** Changed in: debian
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1930921
Title:
Apache 2.4.41 corrupts files from samba share
Status in apache2 package in Ubuntu:
Incomplete
Status in linux package in Ubuntu:
Incomplete
Status in samba package in Ubuntu:
Incomplete
Status in Debian:
Fix Released
Bug description:
Wenn I serve a samba share with apache 2.4.41 on Ubuntu 20.04 then
some files have a corrupt header during transmission. It seems that
the first few bytes of the headers are truncated and sometimes other
bytes of the download are not belonging to the file.
A workaround I found that works is to set "EnableMMAP Off" in the
apache config.
See other bug reports like this:
https://serverfault.com/questions/1044724/apache2-sends-corrupt-responses-when-using-a-cifs-share
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900821
This is most probably not a bug in Ubuntu itself but I am reporting it
here since I assume that a data corruption bug is seen as critical.
I am also marking it as a security vulnerability since it seems that wrong
parts of memory get exposed during file download. I don't know how random the
exposed memory is and if it potentially could expose e.g. secrets.
Please feel free to remove the security vulnerability flag if your assessment
leads to a different conclusion.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1930921/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
