Your message dated Thu, 17 Jan 2008 21:17:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#337325: fixed in apache2 2.2.8-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: apache2-common
Version: 2.0.55-3
Severity: minor
I've been getting a few error messages from mod_proxy as such:
---snip---
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET
http://bcm-specs.sipsolutions.net/Sending?action=edit.
Reason: DNS lookup failure for: bcm-specs.sipsolutions.net
---snip---
Now I tried clicking on that URL but that made me go to the URL
http://bcm-specs.sipsolutions.net/Sending%3faction=edit
Notice how the questionmark was URL-encoded.
Looking at the source code of the error message reveals:
<a
href="http://bcm-specs.sipsolutions.net/Sending%3faction=edit">GET http://bcm-specs.sipsolutions.net/Sending?action=edit</a>
The URL inside the href="..." shouldn't be URL-encoded, it should be HTML
encoded. In this case, no encoding is necessary at all.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc4
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages apache2-common depends on:
ii apache2-utils 2.0.55-3 utility programs for webservers
ii debconf 1.4.58 Debian configuration management sy
ii debianutils 2.15 Miscellaneous utilities specific t
ii libc6 2.3.5-7 GNU C Library: Shared libraries an
ii libdb4.3 4.3.29-1 Berkeley v4.3 Database Libraries [
ii libexpat1 1.95.8-3 XML parsing C library - runtime li
ii libgcc1 1:4.0.2-3 GCC support library
ii libmagic1 4.15-2 File type determination library us
ii lsb-base 3.0-11 Linux Standard Base 3.0 init scrip
ii mime-support 3.35-1 MIME files 'mime.types' & 'mailcap
ii net-tools 1.60-16 The NET-3 networking toolkit
ii openssl 0.9.8a-2 Secure Socket Layer (SSL) binary a
ii ssl-cert 1.0-11 Simple debconf wrapper for openssl
apache2-common recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.2.8-1
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:
apache2-dbg_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-dbg_2.2.8-1_i386.deb
apache2-doc_2.2.8-1_all.deb
to pool/main/a/apache2/apache2-doc_2.2.8-1_all.deb
apache2-mpm-event_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-mpm-event_2.2.8-1_i386.deb
apache2-mpm-perchild_2.2.8-1_all.deb
to pool/main/a/apache2/apache2-mpm-perchild_2.2.8-1_all.deb
apache2-mpm-prefork_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-mpm-prefork_2.2.8-1_i386.deb
apache2-mpm-worker_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-mpm-worker_2.2.8-1_i386.deb
apache2-prefork-dev_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-prefork-dev_2.2.8-1_i386.deb
apache2-src_2.2.8-1_all.deb
to pool/main/a/apache2/apache2-src_2.2.8-1_all.deb
apache2-threaded-dev_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-threaded-dev_2.2.8-1_i386.deb
apache2-utils_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2-utils_2.2.8-1_i386.deb
apache2.2-common_2.2.8-1_i386.deb
to pool/main/a/apache2/apache2.2-common_2.2.8-1_i386.deb
apache2_2.2.8-1.diff.gz
to pool/main/a/apache2/apache2_2.2.8-1.diff.gz
apache2_2.2.8-1.dsc
to pool/main/a/apache2/apache2_2.2.8-1.dsc
apache2_2.2.8-1_all.deb
to pool/main/a/apache2/apache2_2.2.8-1_all.deb
apache2_2.2.8.orig.tar.gz
to pool/main/a/apache2/apache2_2.2.8.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch <[EMAIL PROTECTED]> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 17 Jan 2008 20:27:56 +0100
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork
apache2-doc apache2-mpm-event apache2.2-common apache2-dbg apache2-mpm-worker
apache2-src apache2-threaded-dev apache2-mpm-perchild
Architecture: source i386 all
Version: 2.2.8-1
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <[EMAIL PROTECTED]>
Description:
apache2 - Next generation, scalable, extendable web server
apache2-dbg - Apache debugging symbols
apache2-doc - documentation for apache2
apache2-mpm-event - Event driven model for Apache HTTPD
apache2-mpm-perchild - Transitional package - please remove
apache2-mpm-prefork - Traditional model for Apache HTTPD
apache2-mpm-worker - High speed threaded model for Apache HTTPD
apache2-prefork-dev - development headers for apache2
apache2-src - Apache source code
apache2-threaded-dev - development headers for apache2
apache2-utils - utility programs for webservers
apache2.2-common - Next generation, scalable, extendable web server
Closes: 311269 337325 349709 411774 436441 458085 458093 458857 459236 460105
Changes:
apache2 (2.2.8-1) unstable; urgency=low
.
* New upstream version:
- Fixes cross-site scripting issues in
o mod_imagemap (CVE-2007-5000)
o mod_status (CVE-2007-6388)
o mod_proxy_balancer's balancer manager (CVE-2007-6421)
- Fixes a denial of service issue in mod_proxy_balancer's balancer manager
(CVE-2007-6422).
- Fixes mod_proxy URL encoding in error messages (closes: #337325).
- Adds explicit charset to the output of various modules to work around
possible cross-site scripting flaws affecting web browsers that do not
derive the response character set as required by RFC2616. For
mod_proxy_ftp there is now the new ProxyFtpDirCharset directive to
specify something else than ISO-8859-1 (CVE-2008-0005).
- Adds mod_substitute which performs inline response content pattern
matching (including regex) and substitution (like mod_line_edit).
- Adds "DefaultType none" option.
- Adds new "B" option to RewriteRule to suppress URL unescaping.
- Adds an "if" directive for mod_include to test whether an URL is
accessible, and if so, conditionally display content.
- Adds support for mod_ssl to the event MPM.
* Move the configuration of User, Group, and PidFile to
/etc/apache2/envvars. This makes it easier to use these settings in
scripts. /etc/apache2/envvars can now also be used to influence apache2ctl
(inspired by Marc Haber's patch). (Closes: #349709, #460105, #458085)
* Make apache2ctl check the configuration syntax before trying to restart
apache, to match the behaviour documented in the man page.
(Closes: #459236)
* Convert docs to be directly viewable with a browser (and not use content
negotiation).
* Add doc-base entry for the documentation. (closes: #311269)
* Don't ship default files in /var/www, but copy a sample file to
/var/www/index.html on new installs. Also remove the now unneeded
RedirectMatch line from sites-available/default.
(Closes: #411774, #458093)
* Add some information to README.Debian (Apache wiki, default virtual host)
* Build with LDFLAGS=-Wl,--as-needed to drop a lot of unnecessary
dependencies, easing library transitions (closes: #458857).
* Add icons for OpenDocuments, add sharutils to Build-Depends for uudecode.
Patch by Nicolas Valcárcel. (Closes: #436441)
* Add reportbug script to list enabled modules.
* Fix some lintian warnings:
- Pass --no-start to dh_installinit instead of omitting the debhelper token
in various maintainer scripts. Also move the update-rc.d call to
apache2.2-common.
- Add Short-Description to init script.
* Remove unused apache2-mpm-prefork.prerm from source package and clean up
debian/rules a bit.
* Don't ship NEWS.Debian with apache2-utils, as the contents are only
relevant for the server.
Files:
c2f8c4852c9f6b851552901f7765e344 1269 web optional apache2_2.2.8-1.dsc
39a755eb0f584c279336387b321e3dfc 6125771 web optional apache2_2.2.8.orig.tar.gz
405c7118ef0f2e8ee36253e94b9cc5cf 128534 web optional apache2_2.2.8-1.diff.gz
7c5c628ce099a8db2af2f0673013db9d 758632 web optional
apache2.2-common_2.2.8-1_i386.deb
bf9cc92e127c56eacc3702a4c4a3a8e5 232758 web optional
apache2-mpm-worker_2.2.8-1_i386.deb
9e326ea633159ddc17a8dcd4e6c0ed4f 228630 web optional
apache2-mpm-prefork_2.2.8-1_i386.deb
4ab3e1fc87dd5e1d1a1cd8d653b653df 233408 web optional
apache2-mpm-event_2.2.8-1_i386.deb
469ab3fae7c2245a1f9eb162d862fbd6 138010 web optional
apache2-utils_2.2.8-1_i386.deb
61914e18762538c19fcdcd3558d0e216 206262 devel extra
apache2-prefork-dev_2.2.8-1_i386.deb
985308826a67afc0acfb19f6e05eb55f 206946 devel extra
apache2-threaded-dev_2.2.8-1_i386.deb
6a2141ae61e5857f168bf061a3078416 2299634 libdevel extra
apache2-dbg_2.2.8-1_i386.deb
4a312e9c72ae3bb2f58b131c4dd1a7be 71126 web optional
apache2-mpm-perchild_2.2.8-1_all.deb
8edcee73f90cb5c55852cd02b4cfc66d 43932 web optional apache2_2.2.8-1_all.deb
b0080e3a9d6e7309b56ea594887b7b34 1938972 doc optional
apache2-doc_2.2.8-1_all.deb
e5fb8960e908fd0762d7a0bdfa99d94c 6398378 devel extra
apache2-src_2.2.8-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHj7wLbxelr8HyTqQRAiyVAJ9mztuh0wXHVX4mchK+6L9LAxb+lgCgvdHS
UY3rMy17E4oBG/p6MKPvzZA=
=ixvS
-----END PGP SIGNATURE-----
--- End Message ---