Bug#322613: marked as done (Processed: Apache 1.3 also vulnerable?)

2005-09-06 Thread Debian Bug Tracking System 
Your message dated Tue, 06 Sep 2005 23:10:36 +1000
with message-id [EMAIL PROTECTED]
and subject line Not vulnerable
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 11 Aug 2005 18:47:32 +
From [EMAIL PROTECTED] Thu Aug 11 11:47:31 2005
Return-path: [EMAIL PROTECTED]
Received: from mail3b.westend.com (mail3b2.westend.com) [212.117.79.78] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1E3I5T-0002HP-00; Thu, 11 Aug 2005 11:47:31 -0700
Received: from localhost (localhost [127.0.0.1])
by mail3b2.westend.com (Postfix) with ESMTP id AC1051212B7
for [EMAIL PROTECTED]; Thu, 11 Aug 2005 20:47:30 +0200 (CEST)
Received: from mail3b2.westend.com ([127.0.0.1])
by localhost (mail3b [127.0.0.1]) (amavisd-new, port 20024)
with ESMTP id 30692-09 for [EMAIL PROTECTED];
Thu, 11 Aug 2005 20:47:26 +0200 (CEST)
Received: from xeniac.intern (office-gw.westend.com [212.117.64.2])
by mail3b2.westend.com (Postfix) with ESMTP id 502901212B6
for [EMAIL PROTECTED]; Thu, 11 Aug 2005 20:47:26 +0200 (CEST)
Date: Thu, 11 Aug 2005 20:47:25 +0200
From: Christian Hammers [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: Processed: Apache 1.3 also vulnerable?
Message-ID: [EMAIL PROTECTED]
In-Reply-To: [EMAIL PROTECTED]
References: [EMAIL PROTECTED]
[EMAIL PROTECTED]
Organization: www.debian.org
X-Mailer: Sylpheed-Claws 1.0.4 (GTK+ 1.2.10; i386-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
autolearn=no version=2.60-bugs.debian.org_2005_01_02

Package: apache
Severity: critical
Tags: security
thanks

Cloning did not work, so I open a new bug report. Reason was that
RedHat/Fedora also updated their 1.3.27 packages so this version
might also be vulnerable.

  clone 320048 -2
 Bug#320048: SECURITY: buffer-overrun in apache2-ssl (CAN-2005-1268)
 Bug is marked as being merged with others.
 
  reassign -2 apache
 Bug number -2 not found.

bye,

-christian-

---
Received: (at 322613-done) by bugs.debian.org; 6 Sep 2005 13:11:15 +
From [EMAIL PROTECTED] Tue Sep 06 06:11:15 2005
Return-path: [EMAIL PROTECTED]
Received: from loki.0c3.net [69.0.240.48] 
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ECdEJ-00016d-00; Tue, 06 Sep 2005 06:11:15 -0700
Received: from [203.49.196.168] (helo=[10.0.0.4])
by loki.0c3.net with esmtp (Exim 4.34)
id 1ECdDn-0003yE-U8
for [EMAIL PROTECTED]; Tue, 06 Sep 2005 07:10:44 -0600
Message-ID: [EMAIL PROTECTED]
Date: Tue, 06 Sep 2005 23:10:36 +1000
From: Adam Conrad [EMAIL PROTECTED]
User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050831)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: Not vulnerable
X-Enigmail-Version: 0.92.0.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no 
version=2.60-bugs.debian.org_2005_01_02

Apache 1.3 is not vulnerable to CAN-2005-1268

... Adam


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#322607: marked as done (SECURITY: HTTP proxy responses with both Transfer-Encoding and Content-Length headers (CAN-2005-2088))

2005-09-06 Thread Debian Bug Tracking System 
Your message dated Tue, 06 Sep 2005 07:47:04 -0700
with message-id [EMAIL PROTECTED]
and subject line Bug#322607: fixed in apache 1.3.33-8
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 28 Jun 2005 22:49:46 +
From [EMAIL PROTECTED] Tue Jun 28 15:49:44 2005
Return-path: [EMAIL PROTECTED]
Received: from inutil.org (vserver151.vserver151.serverflex.de) 
[193.22.164.111] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnOtj-0005fj-00; Tue, 28 Jun 2005 15:49:43 -0700
Received: from dsl-082-082-137-197.arcor-ip.net ([82.82.137.197] 
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa 
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DnOo7-0006DV-N0
for [EMAIL PROTECTED]; Wed, 29 Jun 2005 00:43:55 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.51)
id 1DnOtX-0001i1-IX; Wed, 29 Jun 2005 00:49:31 +0200
Content-Type: text/plain; charset=us-ascii
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff [EMAIL PROTECTED]
To: Debian Bug Tracking System [EMAIL PROTECTED]
Subject: apache2: Security issues in HTTP proxy responses with both 
Transfer-Encoding
 and Content-Length headers
X-Mailer: reportbug 3.15
Date: Wed, 29 Jun 2005 00:49:31 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: [EMAIL PROTECTED]
X-SA-Exim-Connect-IP: 82.82.137.197
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond 
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: apache2
Severity: grave
Tags: security
Justification: user security hole

Latest 2.1.6-alpha fixes a security in the proxy HTTP code:

| The 2.1.6-alpha release addresses a security vulnerability present
| in all previous 2.x versions.  This fault did not affect Apache 1.3.x
| (which did not proxy keepalives or chunked transfer encoding);

|Proxy HTTP: If a response contains both Transfer-Encoding
|and a Content-Length, remove the Content-Length to eliminate
|an HTTP Request Smuggling vulnerability and don't reuse the
|connection, stopping some HTTP Request Spoofing attacks.

Cheers,
Moritz

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

---
Received: (at 322607-close) by bugs.debian.org; 6 Sep 2005 14:51:12 +
From [EMAIL PROTECTED] Tue Sep 06 07:51:12 2005
Return-path: [EMAIL PROTECTED]
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1ECej2-0004mV-00; Tue, 06 Sep 2005 07:47:04 -0700
From: Adam Conrad [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#322607: fixed in apache 1.3.33-8
Message-Id: [EMAIL PROTECTED]
Sender: Archive Administrator [EMAIL PROTECTED]
Date: Tue, 06 Sep 2005 07:47:04 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
autolearn=no version=2.60-bugs.debian.org_2005_01_02

Source: apache
Source-Version: 1.3.33-8

We believe that the bug you reported is fixed in the latest version of
apache, which is due to be installed in the Debian FTP archive:

apache-common_1.3.33-8_powerpc.deb
  to pool/main/a/apache/apache-common_1.3.33-8_powerpc.deb
apache-dbg_1.3.33-8_powerpc.deb
  to pool/main/a/apache/apache-dbg_1.3.33-8_powerpc.deb
apache-dev_1.3.33-8_all.deb
  to pool/main/a/apache/apache-dev_1.3.33-8_all.deb
apache-doc_1.3.33-8_all.deb
  to pool/main/a/apache/apache-doc_1.3.33-8_all.deb
apache-perl_1.3.33-8_powerpc.deb
  to pool/main/a/apache/apache-perl_1.3.33-8_powerpc.deb
apache-ssl_1.3.33-8_powerpc.deb
  to pool/main/a/apache/apache-ssl_1.3.33-8_powerpc.deb
apache-utils_1.3.33-8_all.deb
  to pool/main/a/apache/apache-utils_1.3.33-8_all.deb
apache_1.3.33-8.diff.gz
  to pool/main/a/apache/apache_1.3.33-8.diff.gz