Your message dated Sun, 07 Mar 2004 08:32:06 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#229653: fixed in apache 1.3.29.0.2-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 25 Jan 2004 20:23:18 +0000
>From [EMAIL PROTECTED] Sun Jan 25 12:23:18 2004
Return-path: <[EMAIL PROTECTED]>
Received: from basicbox2.server-home.net [195.137.212.24]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Akqms-0003W2-00; Sun, 25 Jan 2004 12:23:18 -0800
Received: from mail0.ister.org (brln-d9b810a8.pool.mediaWays.net
[217.184.16.168])
by basicbox2.server-home.net (Postfix) with ESMTP id BD20810E91F
for <[EMAIL PROTECTED]>; Sun, 25 Jan 2004 21:23:07 +0100 (CET)
Received: from florian (unknown [192.168.0.40])
by mail0.ister.org (Postfix) with ESMTP
id 50F91A02; Sun, 25 Jan 2004 15:49:54 +0100 (CET)
Content-Type: text/plain;
charset="us-ascii"
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Organization: Ister.ORG
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: apache: /etc/init.d/apache still leaking environment
Date: Sun, 25 Jan 2004 15:48:57 +0100
User-Agent: KMail/1.4.3
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_01_24
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.6 required=4.0 tests=HAS_PACKAGE,NO_REAL_NAME
autolearn=no version=2.60-bugs.debian.org_2004_01_24
X-Spam-Level:
Package: apache
Version: 1.3.26-0woody3
Severity: important
Tags: security patch
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux <hostname> 2.4.18 #5 Mon May 5 13:56:33 CEST 2003 i686
Locale: LANG=3DC, LC_CTYPE=3DC
Versions of packages apache depends on:
ii apache-common 1.3.26-0woody3=20
ii dpkg 1.9.21
ii libc6 2.2.5-11.2 =20
ii libdb2 2:2.7.7.0-7=20
ii libexpat1 1.95.2-6=20
ii logrotate 3.5.9-8
ii mime-support 3.18-1
ii perl 5.6.1-7=20
ii perl [perl5] 5.6.1-7=20
Description:
When I start or restart apache later than boot time using /etc/init.d/apa=
che,=20
the environment is leaking into the web server process. The point to fix =
this=20
problem is already found in the script, but unfortunately not properly=20
implemented.
Debian SID seems also to be affected.
Ingo Schramm
Patch:
22a23
> ENV=3D"env -i LANG=3D${LANG} PATH=3D${PATH}"
32c33
< start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
---
> $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
48c49
< start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
---
> $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
--=20
Ister.ORG
mailto:[EMAIL PROTECTED]
http://www.ister.org
---------------------------------------
Received: (at 229653-close) by bugs.debian.org; 7 Mar 2004 13:38:15 +0000
>From [EMAIL PROTECTED] Sun Mar 07 05:38:14 2004
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AzyTu-0001xX-00; Sun, 07 Mar 2004 05:38:14 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1AzyNy-0001rJ-00; Sun, 07 Mar 2004 08:32:06 -0500
From: [EMAIL PROTECTED] (Fabio M. Di Nitto)
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.44 $
Subject: Bug#229653: fixed in apache 1.3.29.0.2-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 07 Mar 2004 08:32:06 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_05
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=HAS_BUG_NUMBER autolearn=no
version=2.60-bugs.debian.org_2004_03_05
X-Spam-Level:
Source: apache
Source-Version: 1.3.29.0.2-1
We believe that the bug you reported is fixed in the latest version of
apache, which is due to be installed in the Debian FTP archive:
apache-common_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-common_1.3.29.0.2-1_i386.deb
apache-dbg_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-dbg_1.3.29.0.2-1_i386.deb
apache-dev_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-dev_1.3.29.0.2-1_i386.deb
apache-doc_1.3.29.0.2-1_all.deb
to pool/main/a/apache/apache-doc_1.3.29.0.2-1_all.deb
apache-perl_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-perl_1.3.29.0.2-1_i386.deb
apache-ssl_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-ssl_1.3.29.0.2-1_i386.deb
apache-utils_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache-utils_1.3.29.0.2-1_i386.deb
apache_1.3.29.0.2-1.diff.gz
to pool/main/a/apache/apache_1.3.29.0.2-1.diff.gz
apache_1.3.29.0.2-1.dsc
to pool/main/a/apache/apache_1.3.29.0.2-1.dsc
apache_1.3.29.0.2-1_i386.deb
to pool/main/a/apache/apache_1.3.29.0.2-1_i386.deb
apache_1.3.29.0.2.orig.tar.gz
to pool/main/a/apache/apache_1.3.29.0.2.orig.tar.gz
libapache-mod-perl_1.29.0.2-1_i386.deb
to pool/main/a/apache/libapache-mod-perl_1.29.0.2-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Fabio M. Di Nitto <[EMAIL PROTECTED]> (supplier of updated apache package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 07 Mar 2004 13:15:09 +0100
Source: apache
Binary: apache-dev apache-common apache-doc apache-utils apache apache-dbg
apache-perl libapache-mod-perl apache-ssl
Architecture: source i386 all
Version: 1.3.29.0.2-1
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <[email protected]>
Changed-By: Fabio M. Di Nitto <[EMAIL PROTECTED]>
Description:
apache - Versatile, high-performance HTTP server
apache-common - Support files for all Apache webservers
apache-dbg - Apache webservers (debugging versions)
apache-dev - Apache webserver development kit
apache-doc - Apache webserver docs
apache-perl - Versatile, high-performance HTTP server with Perl support
apache-ssl - Versatile, high-performance HTTP server with SSL support
apache-utils - Utility programs for webservers
libapache-mod-perl - Integration of perl with the Apache web server
Closes: 45268 219378 226131 226833 227232 228355 229000 229653 230718 230991
231387 232630 232668 233097 233694 234091 234650 234706 234731 235976
Changes:
apache (1.3.29.0.2-1) unstable; urgency=low
.
* (Fabio M. Di Nitto)
- Introduced better checks for values returned by debconf frontens
and rollback to defaults if empty (Closes: #234091)
- Introduced ucf to preserve users configurations across upgrades
(Closes: #227232, #235976, #234650)
- Fixed several overlapping problems with postrm scripts
(Closes: #232668)
- New apache-ssl upstream [CAN-2004-0009]
(Closes: #232630)
- Make modules-config less paranoid about .so/.info relationship
(Closes: #226833, #234706)
- Updated default apache-ssl conf for new SSLNoV2 directive
- Rebuilt and enforced dependencies against perl 5.8.3
(Closes: #231387)
- Switched logrotate scripts to use invoke-rc.d and Co.
(Closes: #234731)
- Added (for real this time) mod-perl r->dir_config('foo') patch. Thanks
Don.
(Closes: #226131)
- Modified init scripts and postinst to handle in a better way the start
at boot. (Closes: #228355)
- Added link to netcraft.com in the default placeholder and a few lines
in the README.Debian
- Modified init scripts to clean mod-bandwidth/link/ after each stop
(Closes: #229000)
- More init scripts cleanup. It shouldn't leak environment information
(Closes: #229653, #230991)
- Added check for MIMEMagicFile to suggested corrections
(Closes: #230718)
- Added da.po thanks to Claus Hindsgaul (Closes: #233097)
* (Tollef Fog Heen)
- Stop linking against so many DB libs. (Closes: #45268)
* (Matthew Wilcox)
- Ship rotatelogs in apache-utils. (Closes: #219378)
- Add mod_autoindex patch. (Closes: #233694)
Files:
2c2f436049a261d425f7a33ade8e1c32 1085 web optional apache_1.3.29.0.2-1.dsc
cc7d80570bfce92a4743c297a1fd1004 3071092 web optional
apache_1.3.29.0.2.orig.tar.gz
685c35aae699c0e19958736a9c3bce60 374701 web optional
apache_1.3.29.0.2-1.diff.gz
cf14ac454403e89dfcde8d6dd2b535cc 1158450 doc optional
apache-doc_1.3.29.0.2-1_all.deb
183c94fecba25014692654e26bf04e59 367170 web optional
apache_1.3.29.0.2-1_i386.deb
989ca889e96e620696653bbce2a360fb 478130 web optional
apache-ssl_1.3.29.0.2-1_i386.deb
74e6a958e9609ca633182e99b50ddbe7 485688 web extra
apache-perl_1.3.29.0.2-1_i386.deb
b3620575930b34b63667c0f958f880e9 316708 devel extra
apache-dev_1.3.29.0.2-1_i386.deb
3987b0ca06198160e430b1bef96895e1 9074574 devel extra
apache-dbg_1.3.29.0.2-1_i386.deb
fe4db14d1ec9434af7f92a819f5cd19d 816424 web optional
apache-common_1.3.29.0.2-1_i386.deb
29bf856f65bb50e18d5d6151a852088c 257794 web optional
apache-utils_1.3.29.0.2-1_i386.deb
6a272db812c36314cee3cdb14fd8a4b0 480216 web optional
libapache-mod-perl_1.29.0.2-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFASx1jhCzbekR3nhgRAj3CAJ9JciF73J6YNddTi6id3AdXrSZTSgCfbiGb
e2LQB+i3aBND88PPrwWwcaY=
=N3tl
-----END PGP SIGNATURE-----
