Package: apache2.2-common
Version: 2.2.9-10+lenny4
Severity: grave
Tags: security
Justification: user security hole
If you create a User/Password combination with htpasswd using the default
CRYPT encryption and a password with more than 8 chars, the Website still
gets you access by typing in the
Amor sorte negoçio pode aqui fazer uma pergunta via msn cola meu mail
mai...@sapo.pt
ou pelo telfono 964843639 ou 917440317 dr pedro site
www.yourvida.com/astrologia
amour argnt travail sur msn consultation gratuite il faut coler mon e-mail
mai...@sapo.pt
ou tel 0170389850 ou site
--
reassign apache2-utils
retitle htpasswd should use a more secure password hash by default
severity wishlist
thanks
If you create a User/Password combination with htpasswd using the default
CRYPT encryption and a password with more than 8 chars, the Website still
gets you access by typing in
Processing commands for cont...@bugs.debian.org:
# Automatically generated email from bts, devscripts version 2.10.35lenny3
reassign 539246 apache2-utils
Bug #539246 [apache2.2-common] apache2: Incorrect password check with CRYPT
Bug reassigned from package 'apache2.2-common' to
apache2_2.2.3-4+etch10_i386.changes uploaded successfully to
ftp.upload.debian.org
along with the files:
apache2_2.2.3-4+etch10.dsc
apache2_2.2.3-4+etch10.diff.gz
apache2.2-common_2.2.3-4+etch10_i386.deb
apache2-mpm-worker_2.2.3-4+etch10_i386.deb
apache2_2.2.3-4+etch10_i386.changes uploaded successfully to localhost
along with the files:
apache2_2.2.3-4+etch10.dsc
apache2_2.2.3-4+etch10.diff.gz
apache2.2-common_2.2.3-4+etch10_i386.deb
apache2-mpm-worker_2.2.3-4+etch10_i386.deb
apache2-mpm-prefork_2.2.3-4+etch10_i386.deb
Your message dated Thu, 30 Jul 2009 18:40:21 +0200 (CEST)
with message-id 42700.194.224.98.149.1248972021.squir...@www.sfritsch.de
and subject line Re: Bug#537665: apache2.2-common: segfault in crc32 when using
deflate since last security upgrade
has caused the Debian Bug report #537665,
Processing commands for cont...@bugs.debian.org:
# Automatically generated email from bts, devscripts version 2.10.35lenny3
tags 493142 - patch
Bug #493142 [apache2.2-common] apache2.2-common: init.d stop does not wait for
Apache to stop
Ignoring request to alter tags of bug #493142 to the
There are disparities between your recently accepted upload and the
override file for the following file(s):
apache2-mpm-event_2.2.3-4+etch10_i386.deb: package says section is web,
override says net.
apache2-mpm-perchild_2.2.3-4+etch10_all.deb: package says section is web,
override says net.
#5 0xb772ff5a in ENGINE_load_padlock ()
from /usr/lib/i686/cmov/libcrypto.so.0.9.8
Do you have different modules or different php extensions enabled on
the two servers?
No, I checked on 1 other server that is also serving the same services,
and therefor has exacly the same modules and
Processing commands for cont...@bugs.debian.org:
# Automatically generated email from bts, devscripts version 2.10.35lenny3
forwarded 517984 https://issues.apache.org/bugzilla/show_bug.cgi?id=47219
Bug #517984 [apache2.2-common] apache2: one logfile missing should not prevent
apache from
11 matches
Mail list logo