This bug was fixed in the package cobbler - 2.2.2-0ubuntu1
cobbler (2.2.2-0ubuntu1) precise; urgency=low
* New upstream release:
+ Use dh_python2 everywhere.
+ Folded debian/patches/49_ubuntu_add_arm_arch_support.patch
into one patch for easier upstreaming.
+ Dropped debian/patches/50_fix_cobbler_timezone.patch:
+ Dropped debian/patches/47_ubuntu_add_oneiric_codename.patch
in favor of debian/patches/47_ubuntu_add_codenames.patch:
It adds "precise" and drops unsupported releases as well.
+ Dropped debian/patches/41_update_tree_path_with_arch.patch:
No longer needed.
+ Dropped debian/patches/55_ubuntu_branding.patch: Will be moved
* debian/cobbler.postinst: create users.digest mode 0600 so it
is not world readable. (LP: #858860)
* debian/control: cobbler needs to depend on python-cobbler
* debian/patches/58_fix_egg_cache.patch: Do not point dangerous
PYTHON_EGG_CACHE at world writable directory. (LP: #858875)
* debian/cobbler-common.install: remove users.digest as it is
not required and contains a known password that would leave
cobblerd vulnerable if started before configuration is done
* debian/cobbler-web.postinst: fix perms on webui_sessions to
be more secure (LP: #863755)
* Backport safe YAML load from upstream. (LP: #858883)
-- Chuck Short <email address hidden> Tue, 15 Nov 2011 12:35:40 -0500