Your message dated Tue, 07 Sep 2021 08:37:43 +0000
with message-id <[email protected]>
and subject line Bug#891224: fixed in libapache2-mod-auth-openidc 2.4.9.4-1
has caused the Debian Bug report #891224,
regarding Just enabling the module makes apache children segfault
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
891224: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891224
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libapache2-mod-auth-openidc
Version: 2.1.6-1
Severity: serious
Hello,
this has just been witnessed on diabelli.debian.org:
apt install libapache2-mod-auth-openidc
a2enmod auth_openidc
systemctl restart apache2
at this point, just visiting sso.debian.org causes an internal server
error, with segfaults in the error log:
[Fri Feb 23 14:22:56.038768 2018] [core:notice] [pid 19113:tid
140156425577664] AH00052: child pid 19116 exit signal Segmentation fault (11)
Enrico
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8),
LANGUAGE=en_IE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libapache2-mod-auth-openidc depends on:
ii apache2-bin [apache2-api-20120211] 2.4.29-2
ii libc6 2.26-6
pn libcjose0 <none>
ii libcurl3 7.58.0-2
pn libhiredis0.13 <none>
ii libjansson4 2.11-1
ii libpcre3 2:8.39-9
ii libssl1.1 1.1.0g-2
libapache2-mod-auth-openidc recommends no packages.
libapache2-mod-auth-openidc suggests no packages.
--- End Message ---
--- Begin Message ---
Source: libapache2-mod-auth-openidc
Source-Version: 2.4.9.4-1
Done: Moritz Schlarb <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libapache2-mod-auth-openidc, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Moritz Schlarb <[email protected]> (supplier of updated
libapache2-mod-auth-openidc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 07 Sep 2021 09:37:15 +0200
Source: libapache2-mod-auth-openidc
Architecture: source
Version: 2.4.9.4-1
Distribution: unstable
Urgency: medium
Maintainer: Moritz Schlarb <[email protected]>
Changed-By: Moritz Schlarb <[email protected]>
Closes: 868949 883616 891224 993648
Changes:
libapache2-mod-auth-openidc (2.4.9.4-1) unstable; urgency=medium
.
* New upstream version 2.4.9.4
* Fix "CVE-2021-39191" (Closes: #993648)
* 2.4.9.2 fixed a regression regarding segfault at reload/restart
(Closes: #883616, #891224, #868949)
Checksums-Sha1:
6e0593f90c1dbf43efda8586732980feecfc953e 2528
libapache2-mod-auth-openidc_2.4.9.4-1.dsc
47f8b949552c3d32f019c5cf785c4672dc0f8aae 261544
libapache2-mod-auth-openidc_2.4.9.4.orig.tar.gz
64d79ff511f145f1131fc8e52b9883837773c690 5848
libapache2-mod-auth-openidc_2.4.9.4-1.debian.tar.xz
b6f2b10fdde35bf0e62c1bc4edb326f73bc2800c 7946
libapache2-mod-auth-openidc_2.4.9.4-1_amd64.buildinfo
Checksums-Sha256:
757c704a9229eff21b0a3665ea7fabfe6fd7b56501c879552a6d3c67c73b8792 2528
libapache2-mod-auth-openidc_2.4.9.4-1.dsc
142ee7abd49a4c6e2a7233c9124143709e733e8e51896c4a4f4172b0ffbc4741 261544
libapache2-mod-auth-openidc_2.4.9.4.orig.tar.gz
f0e8c3677b08282fffd71e401ae6f622c596676d60515d7c240fd80b5209b2e1 5848
libapache2-mod-auth-openidc_2.4.9.4-1.debian.tar.xz
2d2c83226d56c80d62009f6a2a656ac3cea08c702846f0f325638eb0f2473db9 7946
libapache2-mod-auth-openidc_2.4.9.4-1_amd64.buildinfo
Files:
7fc4a2d6a82b628e718fdc1042cc270f 2528 httpd optional
libapache2-mod-auth-openidc_2.4.9.4-1.dsc
21959e96f73545012afec7201f5f46fd 261544 httpd optional
libapache2-mod-auth-openidc_2.4.9.4.orig.tar.gz
8377c6fdb6f7a7cedbea6b0ddeeec969 5848 httpd optional
libapache2-mod-auth-openidc_2.4.9.4-1.debian.tar.xz
b4ddeb1f703c0289c8cbde81ddb32e02 7946 httpd optional
libapache2-mod-auth-openidc_2.4.9.4-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJKBAEBCgA0FiEE3wEiR7/GVQGv8oRFDCS4Qcfduq8FAmE3GPYWHHNjaGxhcmJt
QHVuaS1tYWluei5kZQAKCRAMJLhBx926ryc0D/9+bSB19PkraBM/N3ctbS1ns6nM
d1xx6AQfNBcPEzPk1axX2uqqtMG7t4goGn44dtBKe7iMxKxSobffnfuSmiU+j8L4
RCzPMeggRR/W5+DvxDz5Hu6PovZ4yqyLNjL45XQTx4ncAuAhLDl8odkAZpw8b3k/
kGDeBQbCFjQIDJFzCsKOHHNxWPi1ZMv03MISbR4drirfLbhoaSEcbcBDH7f3xT7U
g5qkPoboj24wkDFr6oacbSWsIOj/nttxHSmW41lnw68tKk/AaSvukErkQHJtGEbQ
prdy1quHcIDoGsx/UKLABsaXL955iODoTcL4JcFp/dcLJmnooKLAOuzplU4QFSil
AM5HU7sSNl0rVqOOeX9NptXmTjd9GmWVUu7hBWWN2zrJnyzxzh0uBi/SdJFHV8Zd
sFE+4DCjy2lIquSpWL0e/Mv8ZFOsTJwj4ai5OoOJUSWNFzDcD4HfUCeK5b/Agued
Ea6MMqIPVblzpfVvN3Ca6rTaIHfjtbD7RszN2EMpPpYEFK7UmrkbVNNT2oFZytc4
wydJ/QMOz4bqQa/2Sob95G/rFoPujtucFGKBZAMSkQM4BNjYeubf74ohlaBw7q7u
O+xaySunWtEa5xZaeqjN5hNHXVIEn2RBSDTKQU9/LgEfLxBu1zVnyR1OAN+D/cTz
u1kNKW6RHGcJHytkeg==
=q8c0
-----END PGP SIGNATURE-----
--- End Message ---
