[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
Backports Team does not (and is not authorized) to handle bugfix-only updates, unless the SRU path has no chance. I have not seen this the case, so as of now, the backports request is rejected. Reopen if SRU fails. ** Changed in: dapper-backports (upstream) Status: Confirmed = Rejected ** Changed in: edgy-backports (upstream) Status: Confirmed = Rejected -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://bugs.launchpad.net/bugs/73556 You received this bug notification because you are a member of Ubuntu Backporters, which is the bug contact for Dapper Backports. -- ubuntu-backports mailing list [EMAIL PROTECTED] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
I do not see an approval from a backporters member here, so setting back to needsinfo. ** Changed in: dapper-backports (upstream) Status: In Progress = Needs Info -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
Closing Feisty task as per comment 5. ** Changed in: suphp (Ubuntu) Status: Unconfirmed = Fix Released -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
** Changed in: dapper-backports (upstream) Assignee: (unassigned) = Paul McClure Status: Needs Info = In Progress -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
Please attempt this as a SRU first, or have an MOTU reply with a reason why a SRU is not appropriate. ** Changed in: dapper-backports (upstream) Status: Unconfirmed = Needs Info ** Changed in: edgy-backports (upstream) Status: Confirmed = Needs Info -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
This is a request for a MOTU SRU for the suphp package for both Edgy and Dapper as per the backporting team's request. This package has already been updated in Feisty. Due to the nature of the problem (see bug description), this could possibly be a serious bug resulting in loss of user data or possibly crashes (memory management issue). ** Changed in: suphp (Ubuntu) Assignee: (unassigned) = MOTU Stable Release Updates Status: Fix Released = Unconfirmed -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
b/i/r(id assume dont know how to test) +1 for edgy using proper patch ** Changed in: edgy-backports (upstream) Status: Unconfirmed = Confirmed -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
** Changed in: suphp (Debian) Status: Unknown = Fix Released -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
** Summary changed: - libapache2-mod-suphp causes double free error in Apache error log when script is inaccessible + suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty ** Description changed: + Backport request: please backport suphp 0.6.2 to dapper and edgy from + feisty. + Binary package hint: libapache2-mod-suphp Whenever suphp refuses to run a script for any reason (e.g. UID/GID out of configured allowable range, wrong permissions, etc), it causes the following error messages to appear in the Apache error log: ---SNIP--- [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:193: Script /var/www/index.cgi resolving to /var/www/index.cgi not within configured docroot [Mon Nov 27 17:56:12 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f990 *** [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:291: UID of script /var/www/index.cgi is smaller than min_uid [Mon Nov 27 17:56:41 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f9f8 *** [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] Premature end of script headers: index.cgi [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] SoftException in Application.cpp:472: Could not execute script /var/www/index.cgi [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] Caused by SystemException in API_Linux.cpp:427: execve() for program /var/www/index.cgi failed: Permission denied [Mon Nov 27 17:57:18 2006] [error] [client 142.150.160.59] *** glibc detected *** double free or corruption (fasttop): 0x0806f9f8 *** ---SNIP--- As you can see, the above are three distinct examples: 1. [Mon Nov 27 17:56:12 2006] was caused by the target script being outside of the allowable suphp docroot. 2. [Mon Nov 27 17:56:41 2006] was caused by wrong ownership: owner UID of the target script file was less than the allowable UID. 3. [Mon Nov 27 17:57:18 2006] was caused by wrong permissions (the www-data user/group has no read access to the script in question). In all three cases, the last error message seen was always *** glibc detected *** double free or corruption (fasttop): 0x0806f9f8 *** which is a bit unnerving. I am not sure if this problem is potentially exploitable. Note that this seems to be a known issue with suphp, and the latest release (0.6.2) seems to have addressed the issue according to the suphp homepage: http://www.suphp.org/ -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
Builds OK on edgy using prevu as per the instructions here: http://ubuntuforums.org/showthread.php?t=268687 Minor tweaks needed in suphp-0.6.2/debian/control file to override dependencies on apache-2.2. Patch for contol file attached. Apply patch as usual: patch targetfile patchfile ** Attachment added: Patch for Feisty's suphp-0.6.2/debian/control file to make it suitable for building on Edgy http://librarian.launchpad.net/5780880/suphp-0.6.2-debcontrol.patch -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
[Bug 73556] Re: suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty
Builds OK on dapper as well (build host is edgy, but target is dapper) using prevu. The patch I attached with my previous comment also worked for the dapper build (please refer to my previous comment). -- suphp 0.6.2 backport request to dapper (0.6.1) and edgy (0.6.1) from feisty https://launchpad.net/bugs/73556 -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports
