dir1/
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule (.*) dir1/$1 [L]
RewriteCond %{HTTP_HOST} domain20.org$ [OR]
RewriteCond %{HTTP_HOST} domain21.org$
RewriteCond %{REQUEST_FILENAME} !dir2/
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule (.*) dir2/$1 [L]
Last week I did again some work on nagios-plugins. After the announcement of Dann Frazier to upload NMU to fix a trivial bug, I thought it’s time again to give some extra care to the package. So I prepared 1.4.11-2 fixing the important bugs and uploaded it. I also commited some minor fixes to the svn, so these issues will get fixed by the next upload.
Since the development of policyd-weigh stalled and unfortunately maybe get stuck, I was looking for an alternative, which maybe found with postfwd. It’s quite flexible but it also will take more time (and care!) to get a reliable configuration, which maybe effective as policyd-weight (still) is right now. While checking the dependencies for postfwd I noticed that Net::DNS::Async isn’t available in Debian (yet). So I decided to create a package starting with dh-make-perl, join the Debian Perl Group and let it review. Damyan Ivanov was so kind to review and upload it, Gregor Herrmann did also give some much useful hints. Thanks to both!
And yes, I also found time to step forward with NM, since I was overloaded the last weeks with usual work and life. Thank to my AM to be so appreciative.
