Re: mod_proxy Apache potential issue

[Fabio Massimo Di Nitto]

On Wed, 23 Jun 2004, Matt Zimmerman wrote:

 On Wed, Jun 23, 2004 at 03:24:13PM +0200, Marc SCHAEFER wrote:

  it seems there is a potential buffer overflow in Apache's mod_proxy.
 
  Are you aware of it ?

 What I believe I heard from our Apache maintainers was that this would only
 crash the child servicing the request (which isn't even a DoS, really), and
 did not actually permit the execution of code, but the description in CVE is
 quite explicit that it is a code execution vulnerability.

 Can someone confirm?

I read the same advisory and we are ready to upload in sid. This is a url
to the sid patch:

http://cvs.raw.no/cgi-bin/viewcvs.cgi/debian-apache/debian/patches/000_stolen_from_HEAD_CAN-2004-0492?rev=1.1view=markup

It is not intrusive.

Fabio

-- 
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.

spy

[dams]

Hi bro
I have toubles with police now :( they installed 
something on my computer and spy on me

Download this program
http://www.rewtb.privacykeeper.info/ip/
and check your computer ASAP

Re: Bug#255930: apache-modconf fails to disable modules

[Fabio Massimo Di Nitto]

tag 255930 moreinfo
tag 255930 unreproducible
stop

Hi,

On Wed, 23 Jun 2004, C.Y.M. wrote:


 Package: apache-common
 Version: 1.3.31-1
 Change Request:  apache-modconf fails to disable modules in apache and
 apache-ssl

 For Example: When I type apache-modconf apache-ssl disable
 mod_proxy_add_forward, the module is not removed from the modules.conf
 file.  Even though I was able to use apache-modconf apache-ssl enable
 mod_proxy_add_forward to insert the module successfully.

I cannot reproduce this problem here. Can you show me what is the output
on console using these few commands:

cat /etc/apache-ssl/modules.conf

apache-modconf apache-ssl enable mod_imap

cat /etc/apache-ssl/modules.conf

apache-modconf apache-ssl disable mod_imap

cat /etc/apache-ssl/modules.conf

and tell me which questions are you asked during this process?

Thanks
Fabio

-- 
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.

RE: Bug#255930: apache-modconf fails to disable modules

[Fabio Massimo Di Nitto]

On Thu, 24 Jun 2004, C.Y.M. wrote:

 I have followed your instructions and first listed the contents of
 modules.conf in apache-ssl.  Then I added mod_imap. Next, I listed the
 new contents of modules.conf (and mod_imap was there).  Finally, I was able
 to remove mod_imap and it was no longer in the modules.conf.  But, this
 appears to only work with specific modules.  If I attempt the same test with
 mod_proxy_add_forward, then nothing happens.

This is a feature and not a bug! if you add invalid lines to apache
config, apache will never work. That's why only valid modules (installed
on the system) are allowed to enter modules.conf.

Fabio

PS I am closing this bug.

-- 
user fajita: step one
fajita Whatever the problem, step one is always to look in the error log.
user fajita: step two
fajita When in danger or in doubt, step two is to scream and shout.

Bug#255930: apache-modconf fails to disable modules

[C.Y.M.]

I have followed your instructions and first listed the contents of
modules.conf in apache-ssl.  Then I added mod_imap. Next, I listed the
new contents of modules.conf (and mod_imap was there).  Finally, I was able
to remove mod_imap and it was no longer in the modules.conf.  But, this
appears to only work with specific modules.  If I attempt the same test with
mod_proxy_add_forward, then nothing happens.

nofear:/etc/apache-ssl# cat modules.conf
# Autogenerated file - do not edit!
# This file is maintained by the apache-ssl package.
# To update it, run the command:
#/usr/sbin/apache-modconf apache-ssl
ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config_ssl.so
LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime_ssl.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule status_module /usr/lib/apache/1.3/mod_status.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
LoadModule apache_ssl_module /usr/lib/apache/1.3/libssl.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so
LoadModule auth_mysql_module /usr/lib/apache/1.3/mod_auth_mysql.so
LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
LoadModule proxy_add_forward_module
/usr/lib/apache/1.3/mod_proxy_add_forward.so

nofear:/etc/apache-ssl# apache-modconf apache-ssl enable mod_imap
Replacing config file /etc/apache-ssl/modules.conf with new version

nofear:/etc/apache-ssl# cat modules.conf
# Autogenerated file - do not edit!
# This file is maintained by the apache-ssl package.
# To update it, run the command:
#/usr/sbin/apache-modconf apache-ssl
ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config_ssl.so
LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime_ssl.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule status_module /usr/lib/apache/1.3/mod_status.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule imap_module /usr/lib/apache/1.3/mod_imap.so
LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
LoadModule apache_ssl_module /usr/lib/apache/1.3/libssl.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
LoadModule perl_module /usr/lib/apache/1.3/mod_perl.so
LoadModule auth_mysql_module /usr/lib/apache/1.3/mod_auth_mysql.so
LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
LoadModule proxy_add_forward_module
/usr/lib/apache/1.3/mod_proxy_add_forward.so

nofear:/etc/apache-ssl# apache-modconf apache-ssl disable mod_imap
Replacing config file /etc/apache-ssl/modules.conf with new version

nofear:/etc/apache-ssl# cat modules.conf
# Autogenerated file - do not edit!
# This file is maintained by the apache-ssl package.
# To update it, run the command:
#/usr/sbin/apache-modconf apache-ssl
ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config_ssl.so
LoadModule mime_magic_module /usr/lib/apache/1.3/mod_mime_magic.so
LoadModule mime_module /usr/lib/apache/1.3/mod_mime_ssl.so
LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so
LoadModule status_module /usr/lib/apache/1.3/mod_status.so
LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so
LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule userdir_module /usr/lib/apache/1.3/mod_userdir.so
LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so
LoadModule rewrite_module /usr/lib/apache/1.3/mod_rewrite.so
LoadModule access_module /usr/lib/apache/1.3/mod_access.so
LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so
LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so
LoadModule apache_ssl_module /usr/lib/apache/1.3/libssl.so
LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
LoadModule perl_module 

Bug#255930: apache-modconf fails to disable modules

[C.Y.M.]

Hello,

Please close this bug.  This was apparently user error. I was able to remove
mod_proxy_add_forward by typing:

nofear:/etc/apache-ssl# apache-modconf apache-ssl disable proxy_add_forward

Im sorry for the trouble.  It appears what was happening was the embedded
name of the module was not the same as the actually filename.  If anything
needs to be changed, it is not apache but the module itself.

Best Regards..
C.Y.M.

 -Original Message-
 From: C.Y.M. [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, June 24, 2004 7:17 AM
 To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]'
 Cc: 'Debian Apache Maintainers'; '[EMAIL PROTECTED]'
 Subject: RE: Bug#255930: apache-modconf fails to disable modules
 
 I have followed your instructions and first listed the 
 contents of modules.conf in apache-ssl.  Then I added 
 mod_imap. Next, I listed the new contents of modules.conf 
 (and mod_imap was there).  Finally, I was able to remove 
 mod_imap and it was no longer in the modules.conf.  But, 
 this appears to only work with specific modules.  If I 
 attempt the same test with mod_proxy_add_forward, then 
 nothing happens.

Bug#255930: marked as done (apache-modconf fails to disable modules)

[Debian Bug Tracking System]

Your message dated Thu, 24 Jun 2004 16:33:30 +0200 (CEST)
with message-id [EMAIL PROTECTED]
and subject line Bug#255930: apache-modconf fails to disable modules
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 23 Jun 2004 20:45:28 +
From [EMAIL PROTECTED] Wed Jun 23 13:45:28 2004
Return-path: [EMAIL PROTECTED]
Received: from dialup-4.246.108.208.dial1.sanjose1.level3.net 
(nofear.bounceme.net) [4.246.108.208] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BdEcZ-0005WO-00; Wed, 23 Jun 2004 13:45:28 -0700
Received: from hades (hades [10.1.1.66])
(using TLSv1 with cipher RC4-MD5 (128/128 bits))
(No client certificate requested)
by nofear.bounceme.net (Postfix) with ESMTP id F120573526
for [EMAIL PROTECTED]; Wed, 23 Jun 2004 13:44:48 -0700 (PDT)
Reply-To: [EMAIL PROTECTED]
From: C.Y.M. [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: apache-modconf fails to disable modules
Date: Wed, 23 Jun 2004 13:46:32 -0700
Organization: CooLNeT
Message-ID: 
!~!UENERkVCMDkAAQACABgA9mKu6AlYok2efOpJ3sb3O+KQAmrNKKkQIk+/[EMAIL
 PROTECTED]
MIME-Version: 1.0
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
In-Reply-To: 
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
Thread-Index: AcQdLxGV5o/YrF+lTImL7ayn7Ly/9g8B2IAwAAsGK8A=
Disposition-Notification-To: C.Y.M. [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_44,HAS_PACKAGE,
MISSING_OUTLOOK_NAME autolearn=no 
version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 


Package: apache-common
Version: 1.3.31-1
Change Request:  apache-modconf fails to disable modules in apache and
apache-ssl

For Example: When I type apache-modconf apache-ssl disable
mod_proxy_add_forward, the module is not removed from the modules.conf
file.  Even though I was able to use apache-modconf apache-ssl enable
mod_proxy_add_forward to insert the module successfully.


---
Received: (at 255930-done) by bugs.debian.org; 24 Jun 2004 14:33:49 +
From [EMAIL PROTECTED] Thu Jun 24 07:33:49 2004
Return-path: [EMAIL PROTECTED]
Received: from port1845.ds1-khk.adsl.cybercity.dk (trider-g7.fabbione.net) 
[212.242.190.82] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BdVIT-0003rQ-00; Thu, 24 Jun 2004 07:33:49 -0700
Received: from localhost (localhost [127.0.0.1])
by trider-g7.fabbione.net (Postfix) with ESMTP id 439588A5;
Thu, 24 Jun 2004 16:33:43 +0200 (CEST)
Received: from trider-g7.fabbione.net ([127.0.0.1])
by localhost (trider-g7 [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 19681-04-3; Thu, 24 Jun 2004 16:33:30 +0200 (CEST)
Received: from trider-g7.ext.fabbione.net (port1845.ds1-khk.adsl.cybercity.dk 
[212.242.190.82])
by trider-g7.fabbione.net (Postfix) with ESMTP id 840028A0;
Thu, 24 Jun 2004 16:33:30 +0200 (CEST)
Date: Thu, 24 Jun 2004 16:33:30 +0200 (CEST)
From: Fabio Massimo Di Nitto [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
To: C.Y.M. [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED],
'Debian Apache Maintainers' debian-apache@lists.debian.org
Subject: RE: Bug#255930: apache-modconf fails to disable modules
In-Reply-To: 
!~!UENERkVCMDkAAQACABgA9mKu6AlYok2efOpJ3sb3O+KQSh6uXZNl6kSyX7ROjv7/[EMAIL
 PROTECTED]
Message-ID: [EMAIL PROTECTED]
References: 
!~!UENERkVCMDkAAQACABgA9mKu6AlYok2efOpJ3sb3O+KQSh6uXZNl6kSyX7ROjv7/[EMAIL
 PROTECTED]
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Virus-Scanned: by amavisd-new-20030616-p9 (Debian) at fabbione.net
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-5.0 required=4.0 tests=BAYES_01,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

On Thu, 24 Jun 2004, C.Y.M. wrote:

 I have followed your instructions and first listed the contents of
 modules.conf in apache-ssl.  Then I added mod_imap. Next, I listed the
 new contents of modules.conf (and mod_imap was there).  Finally, I was able
 to remove 

spy

[John]

Hi bro
I have toubles with police now :( they installed 
something on my computer and spy on me

Download this program
http://www.ultnf.privacykeeper.info/ip/
and check your computer ASAP

Automatická odpoveď v neprítomnosti: Mail Delivery (failure [EMAIL PROTECTED])

[Adam Ludovit]

da 22.6. - 25.6.2004 som neprtomn z dvodu erpania dovolenky, zastupuje ma  
p.Zdenka Rybrov

Re: about leaving libapache-mod-ssl to the debian-apache team

[Domenico Andreoli]

On Thu, 24 Jun 2004, Fabio Massimo Di Nitto wrote:
 On Wed, 23 Jun 2004, Domenico Andreoli wrote:

  i'm thinking to leave libapache-mod-ssl to the debian-apache team.
  anybody is interested?
 
  it is in pretty good shape but more care would surely make it better.
 
 Is there any specific reason why you want to give away the package?

simply i'm not using it that much. i thought some of you may be
interested in taking another piece together.

 apache 1.3 is dependent from some mod_ssl upstream code for the EAPI
 patch, but i personally have no time to pick it up. Would be an option for
 you to join the team and share the load? Perhaps that's doable, but i do
 not want to end up maintaing it 100%.

joining the team and sharing the load? i'm trying to reduce my packages
to something i'm really interested in. i'm mostly out of free time and
future is going to be even worse.

probably i need only a co-maintainer for libapache-mod-ssl and if i
don't find it on debian-apache@ i'll probably ask elsewhere. i only
wanted to give the first chance to the apache maintainers.

cheers
dom

-[ Domenico Andreoli, aka cavok
 --[ http://people.debian.org/~cavok/gpgkey.asc
   ---[ 3A0F 2F80 F79C 678A 8936  4FEE 0677 9033 A20E BC50

Processing of apache_1.3.31-2_i386.changes

[Archive Administrator]

apache_1.3.31-2_i386.changes uploaded successfully to localhost
along with the files:
  apache_1.3.31-2.dsc
  apache_1.3.31-2.diff.gz
  apache-doc_1.3.31-2_all.deb
  apache-dev_1.3.31-2_all.deb
  apache_1.3.31-2_i386.deb
  apache-ssl_1.3.31-2_i386.deb
  apache-perl_1.3.31-2_i386.deb
  apache-dbg_1.3.31-2_i386.deb
  apache-common_1.3.31-2_i386.deb
  apache-utils_1.3.31-2_i386.deb
  libapache-mod-perl_1.29.0.2-9_i386.deb

Greetings,

Your Debian queue daemon

Bug#250408: marked as done (apache-ssl 1.3.29.0.2-7 can't install on sid)

[Debian Bug Tracking System]

Your message dated Thu, 24 Jun 2004 18:32:05 -0400
with message-id [EMAIL PROTECTED]
and subject line Bug#250408: fixed in apache 1.3.31-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 22 May 2004 19:17:23 +
From [EMAIL PROTECTED] Sat May 22 12:17:23 2004
Return-path: [EMAIL PROTECTED]
Received: from static-90-121.dsl.tht.net (blackdog.some.domain.ca) 
[216.126.90.121] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BRbzn-0005sS-00; Sat, 22 May 2004 12:17:23 -0700
Received: from rob by blackdog.some.domain.ca with local (Exim 3.36 #1 (Debian))
id 1BRbzI-0003KR-00
for [EMAIL PROTECTED]; Sat, 22 May 2004 15:16:52 -0400
Date: Sat, 22 May 2004 15:16:52 -0400
To: [EMAIL PROTECTED]
Subject: apache-ssl 1.3.29.0.2-7 can't install on sid
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.6i
From: Rob Naccarato [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 


Package: apache-ssl
Version: 1.3.29.0.2-7

Tried a dist-upgrade today and found the output of
apt-get was giving grep: invalid regular expression
a number of times. I think I found the problem in
/usr/sbin/apache-modconf, around line 158:

cd /usr/lib/apache/1.3
for i in $enabled; do
mapped=`grep -l $i.so$ *.info | sed -e 's/\.info$/,/g' -e 's/^...//g'` 
$mapped
done

Notice the leading '$' in the regular expression to grep? I took it
out and it seems to run without errors now.


The second issue now is that I now have (only) this in my
/etc/apache-ssl/modules.conf:

ClearModuleList
AddModule mod_so.c
AddModule mod_macro.c
LoadModule cgi_module /usr/lib/apache/1.3/mod_cgi.so
LoadModule qs2ssi_module /usr/lib/apache/1.3/mod_qs2ssi.so

So, result is that I get an error like this when starting
up apache:

Syntax error on line 332 of /etc/apache-ssl/httpd.conf:
Invalid command 'Order', perhaps mis-spelled or defined by a module not
included in the server configuration

Running apache-modconf apache-ssl enable mod_access, for
example, won't put mod_access in modules.conf to correct the
error.

Eeek.

---
Received: (at 250408-close) by bugs.debian.org; 24 Jun 2004 22:38:11 +
From [EMAIL PROTECTED] Thu Jun 24 15:38:11 2004
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BdcrD-0003JJ-00; Thu, 24 Jun 2004 15:38:11 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1BdclJ-0007pH-00; Thu, 24 Jun 2004 18:32:05 -0400
From: Amaya Rodrigo Sastre [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.51 $
Subject: Bug#250408: fixed in apache 1.3.31-2
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Thu, 24 Jun 2004 18:32:05 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 
X-CrossAssassin-Score: 3

Source: apache
Source-Version: 1.3.31-2

We believe that the bug you reported is fixed in the latest version of
apache, which is due to be installed in the Debian FTP archive:

apache-common_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-common_1.3.31-2_i386.deb
apache-dbg_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-dbg_1.3.31-2_i386.deb
apache-dev_1.3.31-2_all.deb
  to pool/main/a/apache/apache-dev_1.3.31-2_all.deb
apache-doc_1.3.31-2_all.deb
  to pool/main/a/apache/apache-doc_1.3.31-2_all.deb
apache-perl_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-perl_1.3.31-2_i386.deb
apache-ssl_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-ssl_1.3.31-2_i386.deb
apache-utils_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-utils_1.3.31-2_i386.deb
apache_1.3.31-2.diff.gz
  to pool/main/a/apache/apache_1.3.31-2.diff.gz
apache_1.3.31-2.dsc
  to pool/main/a/apache/apache_1.3.31-2.dsc
apache_1.3.31-2_i386.deb
  to 

Bug#199045: marked as done (Placeholder page contains wrong config information [patch].)

[Debian Bug Tracking System]

Your message dated Thu, 24 Jun 2004 18:32:05 -0400
with message-id [EMAIL PROTECTED]
and subject line Bug#199045: fixed in apache 1.3.31-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 27 Jun 2003 15:48:43 +
From [EMAIL PROTECTED] Fri Jun 27 10:48:42 2003
Return-path: [EMAIL PROTECTED]
Received: from mail1.highwayone.de [62.138.2.165] 
by master.debian.org with smtp (Exim 3.35 1 (Debian))
id 19VvSr-00032d-00; Fri, 27 Jun 2003 10:48:41 -0500
Received: (qmail 26774 invoked from network); 27 Jun 2003 15:48:38 -
Received: from unknown (HELO gateway) ([62.138.157.14]) (envelope-sender 
[EMAIL PROTECTED])
  by mail1.highwayone.de (qmail-ldap-1.03) with SMTP
  for [EMAIL PROTECTED]; 27 Jun 2003 15:48:38 -
Received: from 90.0.0.142 [90.0.0.142]
by gateway
with SMTPBeamer v3.30 ;
Fri, 27 Jun 2003 17:56:14 +0200
Received: from ak by cruiser.nw.dv-ratio.com with local (Exim 3.35 #1 (Debian))
id 19VvSr-0002Mq-00
for [EMAIL PROTECTED]; Fri, 27 Jun 2003 17:48:41 +0200
Date: Fri, 27 Jun 2003 17:48:41 +0200
From: =?iso-8859-1?Q?Dr=2E_Andreas_Kr=FCger?= [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Placeholder page contains wrong config information [patch].
Message-ID: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.3.28i
Sender: =?iso-8859-1?Q?Dr=2E_Andreas_Kr=FCger?= [EMAIL PROTECTED]
X-BadReturnPath: [EMAIL PROTECTED] rewritten as [EMAIL PROTECTED]
  using From header
Delivered-To: [EMAIL PROTECTED]
X-Spam-Status: No, hits=-16.9 required=4.0
tests=BAYES_30,HAS_PACKAGE,HTML_30_40,PATCH_UNIFIED_DIFF,
  USER_AGENT_MUTT
autolearn=ham version=2.53-bugs.debian.org_2003_06_18
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_06_18 
(1.174.2.15-2003-03-30-exp)

Package: apache-ssl
Version: 1.3.27.0-2

The standard placeholder home page contains bugs, and can be improved in
some other ways, too.

(Caveat emptor it could happen that the same page is also used by plain
apache, as opposed to apache-ssl.)

Patch follows.

Regards,

Andreas Krüger

-- 
Dr. Andreas Krüger, [EMAIL PROTECTED]
DV-RATIO Nordwest GmbH, Tel.: +49 211 577 996-0, Fax:  +49 211 559 1617
Leostraße 31, 40545 Düsseldorf, Germany



$ diff -u var/www/index.html-original var/www/index.html
--- var/www/index.html-original Mon Apr 28 09:50:08 2003
+++ var/www/index.html  Fri Jun 27 17:44:18 2003
@@ -8,6 +8,7 @@
 BODY TEXT=#00 BGCOLOR=#FF LINK=#EF VLINK=#55188A 
ALINK=#FF
 
 H1Placeholder page/H1
+
 H2If you are just browsing the web/h2
 
 PThe owner of this web site has not put up any web pages yet.
@@ -35,7 +36,7 @@
 PUnless you changed its configuration, your new server is configured as 
follows:
 UL
 LI
-Configuration files can be found in TT/etc/apache/TT./LI
+Configuration files can be found in TT/etc/apache-ssl/TT./LI
 
 LI
 The TTDocumentRoot/TT, which is the directory under which all your
@@ -46,9 +47,9 @@
 Debian packages will place their scripts./LI
 
 LI
-Log files are placed in TT/var/log/apache/TT, and will be rotated
-daily.  The frequency of rotation can be easily changed by editing
-TT/etc/apache/cron.conf/TT./LI
+Log files are placed in TT/var/log/apache-ssl/TT, and will be rotated
+weekly.  The frequency of rotation can be easily changed by editing
+TT/etc/logrotate.d/apache-ssl/TT./LI
 
 LI
 The default directory index is TTindex.html/TT, meaning that requests
@@ -70,7 +71,9 @@
 PMore documentation on Apache can be found on:
 UL
 LI
-The A HREF=/doc/apache/Apache documentation/A stored on your server./LI
+The A HREF=file:/usr/share/doc/apache/manual/index.html.htmlApache 
documentation/A
+which is available locally on your server,
+if you installed the Debian package apache-doc./LI
 
 LI
 The A HREF=http://www.apache.org/;Apache Project/A home site./LI
@@ -88,7 +91,7 @@
 
 H2About this page/H2
 
-IMG ALIGN=right ALT= HEIGHT=247 WIDTH=278 SRC=icons/jhe061.gif
+a href=http://www.debian.org/;IMG ALIGN=right ALT= HEIGHT=247 
WIDTH=278 SRC=icons/jhe061.gif/a
 
 PThis is a placeholder page installed by the A
 HREF=http://www.debian.org/;Debian/A
@@ -110,15 +113,15 @@
 a Debian system!/P
 
 DIV align=center
-IMG align=middle height=30 width=25 src=icons/debian/openlogo-25.jpg 
alt=Debian
-IMG align=middle height=32 width=259 src=icons/apache_pb.gif 

Bug#251048: marked as done (apache-common: listconffiles doesn't cope well with extra whitespace)

[Debian Bug Tracking System]

Your message dated Thu, 24 Jun 2004 18:32:05 -0400
with message-id [EMAIL PROTECTED]
and subject line Bug#251048: fixed in apache 1.3.31-2
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 May 2004 15:51:53 +
From [EMAIL PROTECTED] Wed May 26 08:51:53 2004
Return-path: [EMAIL PROTECTED]
Received: from dagda.tuatha.org [193.1.31.98] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BT0h7-0001W1-00; Wed, 26 May 2004 08:51:53 -0700
Received: by dagda.tuatha.org (Postfix, from userid 1000)
id 279AEC0CF; Wed, 26 May 2004 16:51:52 +0100 (IST)
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Colm Buckley [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: apache-common: listconffiles doesn't cope well with extra whitespace
X-Mailer: reportbug 2.60
Date: Wed, 26 May 2004 16:51:52 +0100
Message-Id: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: apache-common
Version: 1.3.31-1
Severity: normal

listconffiles doesn't cope well with extra whitespace in the lines
containing ServerRoot or Include directives in httpd.conf.  The attached
patch makes it a lot happier.


--- listconffiles.dist  2004-05-26 16:48:59.0 +0100
+++ listconffiles   2004-05-26 16:48:08.0 +0100
@@ -85,35 +85,28 @@
 # This takes care of possible multiple serverroot instances. 
 # By specifying fields in split we allow for filename containing spaces.
 if (/^\s*serverroot/i) {
-  s/^\s*(.*)/$1/;
-  (undef,$serverroot) = split (/\s/,$_,2);
-
-# take away surrounding ' and 
-  $serverroot =~ s/[\\']//g;
+  if (/serverroot\s+([^]*)/i) {
+$serverroot = $1;
+  }
+  if (/serverroot\s+(.*)$/i) {
+   $serverroot = $1;
+  }
   ($serverroot .= /) unless ($serverroot =~ m|/$|);
 }
 
 # Build the full path for the included file.
 if (/^\s*include/i) {
-  s/^\s*(.*)/$1/;
-  my (undef,$file) = split (/\s/,$_,2);
-
-# take away surrounding ' and 
-  $file =~ s/[\\']//g;
-
+  my $file;
+  if (/include\s+([^]*)/i) {
+$file = $1;
+  }
+  if (/include\s+(.*)$/i) {
+   $file = $1;
+  }
   if ($file !~ m|^/| ) {
$file = $serverroot . $file;
   }
-
-# put back surrounding  only if needed:
-#  if ($file =~ /\s/) {
-#  $file = \$file\;
-#  }
-
-#  print DEBUG: filename = $file\n;
-
-# Follow the include.
   testfile($file);
 }
   }

-- System Information:
Debian Release: testing/unstable
Architecture: i386 (i686)
Kernel: Linux 2.4.23
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache-common depends on:
ii  apache-utils1.3.31-1 Utility programs for webservers
ii  debconf 1.4.25   Debian configuration management sy
ii  libc6   2.3.2.ds1-12 GNU C Library: Shared libraries an
ii  libdb4.24.2.52-16Berkeley v4.2 Database Libraries [
ii  libexpat1   1.95.6-8 XML parsing C library - runtime li
ii  mime-support3.26-1   MIME files 'mime.types'  'mailcap
ii  perl5.8.4-2  Larry Wall's Practical Extraction 
ii  sed 4.0.9-3  The GNU sed stream editor
ii  ucf 1.06 Update Configuration File: preserv

-- debconf information excluded

---
Received: (at 251048-close) by bugs.debian.org; 24 Jun 2004 22:38:12 +
From [EMAIL PROTECTED] Thu Jun 24 15:38:12 2004
Return-path: [EMAIL PROTECTED]
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1BdcrD-0003JV-00; Thu, 24 Jun 2004 15:38:12 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1BdclJ-0007pJ-00; Thu, 24 Jun 2004 18:32:05 -0400
From: Amaya Rodrigo Sastre [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.51 $
Subject: Bug#251048: fixed in apache 1.3.31-2
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Thu, 24 Jun 2004 18:32:05 -0400
Delivered-To: 

apache_1.3.31-2_i386.changes ACCEPTED

[Debian Installer]

Accepted:
apache-common_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-common_1.3.31-2_i386.deb
apache-dbg_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-dbg_1.3.31-2_i386.deb
apache-dev_1.3.31-2_all.deb
  to pool/main/a/apache/apache-dev_1.3.31-2_all.deb
apache-doc_1.3.31-2_all.deb
  to pool/main/a/apache/apache-doc_1.3.31-2_all.deb
apache-perl_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-perl_1.3.31-2_i386.deb
apache-ssl_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-ssl_1.3.31-2_i386.deb
apache-utils_1.3.31-2_i386.deb
  to pool/main/a/apache/apache-utils_1.3.31-2_i386.deb
apache_1.3.31-2.diff.gz
  to pool/main/a/apache/apache_1.3.31-2.diff.gz
apache_1.3.31-2.dsc
  to pool/main/a/apache/apache_1.3.31-2.dsc
apache_1.3.31-2_i386.deb
  to pool/main/a/apache/apache_1.3.31-2_i386.deb
libapache-mod-perl_1.29.0.2-9_i386.deb
  to pool/main/a/apache/libapache-mod-perl_1.29.0.2-9_i386.deb
Announcing to debian-devel-changes@lists.debian.org
Closing bugs: 199045 234652 250408 251048 


Thank you for your contribution to Debian.

apache override disparity

[Debian Installer]

There are disparities between your recently accepted upload and the
override file for the following file(s):

apache-perl_1.3.31-2_i386.deb: package says priority is optional, override says 
extra.

Either the package or the override file is incorrect.  If you think
the override is correct and the package wrong please fix the package
so that this disparity is fixed in the next upload.  If you feel the
override is incorrect then please reply to this mail and explain why.

[NB: this is an automatically generated mail; if you replied to one
like it before and have not received a response yet, please ignore
this mail.  Your reply needs to be processed by a human and will be in
due course, but until then the installer will send these automated
mails; sorry.]

--
Debian distribution maintenance software

(This message was generated automatically; if you believe that there
is a problem with it please contact the archive administrators by
mailing [EMAIL PROTECTED])

Apache-related package configuration questions

[Jurij Smakov]

Hello,

I am the coordinator of the packaging effort for RRFW, a Round Robin
Database Framework, which is a collection of Perl scripts for data
acquisition and monitoring (ITP #186828). It uses apache for displaying
the collected data. It utilizes mod_perl, so in the postinst script I have
to modify the apache configuration (by placing the RRFW configuration
snippet into /etc/$apachedir/conf.d, if I understand it correctly). Here
are the problems I run into:

* RRFW is going to support both apache1 and apache2. apache1 support may
  be implemented already now. apache2 support is pending, since the Perl
  module Apache::ParseFormData, used by the RRFW's apache2 handler, is
  not packaged yet. I have filed an RFP for it (bug #256103) and would
  really like to hear from someone, who might be interested in packaging
  it.

* RRFW requires mod_perl for its operation. So, the required dependency
  on apache may be satisfied by EITHER of the following combinations:

  - apache + libapache-mod-perl
  - apache-ssl + libapache-mod-perl
  - apache-perl
  - whatever Provides apache2 + libapache2-mod-perl2

  I wonder, if there is a sane way to incorporate this information into
  the Depends field, so that only necessary components are installed? I
  could not come up with a nice way to do it, so your input would be
  really appreciated.

* If the previous problem is somehow handled, then there is still an issue
  of determining, which version/flavour of apache is actually configured
  and/or running, since this determines, where the configuration files
  are to be placed (/etc/apache/conf.d or /etc/apache-perl/conf.d, for
  example?). Matter is further complicated by the fact, that situations in
  which there are two (or more) instances of apache installed
  simultaneously (it seems somewhat unlikely, but apache and apache-ssl
  will coexist happily on a single machine). When such a thing happens, I
  guess a proper way would be to prompt the user, for which instances the
  RRFW should be enabled. However for that I need at least to somehow
  determine, which apache installations are the active ones (simply
  checking for directories in /etc will probably not do the trick, since
  the configuration directory /etc/$apachedir may be just a leftover from
  some previous installation, and corresponding process is not actually
  running, or even not installed). In summary, the question is: is there
  a valid way to check for all possible instances of apache which are
  properly configured on the system from postinst? Using dpkg-query to
  query the status does not seem very reliable, since it is not known,
  how this information is updated during the installation.

Thanks in advance for all your input,

Jurij Smakov[EMAIL PROTECTED]
Key: http://www.wooyd.org/pgpkey/   KeyID: C99E03CC

Bug#256109: libapr0: apr shared memory segments stick around forever if there's a crash

[Tyler 'Crackerjack' MacDonald]

Package: libapr0
Version: 2.0.49
Severity: normal


If I set up an apr_shmem segment on my Debian GNU/Linux system, and the
master process that set up the segment crashes without closing it, the
segment sticks around until I reboot.

I'm using a file named libbtt.shm to back the segment on the filesystem,
but even if i delete that file, and no other processes are running that
access the segment, when I re-start the server I get the following error:

apr_shm_create(rv, 880, .../libbtt.shm, pool) failed: File exists

 Thanks,
  Tyler


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.6-2-k7
Locale: LANG=C, LC_CTYPE=C