[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
** Tags added: verification-done ** Tags removed: verification-needed -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.3 --- apache2 (2.2.14-5ubuntu8.3) lucid-proposed; urgency=low * debian/apache2.2-common.postinst: Don't fail if you can load the reqtimeout module. (LP: #621837) * debian/patches/Backport fix for upstream bug PR 45444: https://issues.apache.org/bugzilla/show_bug.cgi?id=45444. (LP: #609290, #589611, #595116) -- Chuck Short zul...@ubuntu.com Mon, 27 Sep 2010 14:06:57 -0400 ** Changed in: apache2 (Ubuntu Lucid) Status: Fix Committed = Fix Released -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Confirmed the fix - we no longer see any errors saying client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): - and all the web pages work as expected. I searched the internet for weeks looking for that message, and failed, until I added ubuntu to the search - and found this thread - this was a huge fix for us - thank you. For anyone looking to fix the same issue, here are the steps I used: echo deb http://archive.ubuntu.com/ubuntu/ lucid-proposed restricted main multiverse universe /etc/apt/sources.list cat /etc/apt/preferences Package: * Pin: release a=lucid-security Pin-Priority: 990 Package: * Pin: release a=lucid-updates Pin-Priority: 900 Package: * Pin: release a=lucid-proposed Pin-Priority: 400 (control-D to end) Then aptitude install apache2/lucid-proposed Don't pick the first solution, but instead pick the following one: Upgrade the following packages: apache2-mpm-worker [2.2.14-5ubuntu8.2 (lucid-updates, lucid-security, now) - 2.2.14-5ubuntu8.3 (lucid-proposed)] apache2-threaded-dev [2.2.14-5ubuntu8.2 (lucid-updates, lucid-security, now) - 2.2.14-5ubuntu8.3 (lucid-proposed)] apache2.2-bin [2.2.14-5ubuntu8.2 (lucid-updates, lucid-security, now) - 2.2.14-5ubuntu8.3 (lucid-proposed)] apache2.2-common [2.2.14-5ubuntu8.2 (lucid-updates, lucid-security, now) - 2.2.14-5ubuntu8.3 (lucid-proposed)] Score is 53 Then the install will show: The following packages will be upgraded: apache2 apache2-mpm-worker apache2-threaded-dev apache2.2-bin apache2.2-common Now be sure you have the right stuff: r...@ubuntu:/etc/apt# dpkg -l | grep apach ii apache2 2.2.14-5ubuntu8.3 Apache HTTP Server metapackage ii apache2-mpm-worker 2.2.14-5ubuntu8.3 Apache HTTP Server - high speed threaded model ii apache2-threaded-dev2.2.14-5ubuntu8.3 Apache development headers - threaded MPM ii apache2-utils 2.2.14-5ubuntu8.2 utility programs for webservers ii apache2.2-bin 2.2.14-5ubuntu8.3 Apache HTTP Server common binary files ii apache2.2-common2.2.14-5ubuntu8.3 Apache HTTP Server common files If you see 8.3, then you have the new code... Thanks again. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Accepted apache2 into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance! ** Changed in: apache2 (Ubuntu Lucid) Status: Triaged = Fix Committed -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Awesome, I thought I had fixed it previously but have noticed it's still happening and causing some failed puppet runs. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
This was not committed to lucid-proposed. Current lucid-proposed is a security fix: apache2 (2.2.14-5ubuntu8.2) lucid-security; urgency=low * debian/patches/211-sslinsecurerenegotiation-directive.dpatch: once openssl gets updated to fix CVE-2009-3555, server renegotiations with unpatched clients will fail. This patch adds the ability to revert to the previous unsafe behaviour with a new SSLInsecureRenegotiation directive. (LP: #616759) * debian/control: add specific dependency on first openssl version to get CVE-2009-3555 fix. This one is next in queue. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-3555 ** Changed in: apache2 (Ubuntu Lucid) Status: Fix Committed = Triaged ** Changed in: apache2 (Ubuntu Lucid) Assignee: (unassigned) = Chuck Short (zulcss) -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Ubuntu 10.04.1 LTS 32bit - proposed package did NOT fix the problem. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
We patched the fix ourselves, the fix does indeed fix the problem. Now if we can just get it as part of lucid, that would be grand. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
apache2 and libc packages from lucid-proposed did *not* fix the issue for me. Neither did uninstalling libc6-686. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Using 32bit Ubuntu fwiw. -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 589611] Re: [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23)
Accepted apache2 into lucid-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance! ** Changed in: apache2 (Ubuntu Lucid) Status: New = Fix Committed ** Tags added: verification-needed -- [SRU] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23) https://bugs.launchpad.net/bugs/589611 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs