Package: apache Version: 1.3.26-0woody3 Severity: important Tags: security patch
-- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux <hostname> 2.4.18 #5 Mon May 5 13:56:33 CEST 2003 i686 Locale: LANG=C, LC_CTYPE=C Versions of packages apache depends on: ii apache-common 1.3.26-0woody3 ii dpkg 1.9.21 ii libc6 2.2.5-11.2 ii libdb2 2:2.7.7.0-7 ii libexpat1 1.95.2-6 ii logrotate 3.5.9-8 ii mime-support 3.18-1 ii perl 5.6.1-7 ii perl [perl5] 5.6.1-7 Description: When I start or restart apache later than boot time using /etc/init.d/apache, the environment is leaking into the web server process. The point to fix this problem is already found in the script, but unfortunately not properly implemented. Debian SID seems also to be affected. Ingo Schramm Patch: 22a23 > ENV="env -i LANG=${LANG} PATH=${PATH}" 32c33 < start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --- > $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON 48c49 < start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON --- > $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON -- Ister.ORG mailto:[EMAIL PROTECTED] http://www.ister.org