Your message dated Thu, 18 Oct 2007 19:47:04 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#331631: fixed in apache2 2.2.6-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: apache2-utils
Version: 2.0.54-5
Severity: normal
Expected behavior: logresolve replaces IP addresses with host names and
leaves the rest of the log unchanged.
Observed behavior: Lines longer than 1024 characters are being wrapped.
This causes these lines to be broken (i.e. they can no longer be parsed
by log file analysis tools such as webalizer).
How to reproduce the problem:
echo '192.168.0.1 - - [25/Sep/2005:07:56:48 +0200] "GET 1234567890123[...]7890"
404' | /usr/sbin/logresolve
Observe that a line break has been inserted after the first 1024
characters.
Notes: Due to the high amount of web server worms "in the wild" today,
trying to exploit web servers by buffer overflow or similar techniques,
this kind of very long web request is not uncommon. Although those lines
are usually not important for web statistics, they do cause warning
messages and a positive return value in webalizer if they are broken.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages apache2-utils depends on:
ii libapr0 2.0.54-5 the Apache Portable Runtime
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.8-3 XML parsing C library - runtime li
ii libldap2 2.1.30-8 OpenLDAP libraries
ii libpcre3 4.5-1.2sarge1 Perl 5 Compatible Regular Expressi
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.2.6-2
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:
apache2-dbg_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-dbg_2.2.6-2_i386.deb
apache2-doc_2.2.6-2_all.deb
to pool/main/a/apache2/apache2-doc_2.2.6-2_all.deb
apache2-mpm-event_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-mpm-event_2.2.6-2_i386.deb
apache2-mpm-perchild_2.2.6-2_all.deb
to pool/main/a/apache2/apache2-mpm-perchild_2.2.6-2_all.deb
apache2-mpm-prefork_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-mpm-prefork_2.2.6-2_i386.deb
apache2-mpm-worker_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-mpm-worker_2.2.6-2_i386.deb
apache2-prefork-dev_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-prefork-dev_2.2.6-2_i386.deb
apache2-src_2.2.6-2_all.deb
to pool/main/a/apache2/apache2-src_2.2.6-2_all.deb
apache2-threaded-dev_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-threaded-dev_2.2.6-2_i386.deb
apache2-utils_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2-utils_2.2.6-2_i386.deb
apache2.2-common_2.2.6-2_i386.deb
to pool/main/a/apache2/apache2.2-common_2.2.6-2_i386.deb
apache2_2.2.6-2.diff.gz
to pool/main/a/apache2/apache2_2.2.6-2.diff.gz
apache2_2.2.6-2.dsc
to pool/main/a/apache2/apache2_2.2.6-2.dsc
apache2_2.2.6-2_all.deb
to pool/main/a/apache2/apache2_2.2.6-2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch <[EMAIL PROTECTED]> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 18 Oct 2007 19:35:40 +0200
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork
apache2-doc apache2-mpm-event apache2.2-common apache2-dbg apache2-mpm-worker
apache2-src apache2-threaded-dev apache2-mpm-perchild
Architecture: source all i386
Version: 2.2.6-2
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <[EMAIL PROTECTED]>
Description:
apache2 - Next generation, scalable, extendable web server
apache2-dbg - Apache debugging symbols
apache2-doc - documentation for apache2
apache2-mpm-event - Event driven model for Apache HTTPD
apache2-mpm-perchild - Transitional package - please remove
apache2-mpm-prefork - Traditional model for Apache HTTPD
apache2-mpm-worker - High speed threaded model for Apache HTTPD
apache2-prefork-dev - development headers for apache2
apache2-src - Apache source code
apache2-threaded-dev - development headers for apache2
apache2-utils - utility programs for webservers
apache2.2-common - Next generation, scalable, extendable web server
Closes: 294662 331631 400918 443310 445263 447164
Changes:
apache2 (2.2.6-2) unstable; urgency=low
.
* Avoid calling apr_pollset_poll() and accept_func() when the listening
sockets have already been closed on graceful stop or reload. This
hopefully fixes processes not being killed (closes: #445263, #447164)
and the "Bad file descriptor: apr_socket_accept: (client socket)"
error message (closes: #400918, #443310)
* Allow logresolve to process long lines (Closes: #331631)
* Remove duplicate config examples (Closes: #294662)
* Include README.backtrace describing how to create a backtrace
* Add CVE reference to 2.2.6-1 changelog entry
Files:
5ca97816c802c65537125aca368b4e45 1223 web optional apache2_2.2.6-2.dsc
511bc32b4869e8d0b739797accc7b09b 115600 web optional apache2_2.2.6-2.diff.gz
1f9fba90bf217035ed58ba1f612759af 747700 web optional
apache2.2-common_2.2.6-2_i386.deb
5b1fec1a865bfcf3b73e147279b700f9 226744 web optional
apache2-mpm-worker_2.2.6-2_i386.deb
f3c65b86a3e897e16ffbdeac13aa67c5 222994 web optional
apache2-mpm-prefork_2.2.6-2_i386.deb
4c6bbba2e5ce50c818cdea4e51f541a8 227362 web optional
apache2-mpm-event_2.2.6-2_i386.deb
0f38195c59721b4d1ff0f868038e0fc3 134326 web optional
apache2-utils_2.2.6-2_i386.deb
56c9cf15e0515c6ebefa16f29cfbb107 200486 devel extra
apache2-prefork-dev_2.2.6-2_i386.deb
c43299ccd3d2c4b06d4400d929eac83a 201098 devel extra
apache2-threaded-dev_2.2.6-2_i386.deb
02f873448ad6ad225c3a90e57522310d 2289318 libdevel extra
apache2-dbg_2.2.6-2_i386.deb
f0e5034a88aff4473399fe3658c20551 66240 web optional
apache2-mpm-perchild_2.2.6-2_all.deb
65c25adfd770f51187fc9a322fbf5d33 42192 web optional apache2_2.2.6-2_all.deb
854deafa6c797110c84e14db869040e1 2010392 doc optional
apache2-doc_2.2.6-2_all.deb
16630a7d27f78d98c8d483da12e7fcc5 6296816 devel extra
apache2-src_2.2.6-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHF7IQbxelr8HyTqQRAuwtAKCwzK5b7BOzbqR02WihMBJtbRu/SACgn/cf
sUuoQUGF78OJWaE/R87Si4I=
=5xiF
-----END PGP SIGNATURE-----
--- End Message ---
