Bug#539246: apache2: Incorrect password check with CRYPT

Package: apache2.2-common Version: 2.2.9-10+lenny4 Severity: grave Tags: security Justification: user security hole If you create a User/Password combination with htpasswd using the default CRYPT encryption and a password with more than 8 chars, the Website still gets you access by typing in the

consulta gratis de tarot

Amor sorte negoçio pode aqui fazer uma pergunta via msn cola meu mail mai...@sapo.pt ou pelo telfono 964843639 ou 917440317 dr pedro site www.yourvida.com/astrologia amour argnt travail sur msn consultation gratuite il faut coler mon e-mail mai...@sapo.pt ou tel 0170389850 ou site --

Bug#539246: apache2: Incorrect password check with CRYPT

reassign apache2-utils retitle htpasswd should use a more secure password hash by default severity wishlist thanks If you create a User/Password combination with htpasswd using the default CRYPT encryption and a password with more than 8 chars, the Website still gets you access by typing in

Processed: reassign 539246 to apache2-utils ..., severity of 539246 is wishlist

Processing commands for cont...@bugs.debian.org: # Automatically generated email from bts, devscripts version 2.10.35lenny3 reassign 539246 apache2-utils Bug #539246 [apache2.2-common] apache2: Incorrect password check with CRYPT Bug reassigned from package 'apache2.2-common' to

Processing of apache2_2.2.3-4+etch10_i386.changes

apache2_2.2.3-4+etch10_i386.changes uploaded successfully to ftp.upload.debian.org along with the files: apache2_2.2.3-4+etch10.dsc apache2_2.2.3-4+etch10.diff.gz apache2.2-common_2.2.3-4+etch10_i386.deb apache2-mpm-worker_2.2.3-4+etch10_i386.deb

Processing of apache2_2.2.3-4+etch10_i386.changes

apache2_2.2.3-4+etch10_i386.changes uploaded successfully to localhost along with the files: apache2_2.2.3-4+etch10.dsc apache2_2.2.3-4+etch10.diff.gz apache2.2-common_2.2.3-4+etch10_i386.deb apache2-mpm-worker_2.2.3-4+etch10_i386.deb apache2-mpm-prefork_2.2.3-4+etch10_i386.deb

Bug#537665: marked as done (apache2.2-common: segfault in crc32 when using deflate since last security upgrade)

Your message dated Thu, 30 Jul 2009 18:40:21 +0200 (CEST) with message-id 42700.194.224.98.149.1248972021.squir...@www.sfritsch.de and subject line Re: Bug#537665: apache2.2-common: segfault in crc32 when using deflate since last security upgrade has caused the Debian Bug report #537665,

Processed: tagging 493142

Processing commands for cont...@bugs.debian.org: # Automatically generated email from bts, devscripts version 2.10.35lenny3 tags 493142 - patch Bug #493142 [apache2.2-common] apache2.2-common: init.d stop does not wait for Apache to stop Ignoring request to alter tags of bug #493142 to the

apache2 override disparity

There are disparities between your recently accepted upload and the override file for the following file(s): apache2-mpm-event_2.2.3-4+etch10_i386.deb: package says section is web, override says net. apache2-mpm-perchild_2.2.3-4+etch10_all.deb: package says section is web, override says net.

Bug#533231: apache2.2-common: Seg fault at graceful restart (log rotation)

#5 0xb772ff5a in ENGINE_load_padlock () from /usr/lib/i686/cmov/libcrypto.so.0.9.8 Do you have different modules or different php extensions enabled on the two servers? No, I checked on 1 other server that is also serving the same services, and therefor has exacly the same modules and

Processed: bug 517984 is forwarded to https://issues.apache.org/bugzilla/show_bug.cgi?id=47219

Processing commands for cont...@bugs.debian.org: # Automatically generated email from bts, devscripts version 2.10.35lenny3 forwarded 517984 https://issues.apache.org/bugzilla/show_bug.cgi?id=47219 Bug #517984 [apache2.2-common] apache2: one logfile missing should not prevent apache from