Your message dated Tue, 19 Apr 2005 07:32:18 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#303535: fixed in phpmyadmin 4:2.6.2-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 7 Apr 2005 09:24:25 +0000
>From [EMAIL PROTECTED] Thu Apr 07 02:24:25 2005
Return-path: <[EMAIL PROTECTED]>
Received: from smtp7.wanadoo.fr [193.252.22.24]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DJTFR-0005cN-00; Thu, 07 Apr 2005 02:24:25 -0700
Received: from me-wanadoo.net (unknown [127.0.0.1])
by mwinf0703.wanadoo.fr (SMTP Server) with ESMTP id D15FE10000A3
for <[EMAIL PROTECTED]>; Thu, 7 Apr 2005 11:23:53 +0200 (CEST)
Received: from argos.server.maison
(AToulouse-152-1-48-106.w82-125.abo.wanadoo.fr [82.125.158.106])
by mwinf0703.wanadoo.fr (SMTP Server) with ESMTP id 8656B100008D;
Thu, 7 Apr 2005 11:23:53 +0200 (CEST)
X-ME-UUID: [EMAIL PROTECTED]
Received: from prahal by argos.server.maison with local (Exim 4.50)
id 1DJTEo-0003Eq-EK; Thu, 07 Apr 2005 11:23:46 +0200
Date: Thu, 7 Apr 2005 11:23:46 +0200
From: [EMAIL PROTECTED]
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: phpmyadmin: htaccess override apache.conf settings
Message-ID: <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 3.9
Sender: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.8i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.4 required=4.0 tests=BAYES_00,HAS_PACKAGE,
NO_REAL_NAME autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: phpmyadmin
Version: 3:2.6.2-rc1-1
Severity: wishlist
the htaccess from phpmyadmin "enable" extension and
access. Thus it override the ones in the apache.conf.
It looks quite dangerous security wise. Could the overlapping
parameters (order, allow mostly) be removed from one of the file
?
Regards
Alban
PS: i have looked around for why phpmyadmin add a symlink in
/var/www (which could nfs mounted from another server
theorically ). /var being for data my opinion is that /var/www
is an artefact from the days when there was only static http to feed the
server .(it is also not part of the FHS being replaced by /srv
that most admin named /data before or used /home/http/) .It
could be removed from future distributions ...
Again is there a place to discuss such matters ?
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.11-rc5
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=UTF-8)
Versions of packages phpmyadmin depends on:
ii apache [httpd] 1.3.33-4 versatile, high-performance HTTP s
ii apache2-mpm-prefork [httpd] 2.0.53-5 traditional model for Apache2
ii caudium [httpd] 2:1.2.35.1-1 An extensible WWW server written i
ii debconf 1.4.47 Debian configuration management sy
ii mzscheme [httpd] 1:209-3 PLT Scheme Interpreter
ii php4 4:4.3.10-10 server-side, HTML-embedded scripti
ii php4-mysql 4:4.3.10-10 MySQL module for php4
ii ucf 1.17 Update Configuration File: preserv
-- debconf information:
* phpmyadmin/restart: false
* phpmyadmin/reconfigure-webserver: apache, apache2
* phpmyadmin/restart-webserver: false
* phpmyadmin/webserver: apache, apache-ssl, apache-perl, apache2
phpmyadmin/changed-extension:
---------------------------------------
Received: (at 303535-close) by bugs.debian.org; 19 Apr 2005 11:40:33 +0000
>From [EMAIL PROTECTED] Tue Apr 19 04:40:33 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DNr5l-0002sd-00; Tue, 19 Apr 2005 04:40:33 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DNqxm-0007af-00; Tue, 19 Apr 2005 07:32:18 -0400
From: Piotr Roszatycki <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#303535: fixed in phpmyadmin 4:2.6.2-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 19 Apr 2005 07:32:18 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Source: phpmyadmin
Source-Version: 4:2.6.2-1
We believe that the bug you reported is fixed in the latest version of
phpmyadmin, which is due to be installed in the Debian FTP archive:
phpmyadmin_2.6.2-1.diff.gz
to pool/main/p/phpmyadmin/phpmyadmin_2.6.2-1.diff.gz
phpmyadmin_2.6.2-1.dsc
to pool/main/p/phpmyadmin/phpmyadmin_2.6.2-1.dsc
phpmyadmin_2.6.2-1_all.deb
to pool/main/p/phpmyadmin/phpmyadmin_2.6.2-1_all.deb
phpmyadmin_2.6.2.orig.tar.gz
to pool/main/p/phpmyadmin/phpmyadmin_2.6.2.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Piotr Roszatycki <[EMAIL PROTECTED]> (supplier of updated phpmyadmin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 19 Apr 2005 11:51:21 +0200
Source: phpmyadmin
Binary: phpmyadmin
Architecture: source all
Version: 4:2.6.2-1
Distribution: unstable
Urgency: low
Maintainer: Piotr Roszatycki <[EMAIL PROTECTED]>
Changed-By: Piotr Roszatycki <[EMAIL PROTECTED]>
Description:
phpmyadmin - set of PHP-scripts to administrate MySQL over the WWW
Closes: 303535 304018 304566
Changes:
phpmyadmin (4:2.6.2-1) unstable; urgency=low
.
* New upstream release
* NEWS and README.Debian file are documented about problem with logging
in with cookie based authentication.
* Removed suPHP directive from apache.conf file. Closes: #304018.
* Configuration in .htaccess doesn't override global access settings.
Closes: #303535.
* Updated Brazilian Portuguese debconf templates translation.
Closes: #304566.
* Apache configuration is installed separately, not through symlinks.
* Convert httpd.conf and apache.conf. They have to contain
"Include /etc/apache2/conf.d/*.conf" directive.
Files:
49342f3f4ce0a495570930cff51d1379 592 web extra phpmyadmin_2.6.2-1.dsc
05e33121984824c43d94450af3edf267 2654418 web extra phpmyadmin_2.6.2.orig.tar.gz
1538257772beb28e46741d837c4c211c 27746 web extra phpmyadmin_2.6.2-1.diff.gz
82b71c187d0a3633dbe63b36a1f14066 2787324 web extra phpmyadmin_2.6.2-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCZOqthMHHe8CxClsRAgJzAJwKSC8TriyOJpcO/KQ/TtFM7TqTEACggjG0
MmDte+m0eQJ3Fgn9nEpPYvg=
=agwO
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
