[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Trent Lloyd]

** Changed in: passenger (Debian)
   Importance: Unknown => Undecided

** Changed in: passenger (Debian)
 Remote watch: Debian Bug tracker #812103 => None

** Changed in: passenger (Debian)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Launchpad Bug Tracker]

This bug was fixed in the package passenger -
2.2.11debian-2+deb6u1ubuntu12.04.2

---
passenger (2.2.11debian-2+deb6u1ubuntu12.04.2) precise-security; urgency=medium

  * REGRESSION UPDATE: Fix for regression introduced in previous
CVE-2015-7519 fix.  All HTTP headers were dropped from the
request which broke all applications. Backport the upstream
fix from commit c04590871ca0878d4d3ac1220c5a554b049056b4 for
Apache2 only (LP: #1575220)

 -- Trent Lloyd   Tue, 05 Jul 2016 00:42:47
+0800

** Changed in: passenger (Ubuntu)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-7519

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Steve Beattie]

Trent, thanks for digging up a solution for this. I'll sponsor your
upload to security today.

** Changed in: passenger (Ubuntu)
 Assignee: (unassigned) => Steve Beattie (sbeattie)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Trent Lloyd]

Uploading a copy of the same debdiff, but against the original version
(2.2.11debian-2).  It's more clear exactly what is now changed and forms
the fix, for review purposes.

** Patch added: "lp1575220-against-original.diff"
   
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+attachment/4695471/+files/lp1575220-against-original.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Trent Lloyd]

I tracked down the source of the issue

The current patch modifies the addHeader() function itself to perform
the check, this is invalid because this function is used internally to
setup many headers from the environment such as the standard CGI
HTTP_HOST, REQUEST_URI, etc.

The correct patch should only abort adding headers from the HTTP
request.


The upstream patch/source for Passenger 5 was quite different to v2 here, 
however the upstream patch for Passenger 4 
(https://github.com/phusion/passenger/commit/c04590871ca0878d4d3ac1220c5a554b049056b4)
 was very similar and I have backported this fix to precise in the attached 
debdiff.  I have not backported the nginx part, it was not done originally.

Patch Testing:
 ** No Patch **
lathiat@ubuntu:~/src/lp1575220$ curl -s -H "X-Test-Dash-Header: Yes" -H 
"X_TEST_UNDERSCORE_HEADER: Yes" http://10.48.134.78/|grep -i test
   "HTTP_X_TEST_UNDERSCORE_HEADER"=>"Yes",
   "HTTP_X_TEST_DASH_HEADER"=>"Yes",

 ** Broken Patch **
lathiat@ubuntu:~/src/lp1575220$ curl -s -H "X-Test-Dash-Header: Yes" -H 
"X_Test_Underscore_header: Yes" http://10.48.134.78/|grep -i test

 ** New Proposed Patch **
lathiat@ubuntu:~/src/lp1575220$ curl -s -H "X-Test-Dash-Header: Yes" -H 
"X_Test_Underscore_header: Yes" http://10.48.134.78/|grep -i test
   "HTTP_X_TEST_DASH_HEADER"=>"Yes",

** Patch added: "lp1575220-against-12.04.1.diff"
   
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+attachment/4695470/+files/lp1575220-against-12.04.1.diff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Trent Lloyd]

I have confirmed that this patch seems to *completely* break passenger
(v2) in precise, no variables are passed through at all.

This works as expected on xenial (Passenger 5) with the latest release
including the same fix, so I am fairly sure something went wrong in
backporting the patch which appears to have been done as part of
squeeze-lts.  Squeeze LTS concluded in February 2016 so a patch from
Debian seems unlikely.

Test case for the issue:
root@precise:~# apt-get install apache2 libapache2-mod-passenger

root@preicse:~# a2enmod passenger

root@precise:~# cat /etc/apache2/sites-enabled/000-default

ServerAdmin webmaster@localhost
DocumentRoot /var/www/public
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
PassengerEnabled on


root@precise:~# cat /var/www/config.ru
# my_rack_app.rb
require 'rack'
require 'pp'
app = proc do |env|
  [ 200, {'Content-Type' => 'text/plain'}, [PP.pp(Rack::Request.new(env), "")] ]
end
run app

(Old Version)
apt-get install libapache2-mod-passenger=2.2.11debian-2
Result:
#false,
   "_"=>"_",
   "HTTP_ACCEPT_ENCODING"=>"gzip, deflate, sdch",
   "PATH_INFO"=>"/",
   "HTTP_CACHE_CONTROL"=>"max-age=0",
   "SCRIPT_NAME"=>"",
   "DOCUMENT_ROOT"=>"/var/www/public",
   "rack.version"=>[1, 0],
   "SERVER_SOFTWARE"=>"Apache/2.2.22 (Ubuntu)",
   "rack.multiprocess"=>true,
   "HTTP_ACCEPT_LANGUAGE"=>"en-US,en;q=0.8",
   "SERVER_PROTOCOL"=>"HTTP/1.1",
   "HTTP_ACCEPT"=>

"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
   "HTTP_UPGRADE_INSECURE_REQUESTS"=>"1",
   "QUERY_STRING"=>"asff",
   "SERVER_ADMIN"=>"webmaster@localhost",
   "rack.url_scheme"=>"http",
   "rack.input"=>
#,
 @rewindable_io=nil,
 @unlinked=false>,
   "REQUEST_URI"=>"/?asff",
   "rack.multithread"=>false,
   "REQUEST_METHOD"=>"GET",
   "REMOTE_ADDR"=>"10.48.134.22",
   "REMOTE_PORT"=>"36638",
   "SERVER_ADDR"=>"10.48.134.78",
   "SERVER_NAME"=>"10.48.134.78",
   "rack.errors"=>#,
   "HTTP_USER_AGENT"=>
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) 
Chrome/51.0.2704.106 Safari/537.36",
   "HTTP_CONNECTION"=>"keep-alive",
   "HTTP_HOST"=>"10.48.134.78",
   "SERVER_PORT"=>"80"}>

(New Version)
apt-get upgrade
# upgrade only 'reloads' apache and does not restart it which doesn't load the 
new module, so restart it
/etc/init.d/apache2 restart

Result:
#"_",
   "rack.url_scheme"=>"http",
   "rack.version"=>[1, 0],
   "rack.multithread"=>false,
   "rack.run_once"=>false,
   "rack.input"=>
#,
 @rewindable_io=nil,
 @unlinked=false>,
   "rack.multiprocess"=>true,
   "rack.errors"=>#}>

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Robie Basak]

** Tags added: regression-update

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Trent Lloyd]

Discussion about this in the upstream bug tracker, though no real progress at 
this stage it's tagged for investigation for the next minor release:
https://tickets.puppetlabs.com/browse/PUP-6411
https://tickets.puppetlabs.com/browse/PUP-6458
https://tickets.puppetlabs.com/browse/PUP-6424

Discussion in the Debian bug implies that the passenger patch was bad,
and filters too much.  Have not personally evaluated if this is true and
seems no one has chimed in on that in the Debian bug as yet - though
there is a random patch.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Junkern]

I downgraded to previous version of libapache2-mod-passenger, seems to
get puppetmaster up and running.

apt-get install libapache2-mod-passenger=2.2.11debian-2

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Junien Fridrick]

Hi,

So what is the path forward here ?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Simon Lundström]

I agree with Brian; it looks like almost all environment variables are
missing. The only ones I, think I, get from Apache is:

"HTTPS"=>"on",
"CONTENT_LENGTH"=>nil,

then I get some variables from libapache2-mod-shib2 which is an
authentication module:

"Shib-Session-Index"=>"deadbeef",
"Shib-Authentication-Instant"=>"2016-05-17T07:04:18.013Z",
"Shib-Application-ID"=>"default",
"Shib-Session-ID"=>"_deadbeef",

"Shib-AuthnContext-Class"=>"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Brian Pitts]

I also believe that this update has completely broken mod_passenger.

This affected us and stopped our puppetmasters from working. All of the
stuff that should be in the rack environment like REMOTE_ADDR went
missing, which led to fun-to-decipher error messages like "Could not
resolve : cannot interpret as address:" because request.ip was nil. I
built the previous package version and downgraded to it; that got our
puppetmasters working again.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Bug Watch Updater]

** Changed in: passenger (Debian)
   Status: Unknown => New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Launchpad Bug Tracker]

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: passenger (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1575220] Re: puppet broken after libapache2-mod-passenger upgrade

[Alex Muntada]

** Bug watch added: Debian Bug tracker #812103
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812103

** Also affects: passenger (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812103
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1575220

Title:
  puppet broken after libapache2-mod-passenger upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/passenger/+bug/1575220/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs