Re: Need Some Help
On 3/7/24 20:52, Ali Ramzan wrote: Hi, I am currently using Debian Apache version on my Debian server, but when I perform a scan, I am alerted to several vulnerabilities. Specifically, the Apache version 2.4.x is vulnerable to multiple CVEs, including 2023-31122, 2023-43622, and 2023-45802. I have a couple of questions: When will Debian release Apache version 2.4.58, which resolves these vulnerabilities? Also, where can I find a link to this release and its release date? Finally, is there any way for me to fix these vulnerabilities in the meantime? Hi, version 2.4.58 doesn't contain important CVE fixes, only minor/medium. So it will be updated during a Debian point release and not in security branch. Cheers, Yadd
Need Some Help
Hi, I am currently using Debian Apache version on my Debian server, but when I perform a scan, I am alerted to several vulnerabilities. Specifically, the Apache version 2.4.x is vulnerable to multiple CVEs, including 2023-31122, 2023-43622, and 2023-45802. I have a couple of questions: When will Debian release Apache version 2.4.58, which resolves these vulnerabilities? Also, where can I find a link to this release and its release date? Finally, is there any way for me to fix these vulnerabilities in the meantime? apt policy apache2 apache2: Installed: 2.4.56-1~deb11u2 Candidate: 2.4.56-1~deb11u2 Version table: *** 2.4.56-1~deb11u2 500 500 http://ftp.de.debian.org/debian bullseye/main amd64 Packages 100 /var/lib/dpkg/status root@vcloudproxy-02:~# lsb_release -a No LSB modules are available. Distributor ID: Debian Description:Debian GNU/Linux 11 (bullseye) Release:11 Codename: bullseye Thanks Ali
Request help with public IP address for Debian's Apache build
Hello Apache developers, I used to have a Windows build of Apache1, along with the tomcat. I was quite successful to have the public ip address to host the defined directory. Now, I am on a Debian type build, particularly Apache2. There is no httpd.conf to be found so everything is different. I haven't documented much on my Apache1 attempt. I was young, and I didn't have a means of purchasing a domain name nor keep the server active 24/7. Now, I don't have httpd.conf and am working on a new Apache2. Do you happened to know how to get the public ip address to host my defined Apache2 directory? I am willing to listen on router configurations, firewalls (I am currently using the firewall-config), and Apache2 scripts. -- Sincerely, retrovirus-...@juno.com
Re: help needed to complete regression fix for apache2 Bug#858373
Hi, sorry for the delay. Gmail filed this one into spam :-( Unfortunately, I don't have access to that environment anymore to confirm. I'll pass this on to the folks that do so hopefully they can. My recollection from this issue was that I'd tested it against different package versions and the 400 ErrorDocuments had worked beforehand (we used them for ModSec types of things primarily, and I'm confident that mode was working well before hand and after), though possibly not in that particular protocol error context. I vaguely recall having issues reproducing a working ErrorDocument with non-cgi methods in that protocol error mode style test as well, but I don't recall if rhat was only in the newer versions of the software that I had been testing with or true before that update as well. Anyways, thanks much for following up. Sorry I don't have more info to offer at the moment. Cheers, Brian On Fri, Jul 21, 2017, 08:44 Antoine Beaupréwrote: > TL;DR: New proposed package (deb7u11) doesn't ctually show a new > regression, please test: > > > https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes > > In particular, Brian Kroth: are you *sure* you had that ErrorDocument > 400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1 > upload)? In my tests, it didn't actually work at all. It wouldn't > trigger a segfault, but the CGI script wouldn't get called either. In > the above package, we don't segfault anymore, but we yield a 400 + 500 > error message (because the ErrorDocument fails). The solution, here, is > obviously to update to a later Apache version (e.g. update to jessie, > really) to get that functionality working, from my perspective. > > More technical details follow. > > On 2017-07-21 09:24:00, Stefan Fritsch wrote: > > Hi Antoine, > > > > On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote: > >> As I mentioned in the #858373 bug report, I started looking at fixing > >> the regression introduced by the 2.2.22-13+deb7u8 upload, part of > >> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured > >> to handle 400 error messages that can be triggered with a simple "GET / > >> HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now. > > > >> Unfortunately, re-introducing the protocol initialization code isn't > >> sufficient: it does fix the segfaults, but the ErrorDocument handling is > >> not quite working yet. Instead of seeing the output of the > >> ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with > >> a 500 error document warning: > > > >> Note that I have also tried to see if sending "\r\n" instead of just > >> "\n" in my "hello world" example would work around the issue: it > >> doesn't, unfortunately. > >> > >> I am at a loss as where to go from here, to be honest. The patch > >> (attached) at least fixes the segfault, which resolves the primary issue > >> at hand here (DoS by crashing processes!) but it would be nice to > >> actually fix the ErrorDocument as well.. > > > > This sounds familiar. Maybe it's simply broken in 2.2.22. Can you > compare with > > 2.2.22-13+deb7u7 if that bug has been there already? > > Well, the problem is - how do I reproduce this? I can't generate the > same 400 error message in deb7u7 (I tried!) with the previous techniques > because the new request handling code isn't there. That is, the > following query just works: > > # printf "GET / HTTP/1.0\n\n" | nc localhost 80 | head -1 > HTTP/1.1 200 OK > > > Furthermore, generating a 400 error, when it works in deb7u7, doesn't > trigger the ErrorDocument - not sure why: > > # printf "G ET / HTTP/1.0\r\n\r\n" | nc localhost 80 > HTTP/1.1 400 Bad Request > Date: Fri, 21 Jul 2017 13:40:48 GMT > Server: Apache/2.2.22 (Debian) > Vary: Accept-Encoding > Content-Length: 302 > Connection: close > Content-Type: text/html; charset=iso-8859-1 > > > > 400 Bad Request > > Bad Request > Your browser sent a request that this server could not understand. > > > Apache/2.2.22 (Debian) Server at wheezy.raw Port 80 > > > Logs show the following: > > [Fri Jul 21 13:40:48 2017] [error] [client 127.0.0.1] Invalid URI in > request G ET / HTTP/1.0 > > ... whether or not the 400 ErrorDocument directive is present. Notice > how the ErrorDocument isn't triggered at all here. > > Of course, a 404 ErrorDocument still works correctly: > > # printf "GET /wtf HTTP/1.0\r\n\r\n" | nc localhost 80 > HTTP/1.1 404 Not Found > Date: Fri, 21 Jul 2017 13:23:46 GMT > Server: Apache/2.2.22 (Debian) > Vary: Accept-Encoding > Connection: close > Content-Type: text/plain > > Hello, World. > > I get this behavior consistently with deb7u7 and the proposed deb7u11 > (which only adds a 500 error document to *certain* 400 errors, > basically). I find that is an acceptable compromise to fix a segfault, > and, from my perspective, doesn't introduce a regression. > > > In 2.2.30, there is this fix, which is obviously missing from
Processed: Re: help needed to complete regression fix for apache2 Bug#858373
Processing control commands: > fixed 858373 2.2.22-13+deb7u7 Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request when using worker/event mpm and cgid errordoc There is no source info for the package 'apache2.2-common' at version '2.2.22-13+deb7u7' with architecture '' Unable to make a source version for version '2.2.22-13+deb7u7' Marked as fixed in versions 2.2.22-13+deb7u7. > tags 858373 +pending +patch Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request when using worker/event mpm and cgid errordoc Added tag(s) pending. Bug #858373 [apache2.2-common] apache2: segfaults upon recieving bad request when using worker/event mpm and cgid errordoc Added tag(s) patch. -- 858373: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858373 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#858373: help needed to complete regression fix for apache2 Bug#858373
Control: fixed 858373 2.2.22-13+deb7u7 Control: tags 858373 +pending +patch On 2017-07-21 09:44:38, Antoine Beaupré wrote: > TL;DR: New proposed package (deb7u11) doesn't actually show a new > regression, please test: > > https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes > > In particular, Brian Kroth: are you *sure* you had that ErrorDocument > 400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1 > upload)? In my tests, it didn't actually work at all. It wouldn't > trigger a segfault, but the CGI script wouldn't get called either. In > the above package, we don't segfault anymore, but we yield a 400 + 500 > error message (because the ErrorDocument fails). The solution, here, is > obviously to update to a later Apache version (e.g. update to jessie, > really) to get that functionality working, from my perspective. Timing out on this one: I will assume that 2.2.22-13+deb7u7 didn't segfault, but then didn't yield a proper ErrorDocument either (because I cannot reproduce that behavior). I have uploaded deb7u11 and will send the associated DLA-841-2 regression update when it hits the archives. A. -- Seul a un caractère scientifique ce qui peut être réfuté. Ce qui n'est pas réfutable relève de la magie ou de la mystique. - Karl Popper
Bug#858373: help needed to complete regression fix for apache2 Bug#858373
TL;DR: New proposed package (deb7u11) doesn't actually show a new regression, please test: https://people.debian.org/~anarcat/debian/wheezy-lts/apache2_2.2.22-13+deb7u11_amd64.changes In particular, Brian Kroth: are you *sure* you had that ErrorDocument 400 working in apache2_2.2.22-13+deb7u7 (ie. before the DLA-841-1 upload)? In my tests, it didn't actually work at all. It wouldn't trigger a segfault, but the CGI script wouldn't get called either. In the above package, we don't segfault anymore, but we yield a 400 + 500 error message (because the ErrorDocument fails). The solution, here, is obviously to update to a later Apache version (e.g. update to jessie, really) to get that functionality working, from my perspective. More technical details follow. On 2017-07-21 09:24:00, Stefan Fritsch wrote: > Hi Antoine, > > On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote: >> As I mentioned in the #858373 bug report, I started looking at fixing >> the regression introduced by the 2.2.22-13+deb7u8 upload, part of >> DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured >> to handle 400 error messages that can be triggered with a simple "GET / >> HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now. > >> Unfortunately, re-introducing the protocol initialization code isn't >> sufficient: it does fix the segfaults, but the ErrorDocument handling is >> not quite working yet. Instead of seeing the output of the >> ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with >> a 500 error document warning: > >> Note that I have also tried to see if sending "\r\n" instead of just >> "\n" in my "hello world" example would work around the issue: it >> doesn't, unfortunately. >> >> I am at a loss as where to go from here, to be honest. The patch >> (attached) at least fixes the segfault, which resolves the primary issue >> at hand here (DoS by crashing processes!) but it would be nice to >> actually fix the ErrorDocument as well.. > > This sounds familiar. Maybe it's simply broken in 2.2.22. Can you compare > with > 2.2.22-13+deb7u7 if that bug has been there already? Well, the problem is - how do I reproduce this? I can't generate the same 400 error message in deb7u7 (I tried!) with the previous techniques because the new request handling code isn't there. That is, the following query just works: # printf "GET / HTTP/1.0\n\n" | nc localhost 80 | head -1 HTTP/1.1 200 OK Furthermore, generating a 400 error, when it works in deb7u7, doesn't trigger the ErrorDocument - not sure why: # printf "G ET / HTTP/1.0\r\n\r\n" | nc localhost 80 HTTP/1.1 400 Bad Request Date: Fri, 21 Jul 2017 13:40:48 GMT Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 302 Connection: close Content-Type: text/html; charset=iso-8859-1 400 Bad Request Bad Request Your browser sent a request that this server could not understand. Apache/2.2.22 (Debian) Server at wheezy.raw Port 80 Logs show the following: [Fri Jul 21 13:40:48 2017] [error] [client 127.0.0.1] Invalid URI in request G ET / HTTP/1.0 ... whether or not the 400 ErrorDocument directive is present. Notice how the ErrorDocument isn't triggered at all here. Of course, a 404 ErrorDocument still works correctly: # printf "GET /wtf HTTP/1.0\r\n\r\n" | nc localhost 80 HTTP/1.1 404 Not Found Date: Fri, 21 Jul 2017 13:23:46 GMT Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Connection: close Content-Type: text/plain Hello, World. I get this behavior consistently with deb7u7 and the proposed deb7u11 (which only adds a 500 error document to *certain* 400 errors, basically). I find that is an acceptable compromise to fix a segfault, and, from my perspective, doesn't introduce a regression. > In 2.2.30, there is this fix, which is obviously missing from 2.2.22: > > *) core, modules: Avoid error response/document handling by the core if some > handler or input filter already did it while reading the request (causing > a double response body). [Yann Ylavic] > > I could not find a changelog entry about the 10s delay, but it's possible > that > that has been fixed as well. If the issue is not a regression, you should > simply release the patch that you have. The fix for the error document seems > rather invasive: > > https://svn.apache.org/r1683808 But that's another big patch to backport: 20 files changed, 196 insertions(+), 129 deletions(-) Not sure we want to pile yet another backport on top of the pile we already have. Now I really regret not updating to 2.2.34. :( Since this issue doesn't seem to be a regression (the ErrorDocument didn't seem to get called at all, previously), I think I'll just post a test package with the regression fix and be done with it for now. I'm more confident in the upload now, and hopefully it won't break too many things now. At least we don't segfault. ;) I'll be available to upload the test package tomorrow or by the end of next week, if there
Re: help needed to complete regression fix for apache2 Bug#858373
Hi Antoine, On Wednesday, 19 July 2017 15:45:20 CEST Antoine Beaupre wrote: > As I mentioned in the #858373 bug report, I started looking at fixing > the regression introduced by the 2.2.22-13+deb7u8 upload, part of > DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured > to handle 400 error messages that can be triggered with a simple "GET / > HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now. > Unfortunately, re-introducing the protocol initialization code isn't > sufficient: it does fix the segfaults, but the ErrorDocument handling is > not quite working yet. Instead of seeing the output of the > ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with > a 500 error document warning: > Note that I have also tried to see if sending "\r\n" instead of just > "\n" in my "hello world" example would work around the issue: it > doesn't, unfortunately. > > I am at a loss as where to go from here, to be honest. The patch > (attached) at least fixes the segfault, which resolves the primary issue > at hand here (DoS by crashing processes!) but it would be nice to > actually fix the ErrorDocument as well.. This sounds familiar. Maybe it's simply broken in 2.2.22. Can you compare with 2.2.22-13+deb7u7 if that bug has been there already? In 2.2.30, there is this fix, which is obviously missing from 2.2.22: *) core, modules: Avoid error response/document handling by the core if some handler or input filter already did it while reading the request (causing a double response body). [Yann Ylavic] I could not find a changelog entry about the 10s delay, but it's possible that that has been fixed as well. If the issue is not a regression, you should simply release the patch that you have. The fix for the error document seems rather invasive: https://svn.apache.org/r1683808 Cheers, Stefan
Bug#858373: help needed to complete regression fix for apache2 Bug#858373
And then, obviously, I forget the patch. Sorry for the noise. -- The secret of life is to have no fear; it's the only way to function. - Stokely Carmichael diff -Nru apache2-2.2.22/debian/changelog apache2-2.2.22/debian/changelog --- apache2-2.2.22/debian/changelog 2017-07-17 03:50:16.0 -0400 +++ apache2-2.2.22/debian/changelog 2017-07-19 14:12:44.0 -0400 @@ -1,3 +1,12 @@ +apache2 (2.2.22-13+deb7u11) UNRELEASED; urgency=high + + * Non-maintainer upload by the LTS Security Team. + * fix regression introduced in 2.2.22-13+deb7u8 that re-introduced +something like CVE-2015-0253 when fixing CVE-2016-8743 (Closes: +#858373) + + -- Antoine BeaupréWed, 19 Jul 2017 14:12:44 -0400 + apache2 (2.2.22-13+deb7u10) wheezy-security; urgency=high * CVE-2017-9788: The value placeholder in [Proxy-]Authorization headers of diff -Nru apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch --- apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch 1969-12-31 19:00:00.0 -0500 +++ apache2-2.2.22/debian/patches/CVE-2016-8743-regression.patch 2017-07-19 14:12:44.0 -0400 @@ -0,0 +1,23 @@ +Description: fix regression introduced in CVE-2016-8743 + The messy CVE-2016-8743 patchset introduced an error in protocol + initialization in some error cases. This makes sure that invalid + requests doesn't segfault apache. + . + This is similar, but not directly related to CVE-2015-0253. +Origin: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/protocol.c?r1=1642403=1668879=1668879=patch +Bug-Debian: 858373 +Forwarded: not-needed +Author: Antoine Beaupré +Last-update: 2017-07-19 + +--- a/server/protocol.c b/server/protocol.c +@@ -637,6 +637,8 @@ static int read_request_line(request_rec + else if (APR_STATUS_IS_EINVAL(rv)) { + r->status = HTTP_BAD_REQUEST; + } ++r->proto_num = HTTP_VERSION(1,0); ++r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); + return 0; + } + } while ((len <= 0) && (++num_blank_lines < max_blank_lines)); diff -Nru apache2-2.2.22/debian/patches/series apache2-2.2.22/debian/patches/series --- apache2-2.2.22/debian/patches/series 2017-07-17 03:50:33.0 -0400 +++ apache2-2.2.22/debian/patches/series 2017-07-19 14:12:44.0 -0400 @@ -61,3 +61,4 @@ CVE-2017-7668.patch CVE-2017-7669.patch CVE-2017-9788.patch +CVE-2016-8743-regression.patch
help needed to complete regression fix for apache2 Bug#858373
Hi, (Sorry for the large CC list, but I am hoping to get a broad approval of the next changes for this in order to avoid previous mistakes. ;) In particular, I'd be very grateful for some input by Stefan considering his knowledge of the Apache codebase and how ... exotic this problems is.) As I mentioned in the #858373 bug report, I started looking at fixing the regression introduced by the 2.2.22-13+deb7u8 upload, part of DLA-841-1. The problem occurs when a CGI(d) ErrorDocument is configured to handle 400 error messages that can be triggered with a simple "GET / HTTP/1.0\n\n". Such a request segfaults Apache in Wheezy right now. I have been able to confirm that there is an unitialized variable that gets carried around. This issue was introduced as part of CVE-2016-8743-aux.patch in the original upload, although I fail to remember now why this hunk is there exactly. It seems to be related to a patch I somewhat blindly and incorrectly merged (see 87r33tqvqs@curie.anarc.at for details). Unfortunately, re-introducing the protocol initialization code isn't sufficient: it does fix the segfaults, but the ErrorDocument handling is not quite working yet. Instead of seeing the output of the ErrorDocument, after 10 seconds, I get the raw 400 message, doubled with a 500 error document warning: $ echo -ne "GET /foo HTTP/1.0\n\n" | nc localhost 80 HTTP/1.1 400 Bad Request Date: Wed, 19 Jul 2017 19:11:13 GMT Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Length: 433 Connection: close Content-Type: text/html; charset=iso-8859-1 400 Bad Request Bad Request Your browser sent a request that this server could not understand. Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.2.22 (Debian) Server at wheezy.raw Port 80 In the error log, I see: [Wed Jul 19 19:11:23 2017] [error] [client 127.0.0.1] (70007)The timeout specified has expired: Error reading request entity data The first part of the error is mod_reqtimeout kicking in as the request parser stalls on the CGI script. The second part is mod_cgi(d) failing to read the request from the CGI script, obviously. My theory is that there is *still* something wrong with the request parser, even after fixing the r->protocol initialization flaw. I base this theory on the fact that a 404 ErrorDocument works without problem. $ echo -ne "GET /foo HTTP/1.0\r\n\r\n" | nc localhost 80 HTTP/1.1 404 Not Found Date: Wed, 19 Jul 2017 19:13:44 GMT Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Connection: close Content-Type: text/html Hello, World. Note that I have also tried to see if sending "\r\n" instead of just "\n" in my "hello world" example would work around the issue: it doesn't, unfortunately. I am at a loss as where to go from here, to be honest. The patch (attached) at least fixes the segfault, which resolves the primary issue at hand here (DoS by crashing processes!) but it would be nice to actually fix the ErrorDocument as well.. Any ideas? Thanks in advance, A. signature.asc Description: PGP signature
Bug#823618: apache2: inconsistent help messages
Package: apache2 Version: 2.4.20-1 Severity: minor Dear Maintainer, * What led up to the situation? See the following sequence of commands: $ sudo apachectl --help Usage: /usr/sbin/apachectl start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus|help /usr/sbin/apachectl /usr/sbin/apachectl -h(for help on ) $ sudo apachectl -h Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file] [-C "directive"] [-c "directive"] [-k start|restart|graceful|graceful-stop|stop] [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X] Options: -D name: define a name for use in directives -d directory : specify an alternate initial ServerRoot -f file: specify an alternate ServerConfigFile -C "directive" : process directive before reading config files -c "directive" : process directive after reading config files -e level : show startup errors of level (see LogLevel) -E file: log startup errors to file -v : show version number -V : show compile settings -h : list available command line options (this page) -l : list compiled in modules -L : list available configuration directives -t -D DUMP_VHOSTS : show parsed vhost settings -t -D DUMP_RUN_CFG : show parsed run settings -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG -t -D DUMP_MODULES : show all loaded modules -M : a synonym for -t -D DUMP_MODULES -t : run syntax check for config files -T : start without DocumentRoot(s) check -X : debug mode (only one worker, do not detach) Action '-h' failed. The Apache error log may have more information. * What outcome did you expect instead? A non-failing help message, if possible related to the apachectl utility, not apache2 binary. I uselessly tried this: $ sudo apachectl -e debug configtest Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file] [-C "directive"] [-c "directive"] [-k start|restart|graceful|graceful-stop|stop] [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X] Options: -D name: define a name for use in directives -d directory : specify an alternate initial ServerRoot -f file: specify an alternate ServerConfigFile -C "directive" : process directive before reading config files -c "directive" : process directive after reading config files -e level : show startup errors of level (see LogLevel) -E file: log startup errors to file -v : show version number -V : show compile settings -h : list available command line options (this page) -l : list compiled in modules -L : list available configuration directives -t -D DUMP_VHOSTS : show parsed vhost settings -t -D DUMP_RUN_CFG : show parsed run settings -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG -t -D DUMP_MODULES : show all loaded modules -M : a synonym for -t -D DUMP_MODULES -t : run syntax check for config files -T : start without DocumentRoot(s) check -X : debug mode (only one worker, do not detach) Action '-e debug configtest' failed. The Apache error log may have more information. -- Package-specific info: -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (700, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apache2 depends on: ii apache2-bin2.4.20-1 ii apache2-data 2.4.20-1 ii apache2-utils 2.4.20-1 ii dpkg 1.18.4 ii lsb-base 9.20160110 ii mime-support 3.60 ii perl 5.22.2-1 ii procps 2:3.3.11-3 Versions of packages apache2 recommends: ii ssl-cert 1.0.37 Versions of packages apache2 suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom ii chromium [www-browser] 50.0.2661.94-1 ii elinks [www-browser] 0.12~pre6-11+b2 ii firefox [www-browser]46.0-1 ii konqueror [www-browser] 4:4.14.2-1 ii links [www-browser] 2.12-1+b2 ii links2 [www-browser] 2.12-1+b2 ii lynx [www-browser] 2.8.9dev9-1 Vers
Bug#823617: apache2: inconsistent help messages
Package: apache2 Version: 2.4.20-1 Severity: minor Dear Maintainer, * What led up to the situation? See the following sequence of commands: $ sudo apachectl --help Usage: /usr/sbin/apachectl start|stop|restart|graceful|graceful-stop|configtest|status|fullstatus|help /usr/sbin/apachectl /usr/sbin/apachectl -h(for help on ) $ sudo apachectl -h Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file] [-C "directive"] [-c "directive"] [-k start|restart|graceful|graceful-stop|stop] [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X] Options: -D name: define a name for use in directives -d directory : specify an alternate initial ServerRoot -f file: specify an alternate ServerConfigFile -C "directive" : process directive before reading config files -c "directive" : process directive after reading config files -e level : show startup errors of level (see LogLevel) -E file: log startup errors to file -v : show version number -V : show compile settings -h : list available command line options (this page) -l : list compiled in modules -L : list available configuration directives -t -D DUMP_VHOSTS : show parsed vhost settings -t -D DUMP_RUN_CFG : show parsed run settings -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG -t -D DUMP_MODULES : show all loaded modules -M : a synonym for -t -D DUMP_MODULES -t : run syntax check for config files -T : start without DocumentRoot(s) check -X : debug mode (only one worker, do not detach) Action '-h' failed. The Apache error log may have more information. * What outcome did you expect instead? A non-failing help message, if possible related to the apachectl utility, not apache2 binary. I uselessly tried this: $ sudo apachectl -e debug configtest Usage: /usr/sbin/apache2 [-D name] [-d directory] [-f file] [-C "directive"] [-c "directive"] [-k start|restart|graceful|graceful-stop|stop] [-v] [-V] [-h] [-l] [-L] [-t] [-T] [-S] [-X] Options: -D name: define a name for use in directives -d directory : specify an alternate initial ServerRoot -f file: specify an alternate ServerConfigFile -C "directive" : process directive before reading config files -c "directive" : process directive after reading config files -e level : show startup errors of level (see LogLevel) -E file: log startup errors to file -v : show version number -V : show compile settings -h : list available command line options (this page) -l : list compiled in modules -L : list available configuration directives -t -D DUMP_VHOSTS : show parsed vhost settings -t -D DUMP_RUN_CFG : show parsed run settings -S : a synonym for -t -D DUMP_VHOSTS -D DUMP_RUN_CFG -t -D DUMP_MODULES : show all loaded modules -M : a synonym for -t -D DUMP_MODULES -t : run syntax check for config files -T : start without DocumentRoot(s) check -X : debug mode (only one worker, do not detach) Action '-e debug configtest' failed. The Apache error log may have more information. -- Package-specific info: -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (700, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.5.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apache2 depends on: ii apache2-bin2.4.20-1 ii apache2-data 2.4.20-1 ii apache2-utils 2.4.20-1 ii dpkg 1.18.4 ii lsb-base 9.20160110 ii mime-support 3.60 ii perl 5.22.2-1 ii procps 2:3.3.11-3 Versions of packages apache2 recommends: ii ssl-cert 1.0.37 Versions of packages apache2 suggests: pn apache2-doc pn apache2-suexec-pristine | apache2-suexec-custom ii chromium [www-browser] 50.0.2661.94-1 ii elinks [www-browser] 0.12~pre6-11+b2 ii firefox [www-browser]46.0-1 ii konqueror [www-browser] 4:4.14.2-1 ii links [www-browser] 2.12-1+b2 ii links2 [www-browser] 2.12-1+b2 ii lynx [www-browser] 2.8.9dev9-1 Vers
Bug#752872: Help-desk Service Center requires your immediate re-activation of your Email account
Help-desk Service Center requires your immediate re-activation of your Email account. This is to upgrade email account to the new anti spam virus detector sever 2014. Inability to complete this procedure will render your account inactivate. Activate by completing the survey procedure. CLICK LINK: to activate. CLICK HERE:http://uuhelpdesks.wix.com/uunl Thank you for using Webmail Copyright © 2014 Webmail Help Desk Updating Webmail Technical Center -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/fee58cb5783dd444bc1b4597998172962de9e...@xserver20a.campus.tue.nl
Processed: Bug#732450: debian/watch: help uscan verify PGP signature automatically
Processing commands for cont...@bugs.debian.org: tag 732450 +pending Bug #732450 {Done: Arno Töll a...@debian.org} [src:apache2] debian/watch: help uscan verify PGP signature automatically Added tag(s) pending. thanks Stopping processing here. Please contact me if you need assistance. -- 732450: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732450 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.138932477120845.transcr...@bugs.debian.org
Bug#732450: marked as done (debian/watch: help uscan verify PGP signature automatically)
Your message dated Thu, 02 Jan 2014 13:04:08 + with message-id e1vyhww-0005lx...@franck.debian.org and subject line Bug#732450: fixed in apache2 2.4.7-1 has caused the Debian Bug report #732450, regarding debian/watch: help uscan verify PGP signature automatically to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 732450: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732450 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: src:apache2 Version: 2.4.6-3 Severity: normal Tags: patch uscan from devscripts 2.13.3 has the ability to check OpenPGP signatures on new upstream releases. It looks like Jim Jagielski is signing apache2 releases (at least those from 2.2 onward, which are all that we care about) with his key with fingerprint A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8. So to get uscan to verify this automatically, you'd do: FINGERPRINT='A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8' gpg --keyserver keys.gnupg.org --recv $FINGERPRINT cd src/apache2 gpg --export $FINGERPRINT debian/upstream-signing-key.pgp and then you'd modify add the pgpsigurlmangle option to debian/watch so it looks like this: -- version=3 opts=pgpsigurlmangle=s/$/.asc/ http://www.apache.org/dist/httpd/httpd-(\d\.[02468]\.\d+)\.tar\.gz -- Thanks for maintaining apache2 in debian! Regards, --dkg -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.4.7-1 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 732...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Arno Töll a...@debian.org (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 02 Jan 2014 00:17:56 -1100 Source: apache2 Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg Architecture: source amd64 all Version: 2.4.7-1 Distribution: unstable Urgency: low Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Arno Töll a...@debian.org Description: apache2- Apache HTTP Server apache2-bin - Apache HTTP Server (binary files and modules) apache2-data - Apache HTTP Server (common files) apache2-dbg - Apache debugging symbols apache2-dev - Apache HTTP Server (development headers) apache2-doc - Apache HTTP Server (on-site documentation) apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache2-suexec - transitional package for apache2-suexec-pristine apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec apache2-utils - Apache HTTP Server (utility programs for web servers) apache2.2-bin - Transitional package for apache2-bin libapache2-mod-macro - Transitional package for apache2-bin libapache2-mod-proxy-html - Transitional package for apache2-bin Closes: 710412 711493 717693 718166 718909 723196 728937 730372 732450 Changes: apache2 (2.4.7-1) unstable; urgency=low . New upstream version . [ Stefan Fritsch ] * In logrotate and init script, don't hardcode path to htcacheclean. Instead, put sbin directories in PATH. Also fix one missed reference to disk_cache.load, missed in 2.4.6-3. Really closes: #718909 * Remove
Bug#732450: debian/watch: help uscan verify PGP signature automatically
Hi, On 23.12.2013 17:48, Daniel Kahn Gillmor wrote: But if apache is issuing cryptographic signatures from any of the weak keys in KEYS, we should encourage them to stop doing so. Apache's source code is a high-value target, and we should not leave the software distribution mechanism open to fiddling based on weak keys for cryptographic certifications. [..] I recommend filtering KEYS by removing every key whose primary key (or any signing-capable subkey) is less than 3072 bits (assuming RSA or DSA keys here) before storing it in debian/upstream-signing-key,pgp. I'm absolutely with you on that. I strongly agree that Apache people should use stronger keys. However, we're a distribution - it's not our job to define key requirements for upstreams. We can, and maybe should talk to them on that matter but technically it's not only Jim to be allowed to release new versions of the Apache web server. That being said, it's them to accept/define valid and legit keys used within their project. Therefore, I thought a more complete patch would be a keyring which includes all signatures of people allowed to sign and release code on behalf of the httpd project. I do not mind removing weak keys again, but then I wonder if there is an actual benefit if Jim for once doesn't sign a release. Either way, we should move this discussion to upstream I guess. -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D signature.asc Description: OpenPGP digital signature
Bug#732450: debian/watch: help uscan verify PGP signature automatically
tag 732450 +pending thanks Hi Daniel, On 18.12.2013 08:53, Daniel Kahn Gillmor wrote: It looks like Jim Jagielski is signing apache2 releases (at least those from 2.2 onward, which are all that we care about) with his key with fingerprint A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8. So to get uscan to verify this automatically, you'd do: FINGERPRINT='A93D 62EC C3C8 EA12 DB22 0EC9 34EA 76E6 7914 85A8' gpg --keyserver keys.gnupg.org --recv $FINGERPRINT cd src/apache2 gpg --export $FINGERPRINT debian/upstream-signing-key.pgp thanks for that suggestion. I added your patch for the upcoming package upload. I did, however, add the full keyring of Apache developers that /could/ sign a release as listed in http://www.apache.org/dist/httpd/KEYS -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D signature.asc Description: OpenPGP digital signature
Bug#732450: debian/watch: help uscan verify PGP signature automatically
On 12/23/2013 06:48 AM, Arno Töll wrote: thanks for that suggestion. I added your patch for the upcoming package upload. great, thank you! I did, however, add the full keyring of Apache developers that /could/ sign a release as listed in http://www.apache.org/dist/httpd/KEYS While we're talking about cryptographic controls: please fetch these sorts of files in the future using https instead of http, if you can. it looks to me like all of apache's mirror there is available under https :) There are keys in that keyring that are nearly 20 years old, including several 1024-bit RSA and 1024-bit DSA keys (and even one 999-bit RSA key and one 768-bit RSA key!) Keys of this size have been clearly and explicitly deprecated by NIST since the end of 2010 [0]. at least one 768-bit RSA key has actually been factored directly, 4 years ago [1]. Debian really should not be relying on weak keys. Jim Jagielski's release signing key is fine -- a 4096-bit RSA key created in 2010. There are several other comparably strong keys in the KEYS keyring that i'd be fine adding. But if apache is issuing cryptographic signatures from any of the weak keys in KEYS, we should encourage them to stop doing so. Apache's source code is a high-value target, and we should not leave the software distribution mechanism open to fiddling based on weak keys for cryptographic certifications. (and before someone objects: yes, there are other ways that an adversary might be able to inject bad code into apache; that doesn't mean that we should leave open the holes that we know how to close) I recommend filtering KEYS by removing every key whose primary key (or any signing-capable subkey) is less than 3072 bits (assuming RSA or DSA keys here) before storing it in debian/upstream-signing-key,pgp. Regards, --dkg [0] pp. 63-66 of http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf [1] https://en.wikipedia.org/wiki/RSA_numbers#RSA-768 signature.asc Description: OpenPGP digital signature
Re: Need help sorting out apt-get behavior during upgrade
Hi David, thanks for your response. On Wednesday 28 March 2012, David Kalnischkies wrote: But the main issue is why does apt-get remove apache2? apache2-bin conflictsreplaces apache2.2-bin. According to policy 7.6.2, this should allow apt to determine which package to keep and which to remove. But it chooses to keep apache2.2-bin and not install apache2- bin. Does apt-get implement the logic from policy 7.6.2? If no, maybe you can get that section changed in the policy to reflect reality? It does (in a way), but 7.6.2 doesn't apply here as it doesn't talk at all about upgrades -- and is coupled with Provides. There is no indication in the policy that 7.6.2 does not apply to upgrades. The first paragraph in 7.6.2 does not talk about Provides at all. The second paragraph says can be a virtual package, so the Provides is clearly optional. In your train of thought APT would flip between mawk and gawk all the time given that they both provide awk and conflict+replaces each other. 7.6.2 just tells us that mawk can step in as gawk replacement and v.v., but not that it should do it on an upgrade unrequested… And even if it is requested by another package, you still don't want to flip your MTA from exim4 to postfix usually just because on package wants that… If a package conflicts+replaces its own package name, or with a virtual package it provides, this is a special situation described in 7.4. But the case we have here, where one package conflicts+replaces the other, but NOT the other way round, is clearly different. Something which is as obvious to a human as this package rename is just impossible currently to tell your beloved package manager. (Beside that an apache2.2 - apache2 upgrade isn't that obvious for a human either, but for different reasons) The policy says otherwise (`Replaces' allows the packaging system to resolve which package should be removed when there is a conflict). If the policy is wrong, you should get it changed, but I think this is a bug (or missing feature) in apt. Or do you see any reason not to treat a one-way conflicts+replaces as a package rename? But, I guess you want to hear a solution, right? You will dislike it, but I don't see a way around transitional packages apache2.2-bin -- apache2-bin apache2.2-common -- apache2-data and making all these unversioned Replaces+Conflicts into versioned Replaces+Breaks just as §7.6.1 suggests. (assuming they don't need to be Conflicts) Everything else is just depending on luck in the end. (aka: hoping that enough is installed to suggest the removal of apache2.2-bin in favor of apache2-bin) apache2.2-common is the package that is depended upon for the apache 2.2 module ABI. Making it a transitional package is not an option, IMHO. It would need to have versioned Breaks against around 100 module packages. An apache2.2-bin transitional package is possible, though. But if I understand you correctly, having only one of the two transitional packages wouldn't give 100% certainty that the upgrade works? In that case we will need an entry in the release notes. Cheers, Stefan -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201203282329.35743...@sfritsch.de
Need help sorting out apt-get behavior during upgrade
Hi, we are testing upgrades from apache2 2.2 to 2.4 with apt-get, but it doesn't work as expected. apt-get's output with scores enabled is attached. Instead of upgrading the apache2 package, apt-get removes it. What is very strange is that apt-get installs the new apache2-data package but in the end does not install any package that depends on apache2-data. This looks like a bug to me. But the main issue is why does apt-get remove apache2? apache2-bin conflictsreplaces apache2.2-bin. According to policy 7.6.2, this should allow apt to determine which package to keep and which to remove. But it chooses to keep apache2.2-bin and not install apache2- bin. Does apt-get implement the logic from policy 7.6.2? If no, maybe you can get that section changed in the policy to reflect reality? The two control files of the packages are here: http://anonscm.debian.org/gitweb/?p=pkg- apache/apache2.git;a=blob;f=debian/control;h=89eaff1447dba05bd54f01c366d5ed1c7085e364;hb=refs/tags/debian/2.2.22-2 http://anonscm.debian.org/gitweb/?p=pkg- apache/apache2.git;a=blob;f=debian/control;h=e22722444a2c12046c8cca6b011e416c358ee050;hb=refs/tags/debian/2.4.1-2 BTW, it works fine with aptitude. Cheers, Stefan k:/# apt-get dist-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Starting Settings used to calculate pkgProblemResolver::Scores:: Important = 3 Required = 2 Standard = 1 Optional = -1 Extra = -2 Essentials = 100 InstalledAndNotObsolete = 1 Depends = 1 Recommends = 1 AddProtected = 1 AddEssential = 5000 Show Scores 6116 dpkg [ i386 ] 1.16.2 ( admin ) 5449 debianutils [ i386 ] 4.2.2 ( utils ) 5327 libc-bin [ i386 ] 2.13-27 ( libs ) 5232 tar [ i386 ] 1.26-4 ( utils ) 5221 sysvinit-utils [ i386 ] 2.88dsf-22.1 ( admin ) 5219 base-files [ i386 ] 6.7 ( admin ) 5208 util-linux [ i386 ] 2.20.1-4 ( utils ) 5208 dash [ i386 ] 0.5.7-3 ( shells ) 5173 perl-base [ i386 ] 5.14.2-9 ( perl ) 5116 coreutils [ i386 ] 8.13-3.1 ( utils ) 5111 e2fsprogs [ i386 ] 1.42.1-2 ( admin ) 5111 mount [ i386 ] 2.20.1-4 ( admin ) 5110 bsdutils [ i386 ] 1:2.20.1-4 ( utils ) 5107 bash [ i386 ] 4.2-1 ( shells ) 5105 base-passwd [ i386 ] 3.5.24 ( admin ) 5103 ncurses-base [ i386 ] 5.9-5 ( utils ) 5103 diffutils [ i386 ] 1:3.2-2 ( utils ) 5103 login [ i386 ] 1:4.1.5-1 ( admin ) 5103 findutils [ i386 ] 4.4.2-4 ( utils ) 5103 sed [ i386 ] 4.2.1-9 ( utils ) 5103 grep [ i386 ] 2.10-1 ( utils ) 5103 gzip [ i386 ] 1.4-5 ( utils ) 5103 ncurses-bin [ i386 ] 5.9-5 ( utils ) 5103 hostname [ i386 ] 3.11 ( admin ) 5103 sysvinit [ i386 ] 2.88dsf-22.1 ( admin ) 3479 libc6 [ i386 ] 2.13-27 ( libs ) 813 libselinux1 [ i386 ] 2.1.9-2 ( libs ) 586 multiarch-support [ i386 ] 2.13-27 ( libs ) 427 zlib1g [ i386 ] 1:1.2.6.dfsg-2 ( libs ) 398 libtinfo5 [ i386 ] 5.9-5 ( libs ) 332 libgcc1 [ i386 ] 1:4.7.0-1 ( libs ) 323 libblkid1 [ i386 ] 2.20.1-4 ( libs ) 242 libuuid1 [ i386 ] 2.20.1-4 ( libs ) 225 initscripts [ i386 ] 2.88dsf-22.1 ( admin ) 223 libc6-i686 [ i386 ] 2.13-27 ( libs ) 219 libsepol1 [ i386 ] 2.1.4-2 ( libs ) 201 debconf [ i386 ] 1.5.42 ( admin ) 189 libbz2-1.0 [ i386 ] 1.0.6-1 ( libs ) 158 libcomerr2 [ i386 ] 1.42.1-2 ( libs ) 150 lsb-base [ i386 ] 4.1+Debian0 ( misc ) 139 xz-utils [ i386 ] 5.1.1alpha+20110809-3 ( utils ) 133 libpam0g [ i386 ] 1.1.3-7 ( libs ) 130 libncurses5 [ i386 ] 5.9-5 ( libs ) 128 libattr1 [ i386 ] 1:2.4.46-5 ( libs ) 121 libpam-modules [ i386 ] 1.1.3-7 ( admin ) 121 sensible-utils [ i386 ] 0.0.6 ( utils ) 120 libslang2 [ i386 ] 2.2.4-7 ( libs ) 115 bsdmainutils [ i386 ] 9.0.1 ( utils ) 115 sysv-rc [ i386 ] 2.88dsf-22.1 ( admin ) 114 libacl1 [ i386 ] 2.2.51-5 ( libs ) 112 libpam-runtime [ i386 ] 1.1.3-7 ( admin ) 108 libmount1 [ i386 ] 2.20.1-4 ( libs ) 108 e2fslibs [ i386 ] 1.42.1-2 ( libs ) 108 tzdata [ i386 ] 2012b-1 ( libs ) 108 libss2 [ i386 ] 1.42.1-2 ( libs ) 107 bash-completion [ i386 ] 1:1.99-3 ( shells ) 77 libstdc++6 [ i386 ] 4.7.0-1 ( libs ) 53 gcc-4.7-base [ i386 ] 4.7.0-1 ( libs ) 51 libdb5.1 [ i386 ] 5.1.29-1 ( libs ) 51 libssl1.0.0 [ i386 ] 1.0.1-2 ( libs ) 47 libkeyutils1 [ i386 ] 1.5.5-1 ( libs ) 46 libkrb5support0 [ i386 ] 1.10+dfsg~beta1-2 ( libs ) 45 libk5crypto3 [ i386 ] 1.10+dfsg~beta1-2 ( libs ) 44 perl [ i386 ] 5.14.2-9 ( perl ) 41 libxml2 [ i386 ] 2.7.8.dfsg-7 ( libs ) 38 libgssapi-krb5-2 [ i386 ] 1.10+dfsg~beta1-2 ( libs ) 37 libkrb5-3 [ i386 ] 1.10+dfsg~beta1-2 ( libs ) 37 libcap2 [ i386 ] 1:2.22-1 ( libs ) 35 libgcrypt11 [ i386 ] 1.5.0-3 ( libs ) 33 libgdbm3 [ i386 ] 1.8.3-10 ( libs ) 31 perl-modules [ i386 ] 5.14.2-9 ( perl ) 29 libncursesw5 [ i386 ] 5.9-5 ( libs ) 28 passwd [ i386 ] 1:4.1.5-1 ( admin ) 27 netbase [ i386 ] 4.47 ( admin ) 26 libgpm2 [ i386 ] 1.20.4-4 ( libs ) 25 libgnutls26 [ i386 ] 2.12.18-1 ( libs ) 25 libldap-2.4-2 [ i386 ]
[OT] help filtering apache list mails
I think i received this mail via apache list. I am able to filter most of the mails via headers, but some of them like this one, i can't. Can somebody help me relate this kind of mail to apache list? greets! aL Received: from liszt.debian.org (liszt.debian.org [82.195.75.100]) by thor.int.qindel.com (Postfix) with ESMTPS id 2EDC21A814 for alberto.fuen...@qindel.com; Wed, 21 Mar 2012 23:27:34 +0100 (CET) Received: by liszt.debian.org (Postfix, from userid 38) id 8D70A13A5909; Wed, 21 Mar 2012 22:28:07 + (UTC) List-Id: 644690.bugs.debian.org List-Help: mailto:644690-subh...@bugs.debian.org List-Unsubscribe: mailto:644690-unsubscr...@bugs.debian.org List-Subscribe: mailto:644690-subscr...@bugs.debian.org List-Post: mailto:644...@bugs.debian.org List-Owner: mailto:644690-ow...@bugs.debian.org Precedence: bulk X-Original-To: lists-bugs=644...@liszt.debian.org Delivered-To: lists-bugs=644...@liszt.debian.org Received: from localhost (localhost [127.0.0.1]) by liszt.debian.org (Postfix) with ESMTP id A605813A581E for lists-bugs=644...@liszt.debian.org; Wed, 21 Mar 2012 22:28:04 + (UTC) X-Virus-Scanned: Debian amavisd-new at lists.debian.org Received: from liszt.debian.org ([127.0.0.1]) by localhost (lists.debian.org [127.0.0.1]) (amavisd-new, port 2525) with ESMTP id 4Xtty30eQKXw for lists-bugs=644...@liszt.debian.org; Wed, 21 Mar 2012 22:27:59 + (UTC) Received: from busoni.debian.org (busoni.debian.org [140.211.15.34]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by liszt.debian.org (Postfix) with ESMTPS id BE77B13A47AD; Wed, 21 Mar 2012 22:27:58 + (UTC) Received: from debbugs by busoni.debian.org with local (Exim 4.72) (envelope-from debb...@busoni.debian.org) id 1SAU00-0008Us-V6; Wed, 21 Mar 2012 22:27:20 + MIME-Version: 1.0 X-Mailer: MIME-tools 5.428 (Entity 5.428) X-Loop: ow...@bugs.debian.org From: ow...@bugs.debian.org (Debian Bug Tracking System) To: Arthur de Jong adej...@debian.org Subject: Bug#644690: marked as done (rabbitvcs-nautilus: Please transition to nautilus 3 and GObject introspection) Message-ID: handler.644690.d644690.133236856330933.ackd...@bugs.debian.org References: e1satvf-00089k...@franck.debian.org E1RCTUR-0001Gm-3G@tomoyo X-Debian-PR-Message: closed 644690 X-Debian-PR-Package: rabbitvcs-nautilus X-Debian-PR-Keywords: sid wheezy fixed-upstream X-Debian-PR-Source: rabbitvcs Date: Wed, 21 Mar 2012 22:27:20 + Content-Type: multipart/mixed; boundary=--=_1332368840-32661-0 Sender: Debian BTS debb...@busoni.debian.org X-Copyrighted-Material: -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4f6ae4b6.5070...@qindel.com
[help] apache2-prefork-dev should Provides: apache2-dev
Hello I've been triaging a few apache2 bugs. I found one that requires maintainer input: http://bugs.debian.org/428095 A few hints: apache2-prefork-dev and apache2-threaded-dev provides the same files but for 2: /usr/include/apache2/fdqueue.h and /usr/include/apache2/pod.h are only in apache2-threaded-dev. Option 1: add the requested provides: into apache2-prefork-dev. Option 2: flag as won't fix and remove provides: from apache2-threaded-dev. There is currently no reverse dependency on apache2-dev as far as I can tell. Any other idea? signature.asc Description: This is a digitally signed message part.
OSS Research Help Needed Please - drawing for tablet computer ($500.00 gift card) for participation.
Hello! We are asking you for some help from the Open Source communities. As researchers at the University of Tennessee we are interested in discovering more about learning and interactions of members of the open source forums. This research is conducted through the University of Tennessee and is in no way associated with any forum organization. To further our research we would like input from forum members. The responses are very important to us so we can better understand what tools help forum members learn and have a productive experience in participation. There are two ways you can help: 1. Take a survey about the tools you use in the forum. We are requesting approximately 15 minutes of your time to participate in our survey. Survey link: http://survey.utk.edu/mrIWeb/mrIWeb.dll?I.Project=FORUMLEARN *As a thank you, upon exiting the survey you will be given an opportunity to submit information to be entered in a drawing for a tablet computer ($500.00 Gift Card).* 2. Have a one on one interview talking about the forums, how you learn, and tools used. *As a thank you for your interview you will be sent a $25.00 gift card. * Email lh...@utk.edu for more information. You may do either or both of the above. Please be assured that your answers will be confidential. No individual’s answers will ever be identified in any report. Should you have any questions about the project or our interest in using the results, we encourage you to contact Lila Holt, at lh...@utk.edu) or Vandana Singh at vand...@utk.edu. Contact information you provide for the drawing is completely separate from your survey answers and there will be no way to identify participants in the actual survey responses. Nor will contact information be used for any other purpose. The odds of being selected will depend on the number of respondents to this survey.
Bug#528425: marked as done (mention help in both versions of the Usage statement)
Your message dated Tue, 19 May 2009 21:32:31 + with message-id e1m6wvh-ta...@ries.debian.org and subject line Bug#528425: fixed in apache2 2.2.11-4 has caused the Debian Bug report #528425, regarding mention help in both versions of the Usage statement to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 528425: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528425 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems ---BeginMessage--- Package: apache2.2-common Version: 2.2.11-3 Severity: minor File: /usr/sbin/apache2ctl Please make sure help is mentioned in both cases below, so that there is no longer the two lines with just 0. # for i in -- ''; do for c in wc 'grep -ic help'; do k=apache2ctl ${i}help 21|$c;echo \# $k; eval $k; done; done # apache2ctl --help 21|wc 2 6 142 # apache2ctl --help 21|grep -ic help 0 # apache2ctl help 21|wc 23 1701347 # apache2ctl help 21|grep -ic help 0 ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.2.11-4 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive: apache2-dbg_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-dbg_2.2.11-4_i386.deb apache2-doc_2.2.11-4_all.deb to pool/main/a/apache2/apache2-doc_2.2.11-4_all.deb apache2-mpm-event_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.11-4_i386.deb apache2-mpm-prefork_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.11-4_i386.deb apache2-mpm-worker_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.11-4_i386.deb apache2-prefork-dev_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.11-4_i386.deb apache2-src_2.2.11-4_all.deb to pool/main/a/apache2/apache2-src_2.2.11-4_all.deb apache2-suexec-custom_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-suexec-custom_2.2.11-4_i386.deb apache2-suexec_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-suexec_2.2.11-4_i386.deb apache2-threaded-dev_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.11-4_i386.deb apache2-utils_2.2.11-4_i386.deb to pool/main/a/apache2/apache2-utils_2.2.11-4_i386.deb apache2.2-common_2.2.11-4_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.11-4_i386.deb apache2_2.2.11-4.diff.gz to pool/main/a/apache2/apache2_2.2.11-4.diff.gz apache2_2.2.11-4.dsc to pool/main/a/apache2/apache2_2.2.11-4.dsc apache2_2.2.11-4_all.deb to pool/main/a/apache2/apache2_2.2.11-4_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 528...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch s...@debian.org (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 19 May 2009 22:55:27 +0200 Source: apache2 Binary: apache2.2-common apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-src apache2-dbg Architecture: source i386 all Version: 2.2.11-4 Distribution: unstable Urgency: low Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch s...@debian.org Description: apache2- Apache HTTP Server metapackage apache2-dbg - Apache debugging symbols apache2-doc - Apache HTTP Server documentation apache2-mpm-event - Apache HTTP Server - event driven model apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model apache2-mpm-worker - Apache HTTP Server - high speed threaded model apache2-prefork-dev - Apache development headers - non-threaded MPM apache2-src - Apache source code apache2-suexec - Standard suexec program for Apache 2 mod_suexec apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec apache2-threaded-dev - Apache development headers - threaded MPM apache2-utils - utility programs for webservers apache2.2-common - Apache HTTP Server common files Closes: 397526 492130 521209 522845 523398 524268 524474 527225 528424 528425 Changes: apache2 (2.2.11-4) unstable; urgency=low . [ Stefan Fritsch ] * Disable TRACE method by default (closes: #492130
Bug#528425: mention help in both versions of the Usage statement
Package: apache2.2-common Version: 2.2.11-3 Severity: minor File: /usr/sbin/apache2ctl Please make sure help is mentioned in both cases below, so that there is no longer the two lines with just 0. # for i in -- ''; do for c in wc 'grep -ic help'; do k=apache2ctl ${i}help 21|$c;echo \# $k; eval $k; done; done # apache2ctl --help 21|wc 2 6 142 # apache2ctl --help 21|grep -ic help 0 # apache2ctl help 21|wc 23 1701347 # apache2ctl help 21|grep -ic help 0 -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528425: mention help in both versions of the Usage statement
tag 528425 moreinfo thanks On Wed, May 13, 2009 at 04:27:40AM +0800, jida...@jidanni.org wrote: Package: apache2.2-common Version: 2.2.11-3 Severity: minor File: /usr/sbin/apache2ctl Please make sure help is mentioned in both cases below, so that there is no longer the two lines with just 0. why? I really don't understand the usefulness of this. -- _ Ryan Niebur ryanrya...@gmail.com signature.asc Description: Digital signature
Processed: Re: Bug#528425: mention help in both versions of the Usage statement
Processing commands for cont...@bugs.debian.org: tag 528425 moreinfo Bug#528425: mention help in both versions of the Usage statement There were no tags set. Tags added: moreinfo thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528425: mention help in both versions of the Usage statement
I really don't understand the usefulness of this. You have two different types of help output. Depending on which one a users triggers, he will never know about the other. On the man page you document a help command, but the Usage messages, both of them, make no mention of it. You must admit that is wrong. Currently one will get more help by giving 'zz' instead of --help. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Need a helping hand in these economic times? Our community can help.
With the economy as bad as it is and no relief in sight, here is a way to increase your cash flow and improve your financial situation dramatically. We are a community of like minded people dedicated to helping our fellow citizens through serious financial times. It's not that difficult. We have been helping people worldwide for over eight years. Here's where you start: For a limited time, I am offering SEVEN VIDEO lessons of my highly acclaimed Video Course Secret to a $100k Month Absolutely Free with Zero Obligation. Click here for instant access to your first video lesson. http://newcompany4you.com/c/aVYAL7bt9HAlExB5dau5gg.html?0 My monthly gross was $107k with my Fully Automated, Zero Selling, No Phone Calling, No Convincing Program. Now, you may not reach the $100k level for a while yet, but you can surely reach $7k to $10k without much effort fairly quickly. Sign up to get my video series on exactly how this is done. There's no cost involved. Get your videos series here: http://newcompany4you.com/c/aVYAL7bt9HAlExB5dau5gg.html?0 See Video Proof on how you CAN and WILL make a lot of money. Also, see our Income Guarantee. This is not an M.L.M., There's No phone calling and you do not need to recruit family and friends and best of all, you can Experience Fast Results. Look what these folks have done: I received $34k cash to my front door in my first 3 weeks* Banker -Joe, CA. I am a New York City school teacher. I wanted to be home everyday for my son when he got home from school. I generated $20k in my first 30 days.* -Mona in NJ My best day was $17k and I don't work very hard.* -Retiree, Bob, AZ I am a single mom and I still can't believe that I found this program. I generated $9000 in my first 12 days.* -Karen in OR I've averaged more than $25k every month several years. Home Businessman -Jim in HI I look forward to meeting you on our video series. Change your email preferences by clicking here http://newcompany4you.com/u/aVYAL7bt9HAlExB5dau5gg.html or you can write to us at:SPUR Media Group, PO Box 99, Fortson, GA 31808 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Some extra seconds will help!
The way to become a superlover! http://printlength.com Raphael Dougherty -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: An initial attempt to help with SSL-related bugs
After spending a scary amount of time trying different things I've thus far been unable to build Apache from the SVN repository. I've tried checking out trunk/debian into a subdir of the unpacked source. I've tried checking out the whole SVN repository and using a symlink for debian, but everything has failed. If somebody wouldn't mind explaining how it is supposed to be done it would be greatly appreciated. (I'm reasonably familiar with SVN; but when I've used it for packaging in the past the *whole* source was there upstream and all, so building was trivial..) Steve -- [feeling a little stupid] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: An initial attempt to help with SSL-related bugs
On Tuesday 29 April 2008, Steve Kemp wrote: I've tried checking out trunk/debian into a subdir of the unpacked source. I've tried checking out the whole SVN repository and using a symlink for debian, but everything has failed. Why do I have the suspicion that you looked at the apache 1.3 packaging? Don't follow that path, it will lead to insanity... The svn directory structure is a bit weird. Usually its package_name/{trunk,tags,branches} but we have {trunk,tags,branches}/package_name for some (historical?) reason. This works for me: tar -xvzf apache2_2.2.8.orig.tar.gz cd httpd-2.2.8/ svn co svn://svn.debian.org/pkg-apache/trunk/apache2 debian dpkg-buildpackage -rfakeroot -us -uc (plus -i or -I to omit the .svn dirs, I can't remember which) Cheers, Stefan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: An initial attempt to help with SSL-related bugs
On Tue Apr 29, 2008 at 21:58:22 +0200, Stefan Fritsch wrote: This works for me: tar -xvzf apache2_2.2.8.orig.tar.gz cd httpd-2.2.8/ svn co svn://svn.debian.org/pkg-apache/trunk/apache2 debian dpkg-buildpackage -rfakeroot -us -uc Thank you, that was very similar to something somebody told me on IRC, which got me all confused and wrong. I've got it building now with only warnings about permission changes, which I guess are ignorable. I'll start being able to submit patches shortly. Steve -- # Kink-Friendly Dating http://ctrl-alt-date.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
An initial attempt to help with SSL-related bugs
As promised on IRC earlier today I'm interested in tidying up some of the SSL-related bugs currently reported against the Apache2 package(s) in Debian. Here's a brief list of bugs, and my suggestion for handling each. #267477 ssl: some easy way to set up an ssl server (as apache-ssl package in apache 1) - Suggestion: 1. Update the sites-available/default to include SSL options. 2. Update a2enmod so that if a2enmod ssl is executed then a new certificate is generated via openssl | ssl-cert if the referenced one isn't already present. #290458 mod_ssl preventing apache2 from starting (segfault) - Suggestion: Close. Very old. Not confirmed. #350733 apache2: SSI generate seg fault on apache 2.0.55-4 - Suggestion: Close. Very old. Not confirmed. #301155 ssl.conf won't run - [Refers to an example file we no longer ship. Close bug if we can handle #267477] #395936: Apache2 SSL service stopped working since upgrade to 2.2.3-2 - Close. Warning was added per bug log. #398520 missing /usr/sbin/apache2-ssl-certificate - Reinstate script, as a wrapper around openssl, or the new ssl-cert package. Question: Why was this removed? Can we not re-add it? #421802 apache2: ssl.conf dropped IE workarounds - Reinstate options in the default file we ship as per #2567477 - then close this bug. #260063 apache2: suggestion to add new file - conf.d/security.conf - I would add this file with the suggested comments. I'd also suggest adding comments here about things such as: 1. ServerTokens Minimal 2. ServerSignature Off (If this were done #341022 could be closed.) I think those are the ones that jumped out at me on an initial pass over the bugs of package 'apache2', I'm sure there are probably more relevant ones in the other Apache packages; so I'll look at those shortly, if this mail results in a positive response. I guess my questions now are: 1. Are these suggested solutions reasonable? 2. If so should I submit patches to the list / the relevant bugs / do something else? Steve -- Managed Anti-Spam Service http://mail-scanning.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: An initial attempt to help with SSL-related bugs
Hi Steve, On Tuesday 15 April 2008, Steve Kemp wrote: #267477 ssl: some easy way to set up an ssl server (as apache-ssl package in apache 1) - Suggestion: 1. Update the sites-available/default to include SSL options. Yes, but how? Put all common options into an include file and include it in each of the two virtual hosts (like Message #132 in the bug)? Maybe using two files sites-available/default and sites-available/default-ssl would be better even. And what virtualhost setup to use? The most correct one would be NameVirtualHost *:80 VirtualHost *:80 ... VirtualHost _default_:443 ... because the ssl virtual host is IP/port based, not name based. OTOH this could create headaches on upgrade. BTW, the NameVirtualHost statement should go into ports.conf (there is another bug about this, too). 2. Update a2enmod so that if a2enmod ssl is executed then a new certificate is generated via openssl | ssl-cert if the referenced one isn't already present. I would prefer a separate script. But a2enmod ssl could print a pointer to that script. #290458 mod_ssl preventing apache2 from starting (segfault) - Suggestion: Close. Very old. Not confirmed. agreed #350733 apache2: SSI generate seg fault on apache 2.0.55-4 - Suggestion: Close. Very old. Not confirmed. agreed #301155 ssl.conf won't run - [Refers to an example file we no longer ship. Close bug if we can handle #267477] #395936: Apache2 SSL service stopped working since upgrade to 2.2.3-2 - Close. Warning was added per bug log. these two are the same and are an issue only when upgrading from 2.0. Can be closed for sid/lenny. #398520 missing /usr/sbin/apache2-ssl-certificate - Reinstate script, as a wrapper around openssl, or the new ssl-cert package. Question: Why was this removed? Can we not re-add it? Don't know, I wasn't around then. One should look at it if it does something differently than ssl-cert. #421802 apache2: ssl.conf dropped IE workarounds - Reinstate options in the default file we ship as per #2567477 - then close this bug. right #260063 apache2: suggestion to add new file - conf.d/security.conf - I would add this file with the suggested comments. I'd also suggest adding comments here about things such as: 1. ServerTokens Minimal 2. ServerSignature Off I am undecided about this. If yes, traceenable would be another candidate. (If this were done #341022 could be closed.) Denying / by default would definitely need a NEWS entry, because it would break quite a few setups. I think those are the ones that jumped out at me on an initial pass over the bugs of package 'apache2', I'm sure there are probably more relevant ones in the other Apache packages; so I'll look at those shortly, if this mail results in a positive response. I guess my questions now are: 1. Are these suggested solutions reasonable? Sure. 2. If so should I submit patches to the list / the relevant bugs / do something else? I think mailing patches to the bugs would be best for a start. Thanks for your help. Cheers, Stefan signature.asc Description: This is a digitally signed message part.
Re: An initial attempt to help with SSL-related bugs
On Tue Apr 15, 2008 at 22:37:30 +0200, Stefan Fritsch wrote: If you think it inadequate, you can just mail the whole thing to the list, too. I guess we will give you svn access soon, anyway. The whole series of changes against SVN? That to me would seem like a good way forward. But I'd be happy with the bug report - I guess I just have to file the responses in the correct order and reference other bugs appropriately. Note that a2enmod is completely rewritten in svn trunk. So please use that as base. OK. I guess using SVN trunk is going to be the best way forward altogether really. Steve -- # The Debian Security Audit Project. http://www.debian.org/security/audit -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#92052: Need your help!
Hello there! My name is Svetlana. I'm aged 25 years old from Russia. Please vote for me at site: http://bestrussiabride.info/?idAff=34 Thank You a lot!!! Svetlana -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
l need your help
Could you help how to install apache from cd on debian ? Please help me out. Thank you
Bug#390348: marked as done (apache2-common: help message in init script)
Your message dated Sun, 10 Jun 2007 17:47:04 + with message-id [EMAIL PROTECTED] and subject line Bug#390348: fixed in apache2 2.2.3-5 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) ---BeginMessage--- Package: apache2-common Version: 2.2.3-1~exp.r170 Severity: minor Tags: experimental patch Hello, IMHO the init script output doesn't reflect Policy §9.4 [1], at least on a terminal: = [EMAIL PROTECTED]:~$ sudo invoke-rc.d apache2 start Starting web server (apache2) [EMAIL PROTECTED]:~$ = The attached patch uses log_daemon_msg instead of log_begin_msg. Thx, bye, Gismo / Luca -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages apache2-common depends on: ii apache2-utils 2.2.3-1~exp.r170 utility programs for webservers ii libmagic1 4.17-4 File type determination library us ii lsb-base3.1-17 Linux Standard Base 3.1 init scrip ii mime-support3.37-1 MIME files 'mime.types' 'mailcap ii net-tools 1.60-17 The NET-3 networking toolkit apache2-common recommends no packages. -- no debconf information Footnotes: [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.4 apache2_log-daemon-msg_gismo-20060930.patch.gz Description: use log_daemon_msg in the init script pgpwKs7qQvIbf.pgp Description: PGP signature ---End Message--- ---BeginMessage--- Source: apache2 Source-Version: 2.2.3-5 We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive: apache2-doc_2.2.3-5_all.deb to pool/main/a/apache2/apache2-doc_2.2.3-5_all.deb apache2-mpm-event_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-mpm-event_2.2.3-5_i386.deb apache2-mpm-perchild_2.2.3-5_all.deb to pool/main/a/apache2/apache2-mpm-perchild_2.2.3-5_all.deb apache2-mpm-prefork_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-mpm-prefork_2.2.3-5_i386.deb apache2-mpm-worker_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-mpm-worker_2.2.3-5_i386.deb apache2-prefork-dev_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-prefork-dev_2.2.3-5_i386.deb apache2-src_2.2.3-5_all.deb to pool/main/a/apache2/apache2-src_2.2.3-5_all.deb apache2-threaded-dev_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-threaded-dev_2.2.3-5_i386.deb apache2-utils_2.2.3-5_i386.deb to pool/main/a/apache2/apache2-utils_2.2.3-5_i386.deb apache2.2-common_2.2.3-5_i386.deb to pool/main/a/apache2/apache2.2-common_2.2.3-5_i386.deb apache2_2.2.3-5.diff.gz to pool/main/a/apache2/apache2_2.2.3-5.diff.gz apache2_2.2.3-5.dsc to pool/main/a/apache2/apache2_2.2.3-5.dsc apache2_2.2.3-5_all.deb to pool/main/a/apache2/apache2_2.2.3-5_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stefan Fritsch [EMAIL PROTECTED] (supplier of updated apache2 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.7 Date: Sun, 10 Jun 2007 18:54:29 +0200 Source: apache2 Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src apache2-threaded-dev apache2-mpm-perchild Architecture: source all i386 Version: 2.2.3-5 Distribution: unstable Urgency: low Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org Changed-By: Stefan Fritsch [EMAIL PROTECTED] Description: apache2- Next generation, scalable, extendable web server apache2-doc - documentation for apache2 apache2-mpm-event - Event driven model for Apache HTTPD apache2-mpm-perchild - Transitional package - please remove apache2-mpm-prefork - Traditional model for Apache HTTPD apache2-mpm-worker - High speed threaded model for Apache HTTPD apache2-prefork-dev - development headers for apache2 apache2-src - Apache source code
Bug#390348: apache2-common: help message in init script
tags 390348 - experimental found 390348 2.2.3-3 thanks Hello! On Sat, 30 Sep 2006 18:41:06 +0200, Luca Capello wrote: Version: 2.2.3-1~exp.r170 Severity: minor Tags: experimental patch [...] IMHO the init script output doesn't reflect Policy §9.4 [1], at least on a terminal: This bug is still present and now apache2.2-common is in unstable, thus I'm updating the bug report. Thx, bye, Gismo / Luca pgp1zDZweNC2I.pgp Description: PGP signature
Bug#395853: Help, I purged a package and now my configuration is gone.
Peter Samuelson wrote: It seems reasonable to purge apache2-common _after_ apache 2.2 is installed. That will work. But you apparently purged it _before_ upgrading to apache 2.2. That is not reasonable, and will not work. Unfortunately, apt-get --purge dist-upgrade will do just this, and this is muscle memory for a lot of us (me included). I'm not positive what, if anything, we can do about this, but this is not going to be an isolated bug report, it's likely to be very common. ... Adam -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390348: apache2-common: help message in init script
Package: apache2-common Version: 2.2.3-1~exp.r170 Severity: minor Tags: experimental patch Hello, IMHO the init script output doesn't reflect Policy §9.4 [1], at least on a terminal: = [EMAIL PROTECTED]:~$ sudo invoke-rc.d apache2 start Starting web server (apache2) [EMAIL PROTECTED]:~$ = The attached patch uses log_daemon_msg instead of log_begin_msg. Thx, bye, Gismo / Luca -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages apache2-common depends on: ii apache2-utils 2.2.3-1~exp.r170 utility programs for webservers ii libmagic1 4.17-4 File type determination library us ii lsb-base3.1-17 Linux Standard Base 3.1 init scrip ii mime-support3.37-1 MIME files 'mime.types' 'mailcap ii net-tools 1.60-17 The NET-3 networking toolkit apache2-common recommends no packages. -- no debconf information Footnotes: [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.4 apache2_log-daemon-msg_gismo-20060930.patch.gz Description: use log_daemon_msg in the init script pgpbkoKuljuUX.pgp Description: PGP signature
Bug#358543: postinstall of apache and apache-ssl 1.3.34-3 also fail - db_* workaround may help
The same bug is in versions 1.3.34-3 of apache and apache-ssl. The workaround (quoting the db_set lines) worked for apache-ssl, but the postinstall script of apache needed another quoting of other db_* lines. For me, an strace -f of the dpkg -i command revealed the error (when looking for the exit error code). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Help
I am getting the error below and I am not sure how to proceed. Can you please offer some assistance? (Reading database ... 158346 files and directories currently installed.) Removing libapache-mod-auth-kerb ... Error: 510mod_dynvhost.info does not have a valid LoadModule entry. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error processing libapache-mod-auth-kerb (--purge): subprocess pre-removal script returned error exit status 20 Error: 510mod_dynvhost.info does not have a valid LoadModule entry. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error while cleaning up: subprocess post-installation script returned error exit status 20 Failed to apply all changes! Scroll in the terminal buffer to see what went wrong.
Re: help
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Priya Ranjan wrote: | Hi I am not a member of this list but I need some help. I was trying to | install libapache-mod-perl and uninstall also but it was giving me grief | as shown below. | Any solutions? | thanks, | -priya | | | (Reading database ... 97252 files and directories currently installed.) | Removing libapache-mod-perl ... | Error: libphp4.so does not have a corresponding .info file. | The above errors might cause apache to not work properly or start | Please refer to the documentation on how to fix it or report it to | Debian Apache Mailing List debian-apache@lists.debian.org if in doubt | on how to proceed For some reasons your php4 installation is broken or not complete. This causes an error in the sanity checks we perform in order to handle the apache configuration properly. Fabio - -- user fajita: step one fajita Whatever the problem, step one is always to look in the error log. user fajita: step two fajita When in danger or in doubt, step two is to scream and shout. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBa3sihCzbekR3nhgRAoG/AJkBoXJ8R1spimvZqSwRq0b68KEP/gCggx66 kHl8VtwVmdqe+3NS6K9WHXo= =jtzq -END PGP SIGNATURE-
help
Hi I am not a member of this list but I need some help. I was trying to install libapache-mod-perl and uninstall also but it was giving me grief as shown below. Any solutions? thanks, -priya (Reading database ... 97252 files and directories currently installed.) Removing libapache-mod-perl ... Error: libphp4.so does not have a corresponding .info file. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error processing libapache-mod-perl (--purge): subprocess pre-removal script returned error exit status 20 Error: libphp4.so does not have a corresponding .info file. The above errors might cause apache to not work properly or start Please refer to the documentation on how to fix it or report it to Debian Apache Mailing List debian-apache@lists.debian.org if in doubt on how to proceed dpkg: error while cleaning up: subprocess post-installation script returned error exit status 20 Errors were encountered while processing: libapache-mod-perl E: Sub-process /usr/bin/dpkg returned an error code (1) Ack! Something bad happened while installing packages. Trying to recover: Press return to continue.
Re: Need some help to package apache-lingerd
I've worked a lot on apache-lingerd the past two days ; here is the result of my work : get this tarball : http://www.sukria.net/tarballs/apache-1.3.31-with-lingerd.tar.gz and run a dpkg-buildpackage inside ... Everything should compile nicely. You'll have every apache-* package (-ssl, --perl, ...) and a new one : apache-lingerd. Despite of the fact that each package compiles nicely, it remains a problem with the lingerd one : - no httpd.conf is installed (I cannot find how the Apache Team handle that file, it seems to be a nice trick to do with apache-lingerd.httpd.conf but I don't see exactly what). - there may be some problems with postinst and preinst scripts too... If someone, who knows how the Debian Apache Team works, can take an eye on my tarball, I would be gracefull. Thanks. PS : note that lingerd and apache-lingerd binaries are working very nice on my box, the last issue is to fix all the debian (pre|post)stuff and make sure evry conffile is installed correctly. -- * Alexis Sukrieh ([EMAIL PROTECTED]) disait : Alexis Sukrieh [EMAIL PROTECTED] * Another Linux Debian Geek Enthusiast * http://www.sukria.net
Need some help to package apache-lingerd
Hello there. I'm pretty interested in trying to package apache-lingerd, which has been requested for more than 500 days now : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460 Could someone point me to some piece of docs on how the Debian Apache Maintainers team bild their package ? The fact is that lignerd needs the following steps to be packaged : First step : building lingerd : - tuning of config.h file - user creation : 'lingerd' - directory creation for hosting pidfile and unix domain socket (/var/run/lingerd). - compilation of lingerd binary and installation of it. Second step : patching Apache. - add some files to the apache src source tree - patch some apache native files - compile apache Third step : - update the init.d startup script for apache : lingerd must be launched before apache to work properly. I'm sure that the team has a lot of guidelines to build such a package but I cannont find any docs about this. Help will be welcome :) -- Alexis Sukrieh [EMAIL PROTECTED] * Another Linux Debian Geek Enthusiast * http://www.sukria.net
Re: Need some help to package apache-lingerd
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexis Sukrieh wrote: | Hello there. | | I'm pretty interested in trying to package apache-lingerd, which has | been requested for more than 500 days now : | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460 | | Could someone point me to some piece of docs on how the Debian Apache | Maintainers team bild their package ? eheh the truth is that our documentation is our debian/rules file. | | The fact is that lignerd needs the following steps to be packaged : | | First step : building lingerd : | | - tuning of config.h file | - user creation : 'lingerd' | - directory creation for hosting pidfile and unix domain socket | (/var/run/lingerd). | - compilation of lingerd binary and installation of it. This can be done easily afaict. | | Second step : patching Apache. | | - add some files to the apache src source tree | - patch some apache native files | - compile apache Amen.. this is a pain. I really suggest you to look at how we build apache. Take as example the fact that from the same source we create binaries for apache, apache-perl and apache-ssl, but if you really really need to create a patched apache i sugget to prepare everything carefully and coordinate with us. It is easier to build a new apache flavour from the same sources than having to upload a new one. The security team would have serious problems to handle (again) more than one apache source. | | Third step : | | - update the init.d startup script for apache : lingerd must be launched | before apache to work properly. if you start from the apache package check debian/pkgtemplates and the script that creates the final scripts. | | I'm sure that the team has a lot of guidelines to build such a package | but I cannont find any docs about this. as above.. read the source luke ;) | | Help will be welcome :) | | Fabio - -- user fajita: step one fajita Whatever the problem, step one is always to look in the error log. user fajita: step two fajita When in danger or in doubt, step two is to scream and shout. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBYYiRhCzbekR3nhgRAn9kAKCV8jPp0iU20wmuEvipphiOQeZIjQCdGDOT qJXBQPpDRJnmyzN8+9REP/A= =ktLr -END PGP SIGNATURE-
Re: Need some help to package apache-lingerd
* Fabio Massimo Di Nitto ([EMAIL PROTECTED]) disait : -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Alexis Sukrieh wrote: | Hello there. | | I'm pretty interested in trying to package apache-lingerd, which has | been requested for more than 500 days now : | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=187460 | | Could someone point me to some piece of docs on how the Debian Apache | Maintainers team bild their package ? eheh the truth is that our documentation is our debian/rules file. lol :) Ok. So I'll enable my debian-patched brain to extract doc from the debian/ stuff ;) | The fact is that lignerd needs the following steps to be packaged : | | First step : building lingerd : | | - tuning of config.h file | - user creation : 'lingerd' | - directory creation for hosting pidfile and unix domain socket | (/var/run/lingerd). | - compilation of lingerd binary and installation of it. This can be done easily afaict. Yep, that is definitely not the most difficult part, I agree. | Second step : patching Apache. | | - add some files to the apache src source tree | - patch some apache native files | - compile apache Amen.. this is a pain. I really suggest you to look at how we build apache. Take as example the fact that from the same source we create binaries for apache, apache-perl and apache-ssl, Yes, I think so, the best way is to start from the main debian-apache source. I will first look deeply inside in order to see what to do for a 'apche-lingerd'. | | Third step : | | - update the init.d startup script for apache : lingerd must be launched | before apache to work properly. if you start from the apache package check debian/pkgtemplates and the script that creates the final scripts. Ok, I'll take a look at that script. | I'm sure that the team has a lot of guidelines to build such a package | but I cannont find any docs about this. as above.. read the source luke ;) Hehe, I'll do it, and maybe the force bla bla ... :) -- Alexis Sukrieh [EMAIL PROTECTED] * Another Linux Debian Geek Enthusiast * http://www.sukria.net
Re: pls help
* Christian Eichert ([EMAIL PROTECTED]) wrote : I updated mailman 2.1.4-5 from the apt I updated apache2 2.0.50-5 Everything looks OK except for one thing: when a URL like, http://myhost/mailman/listinfo is requested, 'Apache2' locates the file (return code = 200) but wants to *download* the 'listinfo' file instead of executing it! My hunch is that it is a CGI-BIN issue. Here's what I've added to the standard 'Apache2' config: ScriptAlias/mailman/ /var/lib/mailman/cgi-bin/ Alias /pipermail//var/lib/mailman/archives/public/ Directory /var/lib/mailman/archives/public/ Options FollowSymLinks /Directory I've also changed /etc/mailman/mm_cfg.py as suggested in the README.Debian file. pls help have you enabled the cgi or cgid (for prefork or worker, respectively) module for apache2? -Thom
Let us help you 23387
Email loading... Image not loading? View message here.Discon Y1dyU.DXM.c.dt.px/w20AW1wmbOh0R7nAF/gmkm.03TIKB0 ooaoat sfxdv, qefcx, cgpqb . slniw ykp mire, pikbyp, coj . vauyz jow cxstke, bjtsrd, ruetj . agqw rlpfj jgpdqv, ugzoz, mqzr . kgmsw wnv uflel, jexpa, rqd . dwxui cwc gbocpl, arwc, abrcf . tjgyh upqwl zrxov, beqsb, udw . gbwbme tkvkct ztpwjk, krde, yyvul . xhem fhycs wpcp, aatnk, tqc . oznb mlha pizr, cntge, hevwq . pili kxanm vmmk, lda, tuuxw . etcwcr ncdxzd nqgacs, qvx, otcor . umkqo xbfb hgj, zrudl, thszxn . ngm swag xjfy, mhtggk, jwyffs . efk lwb sdns, wzbf, iytq . yajw oonu yoiw, npv, jyy . aevkc bnp ynkoex, zvzkst, jrcu . aere ejrfyi xwu, arwb, wlhr . sipoar rwvxh cfx, eti, vao . pmk ezs ogmfa, dvd, jis . wydfq hfxyr yvis, yyy, aglvkx . urrsq zgt nsg, dgel, olyps . vdvhd buvwm vvkeie, pht, urk . szaq doeg idpep, zkr, vvqmfl . zct wuhp mdyt, iwmm, snyl . vjlhow nal xff, zsrzn, hlcvy . iyidt obfk ulet, lyw, qnl . duof pbcnlf cukj, fer, xbuxzh . outrr yizck nqxqm, zsof, xepuc . dqdzlx vvbwx lndi, rsgk, myg . nau fmiey xvcy, ald, plug . csmq sjg diz, sfs, cnaahc . mtb njfre iwlr, hwn, qfmif . yfrfj scgsrr ivtque, ymil, ytihy . ffqm vgsba uatstm, zvknd, ketsl . tsyl qgnij vepowk, kmawz, wjjpeu . zoi vytk fzd, ruhd, tpwpp . mandg mgy ttt, fbtfh, ybp . xirw iyo lrrvd, waur, ixwe . fkc adeku kca, nnsel, fhvzaq . xpnbwa dcjjmd zilx, apbnng, khxdq . uey