Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns
On 3/25/19 8:25 PM, Sven Hartge wrote: > On 24.03.19 02:02, Sven Hartge wrote: > >> So far, so good. I have your packages running on the main webmail server >> and the main web server for my university and so far everything is fine, >> while default packages and the test1 packages with mpm_event would >> normally start showing the symptoms after ~12 hours. > > Still no problems here and both systems have seen some serious traffic > the last days, with the new semester starting next week and all. This is good news! I'll try and see if I can install the packages on a few servers myself this week. Thanks!! Kind regards, Martijn. signature.asc Description: OpenPGP digital signature
Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns
On 24.03.19 02:02, Sven Hartge wrote: > So far, so good. I have your packages running on the main webmail server > and the main web server for my university and so far everything is fine, > while default packages and the test1 packages with mpm_event would > normally start showing the symptoms after ~12 hours. Still no problems here and both systems have seen some serious traffic the last days, with the new semester starting next week and all. Grüße, Sven. signature.asc Description: OpenPGP digital signature
Processed: apache2: AuthLDAPBindPassword with exec: variant: child processes not properly destroyed
Processing control commands: > found -1 2.4.25-3 Bug #925472 [src:apache2] apache2: AuthLDAPBindPassword with exec: variant: child processes not properly destroyed Marked as found in versions apache2/2.4.25-3. -- 925472: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925472 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#925472: apache2: AuthLDAPBindPassword with exec: variant: child processes not properly destroyed
Source: apache2 Version: 2.4.25-3+deb9u6 Severity: normal Tags: upstream Forwarded: https://bz.apache.org/bugzilla/show_bug.cgi?id=61817 Control: found -1 2.4.25-3 Hi When using a setup using for mod_authnz_ldap the AuthLDAPBindPassword directive specifically with the exec: variant as documented in [1], a respective child process is not destroyed correctly. To reproduce the issue within a .htaccess file (we managed to reproduce in .htaccess context but not in a directory context) > AuthType Basic > AuthName "Restricted access" > AuthBasicProvider ldap > > AuthLDAPURL $url > AuthLDAPBindDN $binddn > AuthLDAPBindPassword "exec:/bin/cat /path/to/ldap/passwd" > > Require valid-user is enough, resulting in defunct processes [...] S www-data 145731 82080 0 80 0 13016 223273 - 13:50 ?00:00:00 \_ /usr/sbin/apache2 -k start Z www-data 151575 145731 0 80 0 0 0 - 14:21 ?00:00:00 | \_ [cat] S www-data 145732 82080 0 80 0 13980 223674 - 13:50 ?00:00:00 \_ /usr/sbin/apache2 -k start Z www-data 151686 145732 0 80 0 0 0 - 14:22 ?00:00:00 \_ [cat] [...] The issue has been submitted upstream already in [2] with a tentative patch, but it looks the issue got not yet adressed upstream. Regards, Salvatore [1] http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html#AuthLDAPBindPassword [2] https://bz.apache.org/bugzilla/show_bug.cgi?id=61817
Processed: Re: Bug#924881: postgresql: buster upgrade breaks older postgresql (9.6) and newer postgresql (11) is also inoperative
Processing control commands: > reassign -1 ssl-cert Bug #924881 [postgresql] postgresql: buster upgrade breaks older postgresql (9.6) and newer postgresql (11) is also inoperative Bug reassigned from package 'postgresql' to 'ssl-cert'. No longer marked as found in versions postgresql-common/200. Ignoring request to alter fixed versions of bug #924881 to the same values previously set -- 924881: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924881 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
