Package: libapache2-mod-auth-pgsql Version: 2.0.2b1-5 Severity: normal
Hi, Please forgive me if this is a stupid question. I have just installed the latest version of mod-auth-pgsql because of the recent security issue. After installing it, as far as I can see Apache has not been restarted. So I think that it is still running with the old insecure module loaded, and will continue to do so until I restart it. Shouldn't this module restart Apache from its post-installation script? (I really don't know much about how .deb packages work and wouldn't normally post a bug report with so little knowledge, but I thought I ought to in this case because of the clear security issue. Apache servers can often run for many months without needing to be restarted, and I think this means that they would remain vulnerable.) --Phil. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (900, 'unstable'), (800, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11suspend2 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages libapache2-mod-auth-pgsql depends on: ii apache2-common 2.0.54-4 next generation, scalable, extenda ii libc6 2.3.5-6 GNU C Library: Shared libraries an ii libpq3 7.4.8-2 PostgreSQL C client library -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
