Trusty ended standard support April 2019
** Changed in: apache2 (Ubuntu Trusty)
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of
Upstream bug is fix released, and states that the fix is available in
apache 2.4.9. Trusty has 2.4.7 atm.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
Upstream bug is fix released, and states that the fix is available in
apache 2.4.9. Trusty has 2.4.7 atm.
--
You received this bug notification because you are a member of Ubuntu
Server, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$"
Hi Matthias,
Thanks for helping figure out what was going on with the differing results in
the test case.
Since the new debdiff contains the rest of the patch for the original issue
I'll go ahead and continue the sru process for that debdiff.
Hopefully the second issue with rewrite directives
In case you are still interested in this, here is a "blubb" vhost
definition which contains the mod_rewrite->[P] rule (as opposed to
having it in .htaccess as with the "bla" vhost).
The error log then will show termination after the first
go-ahead with proxy request
whereas the bla host will
Thanks Wesley for resuming work in this.
I can confirm that your new debdiff aligns apache 2.4.7 to newer upstream
releases.
My original "mod_rewrite->[P] inside .htaccess" issue remains only
partly fixed. But that's not your fault or Ubuntus, it appears unfixed
even in upstream.
With
Hi,
Sorry for the delay in getting the second part of the fix backported and
about the confusion over which commits from upstream should be
backported.
I have a updated debdiff that brings in the second part of the fix from
upstream at:
http://svn.apache.org/viewvc?view=revision=1557641
Note
This bug was autoclosed by mistake. The update that just got pushed to
the -security pocket does _not_ contain the changes required to fix this
issue. Re-opening.
** Changed in: apache2 (Ubuntu Trusty)
Status: Fix Released => Incomplete
--
You received this bug notification because you
This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.13
---
apache2 (2.4.7-1ubuntu4.13) trusty-security; urgency=medium
* SECURITY UPDATE: proxy request header vulnerability (httpoxy)
- debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
@Matthias
It would have been nice if you could have verified the proposed package
as instructed in the bug, rather than waiting for the update to be
released first!
Let's re-open the Trusty task on the basis of your comment.
Presumably the test case Wesley determined does not cover your failure
@Matthias
It would have been nice if you could have verified the proposed package
as instructed in the bug, rather than waiting for the update to be
released first!
Let's re-open the Trusty task on the basis of your comment.
Presumably the test case Wesley determined does not cover your failure
Actually Incomplete is probably more appropriate, since we don't have a
reproducer right now.
** Changed in: apache2 (Ubuntu Trusty)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Actually Incomplete is probably more appropriate, since we don't have a
reproducer right now.
** Changed in: apache2 (Ubuntu Trusty)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
Hi, apparently only part of the fix was included,
http://svn.apache.org/viewvc?view=revision=1557641 seems to be
missing. That is the part that keeps mod_dir from firing when
mod_rewrite just fired.
Rewrites in .htaccess are still affected after upgrade to
2.4.7-1ubuntu4.6.
Matthias
--
You
Hi, apparently only part of the fix was included,
http://svn.apache.org/viewvc?view=revision=1557641 seems to be
missing. That is the part that keeps mod_dir from firing when
mod_rewrite just fired.
Rewrites in .htaccess are still affected after upgrade to
2.4.7-1ubuntu4.6.
Matthias
--
You
To reproduce (s. attachment):
vhost bla.conf (requires a2enmod proxy_http)
enables RewriteEngine/RewriteLogging and Proxy
DocumentRoot /var/www/bla
/var/www/bla/.htaccess:
RewriteRule ^(.*)$ http://10.110.110.29/$1 [P]
no other files in /var/www/bla/
request / (as in attached
To reproduce (s. attachment):
vhost bla.conf (requires a2enmod proxy_http)
enables RewriteEngine/RewriteLogging and Proxy
DocumentRoot /var/www/bla
/var/www/bla/.htaccess:
RewriteRule ^(.*)$ http://10.110.110.29/$1 [P]
no other files in /var/www/bla/
request / (as in attached
Thanks for the test case, that works really well. Sorry that the next
commit in upstream was not included in the SRU, I should have caught
that.
At the version that's in the repos now I do see a change in behaviour in
the log files between when 'DirectoryCheckHandler Off' is set and when
it is
Thanks for the test case, that works really well. Sorry that the next
commit in upstream was not included in the SRU, I should have caught
that.
At the version that's in the repos now I do see a change in behaviour in
the log files between when 'DirectoryCheckHandler Off' is set and when
it is
This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.6
---
apache2 (2.4.7-1ubuntu4.6) trusty; urgency=medium
* d/p/fix_rewrite_rule.patch: Add a configurable option to keep mod_dir from
running when another handler is set. This makes default behavior
consistant with
This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.6
---
apache2 (2.4.7-1ubuntu4.6) trusty; urgency=medium
* d/p/fix_rewrite_rule.patch: Add a configurable option to keep mod_dir from
running when another handler is set. This makes default behavior
consistant with
** Tags removed: apache rewrite verification-needed
** Tags added: trusty verification-done
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
** Tags removed: apache rewrite verification-needed
** Tags added: trusty verification-done
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage
I can confirm that the package in trusty-proposed resolves the issue for
me in a trusty vm with the default values set. I think it should be good
to go into trusty-updates.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
I can confirm that the package in trusty-proposed resolves the issue for
me in a trusty vm with the default values set. I think it should be good
to go into trusty-updates.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug
Wesley, have you gotten a chance to test the package in trusty-proposed?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage notifications about
Wesley, have you gotten a chance to test the package in trusty-proposed?
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage
Hello Matthias, or anyone else affected,
Accepted apache2 into trusty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apache2/2.4.7-1ubuntu4.6 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
Hello Matthias, or anyone else affected,
Accepted apache2 into trusty-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apache2/2.4.7-1ubuntu4.6 in a few
hours, and then in the -proposed repository.
Please help us by testing this new package. See
Awesome, thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage notifications about this bug go to:
Awesome, thanks!
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage notifications about this bug go to:
The updated debdiff looks great. I particularly appreciate the very
clearly written changelog that explains exactly what the deal is with
the new directive, the behaviour change and the default. Uploaded -
thank you!
SRU team: please note the behaviour change. We've concluded that it's OK
(I'm
The updated debdiff looks great. I particularly appreciate the very
clearly written changelog that explains exactly what the deal is with
the new directive, the behaviour change and the default. Uploaded -
thank you!
SRU team: please note the behaviour change. We've concluded that it's OK
(I'm
** Description changed:
[Test Case]
Setup
Apache 2.4.7
* mod_rewrite
* mod_ajp
* mod_dir
Tomcat
* Listening on Port 9001
Apache with a .htaccess in the example.net VirtualHost
- RewriteEngine On
- RewriteRule ^(.*)$ ajp://localhost:9001/$1 [P]
-
+
** Description changed:
[Test Case]
Setup
Apache 2.4.7
* mod_rewrite
* mod_ajp
* mod_dir
Tomcat
* Listening on Port 9001
Apache with a .htaccess in the example.net VirtualHost
- RewriteEngine On
- RewriteRule ^(.*)$ ajp://localhost:9001/$1 [P]
-
+
Thanks Wesley, this looks good.
Some minor changes please:
1) Please could you add an Origin: header to the debdiff? Something like
Origin: upstream,
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e;
or Origin: backport,
Thanks Wesley, this looks good.
Some minor changes please:
1) Please could you add an Origin: header to the debdiff? Something like
Origin: upstream,
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e;
or Origin: backport,
NACK on the debdiff. It doesn't use the actual fix that went into Apache
2.4. It uses a proposed patch from the bug that wasn't the way it was
ultimately fixed.
Please prepare a new debdiff with the following commit:
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e
NACK on the debdiff. It doesn't use the actual fix that went into Apache
2.4. It uses a proposed patch from the bug that wasn't the way it was
ultimately fixed.
Please prepare a new debdiff with the following commit:
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e
Replaced the debdiff with one that uses the fix from apache 2.4
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e
** Patch removed: trusty-sru-debdiff
Replaced the debdiff with one that uses the fix from apache 2.4
https://github.com/apache/httpd/commit/f0529e54b8d889322b5113eb623e263556bfa28e
** Patch removed: trusty-sru-debdiff
Attaching debdiff with patch applied.
** Attachment added: trusty-sru-debdiff
https://bugs.launchpad.net/ubuntu/trusty/+source/apache2/+bug/1394403/+attachment/4445979/+files/trusty-sru-debdiff
** Description changed:
+ [Test Case]
+
+ Setup
+ Apache 2.4.7
+ * mod_rewrite
+ * mod_ajp
+ *
Updated Description for SRU proposal.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
Attaching debdiff with patch applied.
** Attachment added: trusty-sru-debdiff
https://bugs.launchpad.net/ubuntu/trusty/+source/apache2/+bug/1394403/+attachment/4445979/+files/trusty-sru-debdiff
** Description changed:
+ [Test Case]
+
+ Setup
+ Apache 2.4.7
+ * mod_rewrite
+ * mod_ajp
+ *
Updated Description for SRU proposal.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Changed in: apache2 (Ubuntu Trusty)
Assignee: (unassigned) = Wesley Wiedenmeier (wesley-wiedenmeier)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
** Changed in: apache2 (Ubuntu Trusty)
Assignee: (unassigned) = Wesley Wiedenmeier (wesley-wiedenmeier)
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule
** Tags removed: server-next
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Tags removed: server-next
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Tags added: server-next
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Tags added: server-next
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Tags added: bitesize
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
** Tags added: bitesize
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of ^$ is broken
To manage notifications about this bug go to:
This bug is truly a pain, it really needs to be fixed.
The only acceptable workaround is not to use Apache 2.4.9, which
really means don't use Trusty (unfortunately it can't die off soon
enough ... it's LTS and it's everywhere now).
This is real misery to support.
--
You received this bug
This bug is truly a pain, it really needs to be fixed.
The only acceptable workaround is not to use Apache 2.4.9, which
really means don't use Trusty (unfortunately it can't die off soon
enough ... it's LTS and it's everywhere now).
This is real misery to support.
--
You received this bug
[Test Case]
Setup
Apache 2.4.7
* mod_rewrite
* mod_ajp
* mod_dir
Tomcat
* Listening on Port 9001
Apache with a .htaccess in the example.net VirtualHost
RewriteEngine On
RewriteRule ^(.*)$ ajp://localhost:9001/$1 [P]
Expected:
Return from Tomcat
HTTP Status 404 - /
Reality:
Return
[Test Case]
Setup
Apache 2.4.7
* mod_rewrite
* mod_ajp
* mod_dir
Tomcat
* Listening on Port 9001
Apache with a .htaccess in the example.net VirtualHost
RewriteEngine On
RewriteRule ^(.*)$ ajp://localhost:9001/$1 [P]
Expected:
Return from Tomcat
HTTP Status 404 - /
Reality:
Return
57 matches
Mail list logo