Bug#663971: $named dependency in init script and pdns

2012-10-19 Thread Kel Modderman 
> Hi insserv maintainers,
> 
> there seems to be a problem with apache2's dependency on $named if 
> pdns is installed but not enabled [1]. This does not seem to be a 
> problem with other name servers. 
> 
> pdns ships /etc/insserv.conf.d/pdnsd with
> 
>   $named pdnsd
> 
> Should this be fixed in pdnsd by adding the "+", like other name 
> service entries in /etc/insserv.conf?

This. When there are many services that can each independently provide
a virtual service, it has been customary to make them optional by prefixing
with '+' as in /etc/insserv.conf

Curious though, how has pdns been disabled in your case?

Thanks, Kel


-- 
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201210201601.30600@otaku42.de

Processed: tagging 674142

2012-10-19 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 674142 + pending
Bug #674142 [apache2] make it possible to disable ssl compression in apache2 
mod_ssl
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
674142: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674142
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.1350695995373.transcr...@bugs.debian.org

Processed: tagging 689936

2012-10-19 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 689936 + pending
Bug #689936 [src:apache2] apache2: handling the CRIME attack
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
689936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689936
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.1350695989353.transcr...@bugs.debian.org

Processed: tagging 690232

2012-10-19 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 690232 + moreinfo
Bug #690232 [apache2.2-common] apache2: Apache2 listens on tcp6 only
Added tag(s) moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
690232: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=690232
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.135068840115368.transcr...@bugs.debian.org

Bug#690232: apache2: Apache2 listens on tcp6 only

2012-10-19 Thread Arno Töll 
tags 690232 +moreingo
thanks


On 11.10.2012 14:50, Olaf Zaplinski wrote:
> funny is: I disabled IPv6, now everything works as expected.

Frankly, neither Stefan or me have a clear understanding where and how
this would a bug. We're aware of a similar sounding issue recored as PR
52709 upstream [1] but that's fixed in Wheezy already.

[1] https://issues.apache.org/bugzilla/show_bug.cgi?id=52709
-- 
mit freundlichen Grüßen,
Arno Töll
GnuPG Key-ID: 0x9D80F36D



signature.asc
Description: OpenPGP digital signature

Bug#638011: marked as done (Request lines are truncated after 8k)

2012-10-19 Thread Debian Bug Tracking System 
Your message dated Fri, 19 Oct 2012 21:40:39 +
with message-id <201210192140.40232.jmv_...@nirgal.com>
and subject line Re: LimitRequestLine not taken into account when talking to 
CGI script
has caused the Debian Bug report #638011,
regarding Request lines are truncated after 8k
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
638011: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=638011
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: apache2-mpm-prefork
Version: 2.2.16-6+squeeze1

As of version 2.2.16, Apache applies a fixed line length limit of 8192
bytes when talking to a CGI script: in file `server/util_script.c`,
function `ap_scan_script_header_err_core`, at lines 403--433,
one can read:

char x[MAX_STRING_LEN];
char *w, *l;
[...]
if (buffer) {
*buffer = '\0';
}
w = buffer ? buffer : x;
[...]
while (1) {
int rv = (*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data);

where `MAX_STRING_LEN` is defined in `httpd.h` to be equal to
`HUGE_STRING_LEN`, that is, 8192.

The directive `LimitRequestLine` should apply here as well, or the
documentation should make it clear that this setting does not
influence the CGI module.

I'm using Debian squeeze, with the latest updates:

$ dpkg -l apache\* | grep ^i
ii  apache2  2.2.16-6+squeeze1
   Apache HTTP Server metapackage
ii  apache2-doc  2.2.16-6+squeeze1
   Apache HTTP Server documentation
ii  apache2-mpm-prefork  2.2.16-6+squeeze1
   Apache HTTP Server - traditional non-threaded model
ii  apache2-utils2.2.16-6+squeeze1
   utility programs for webservers
ii  apache2.2-bin2.2.16-6+squeeze1
   Apache HTTP Server common binary files
ii  apache2.2-common 2.2.16-6+squeeze1
   Apache HTTP Server common files

Thanks,
Riccardo


--- End Message ---
--- Begin Message ---
Package: apache2-mpm-prefork
Version: 2.2.22-1

> (...)
> The directive `LimitRequestLine` should apply here as well, or the
> documentation should make it clear that this setting does not
> influence the CGI module.

Documentation has been fixed:

git diff debian/2.2.21-5 debian/2.2.22-1 docs/manual/mod/core.html.en
 Under normal conditions, the value should not be changed 
from
-the default.
+the default. Also, you can't set this higher than 8190 without
+modifying the source code and rebuilding.

Thank you


signature.asc
Description: This is a digitally signed message part.
--- End Message ---

Bug#663971: $named dependency in init script and pdns

2012-10-19 Thread Stefan Fritsch 
Hi insserv maintainers,

there seems to be a problem with apache2's dependency on $named if 
pdns is installed but not enabled [1]. This does not seem to be a 
problem with other name servers. 

pdns ships /etc/insserv.conf.d/pdnsd with

$named pdnsd

Should this be fixed in pdnsd by adding the "+", like other name 
service entries in /etc/insserv.conf? Or should maybe pdnsd be added 
to /etc/insserv.conf, too? Or should apache2 switch to should-start 
instead of Required-Start for $named?

Thanks for your help.

Cheers,
Stefan

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663971


-- 
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201210192126.08506...@sfritsch.de

Processed: Re: bash-completion completes a2enmod incorrectly

2012-10-19 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 590509 + moreinfo unreproducible
Bug #590509 [apache2] bash-completion completes a2enmod incorrectly
Added tag(s) unreproducible and moreinfo.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
590509: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590509
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/handler.s.c.13506735988749.transcr...@bugs.debian.org

Bug#663971: apache2.2-common: /etc/init.d/apache2 requires facility $named, causing failed install/upgrade

2012-10-19 Thread Stefan Fritsch 
On Friday 19 October 2012, Jean-Michel Vourgère wrote:
> It seems to me this is exactly what the little known
> "Should-Start:" from LSB is for.
> 
> https://wiki.debian.org/LSBInitScripts

Most other dns servers are listed in /etc/insserv.conf as optional. 
Maybe pdns should be listed there, too?


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/201210192108.44633...@sfritsch.de

Bug#689936: apache2: handling the CRIME attack

2012-10-19 Thread Mike 
Currently Debian stable systems are failing PCI compliance scans due to 
not being able to disable SSL compression and therefore vulnerable to 
CRIME attacks.


So it would be really nice to get this patch applied.

--
Mike


--
To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/50819971.6000...@snappymail.ca

Bug#663971: apache2.2-common: /etc/init.d/apache2 requires facility $named, causing failed install/upgrade

2012-10-19 Thread Jean-Michel Vourgère 
It seems to me this is exactly what the little known "Should-Start:" from LSB 
is for.

https://wiki.debian.org/LSBInitScripts


signature.asc
Description: This is a digitally signed message part.