Bug#391918: apache2.2-common: suexec not installed setuid
Package: apache2.2-common Version: 2.2.3-1 Severity: important suexec is installed by apache2.2-common as: -rwxr-xr-x 1 root root 10468 2006-10-02 17:19 /usr/lib/apache2/suexec therefore it cannot perform its job, that is change user identities. The suexec man page states that suexec must be installed with owner root and setuid bit set. More like: -r-sr-xr-x chmod a=rx,u+s suexec -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.11 Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15) Versions of packages apache2.2-common depends on: ii apache2-utils 2.2.3-1utility programs for webservers ii libmagic1 4.17-4 File type determination library us ii lsb-base 3.1-17 Linux Standard Base 3.1 init scrip ii mime-support 3.37-1 MIME files 'mime.types' 'mailcap ii net-tools 1.60-17The NET-3 networking toolkit apache2.2-common recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391393: closed by Tollef Fog Heen [EMAIL PROTECTED] (Bug#391393: fixed in apache2 2.2.3-2)
From: Tollef Fog Heen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Bug#391393: fixed in apache2 2.2.3-2 Date: Fri, 06 Oct 2006 15:32:36 -0700 Source: apache2 Source-Version: 2.2.3-2 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive: [...] Changes: apache2 (2.2.3-2) unstable; urgency=low . [...] * Stop shipping cern_meta.load, dumpio.load and ext_filter.load. Thanks to Stephane Chazelas for noticing. Closes: #391393 [...] Hi Tollef, thanks, but that's not exactly the solution I expected. Why isn't the ext_filter module shipped anymore. From what I can see, it's one of the modules that is enabled when you compile Apache with --enable-modules=all and even --enable-modules=most Is the plan to have it shipped in a separate package? Is the removal documented somewhere for people upgrading from 2.0 to 2.2? I think the documentation for this module is still in the apache manual (http://localhost/manual/). I don't know about the two others, but I think removing ext_filter is likely to affect some web servers. Cheers, Stephane -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391393: apache2.2-common: missing modules (/etc/apache2/mods-available vs /usr/lib/apache2/modules vs doc)
Package: apache2.2-common
Version: 2.2.3-1
Severity: important
Hi,
Some apache modules that used to be present in apache2-common,
and that are referenced in /etc/apache2/mods-available and in
apache2.2 documentation are not available anymore.
mod_ext_filter is the one I was using, but there seems to be at
least two other ones.
/etc/apache2/mods-available$ comm -3 (awk '/\//{print $NF}' *.load | sort)
(print -l /usr/lib/apache2/modules/*.so)
/usr/lib/apache2/modules/mod_cern_meta.so
/usr/lib/apache2/modules/mod_dumpio.so
/usr/lib/apache2/modules/mod_ext_filter.so
/etc/apache2/mods-available$ dpkg -S cern_meta.load dumpio.load ext_filter.load
apache2.2-common: /etc/apache2/mods-available/cern_meta.load
apache2.2-common: /etc/apache2/mods-available/dumpio.load
apache2.2-common: /etc/apache2/mods-available/ext_filter.load
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.11
Locale: LANG=en_GB.ISO-8859-15, LC_CTYPE=en_GB.ISO-8859-15 (charmap=ISO-8859-15)
Versions of packages apache2.2-common depends on:
ii apache2-utils 2.2.3-1utility programs for webservers
ii libmagic1 4.17-4 File type determination library us
ii lsb-base 3.1-17 Linux Standard Base 3.1 init scrip
ii mime-support 3.37-1 MIME files 'mime.types' 'mailcap
ii net-tools 1.60-17The NET-3 networking toolkit
apache2.2-common recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
