Bug#910917: RFA: apache2 -- Apache HTTP Server

Package: wnpp Severity: normal I am looking for new maintainers for the Apache httpd server (the apache2 package). The apache2 package has a relatively complex packaging and config file handling. There are also a lot of third-party module packages in Debian. Therefore, some experience with using

Bug#912277: apache2: does not start any more: AH01903: Failed to configure CA certificate chain!

On Monday, 29 October 2018 20:31:54 CET Thorsten Glaser wrote: > tglase@tglase:~ $ cat /var/log/apache2/error.log > [Mon Oct 29 20:18:58.090841 2018] [ssl:emerg] [pid 17306] AH01903: Failed to > configure CA certificate chain! > [Mon Oct 29 20:18:58.090919 2018] [ssl:emerg] [pid 17306] AH02311: Fat

Bug#912277: apache2: does not start any more: AH01903: Failed to configure CA certificate chain!

On Sunday, 4 November 2018 18:36:19 CET Thorsten Glaser wrote: > This is a real WTF. I found https://serverfault.com/a/892300/189656 > and thought “hey, Apache 2 still documents SSLCertificateChainFile, > plus it’s the proper way to specify the chain given it’s normally > separate from the certific

Re: need some old files with apache2 debian 6 (squeeze)

There is http://archive.debian.org/ Stefan On Friday, 16 November 2018 19:20:36 CET jean-luc Berno wrote: > Hello, > > I'm with an old debian 6.0.3 which couldn't be updated because on a > READYNAS DUOV2 (OS5) architecture armel.

Bug#840580: apache2-bin: crashes when issuing a restart while mod_cgid is enabled

On Sunday, 25 November 2018 19:07:56 CET Bernhard Übelacker wrote: > Dear Maintainer, > tried to find out the actual location that the backtrace points to. > > Unfortunately I could not make any clue out of the line > containing /usr/sbin/apache2(+0x29e450). > > But at least, I think, the line co

Bug#914297: apache2: getrandom call blocks on first startup, systemd kills with timeout

How long is the timeout after which it is killed? What is the status of systemd-random-seed.service in that case? I don't see why it should take so long for the random number generator to initialize. But maybe apache2 needs to add a dependency. Please provide the output of journalctl -b UNIT=a

Bug#915103: Apache2 HTTP/2 connection problems with Safari clients

On Friday, 30 November 2018 15:54:07 CET Andreas Ziegler wrote: > Package: apache2 > Version: 2.4.25-3+deb9u6 > > When i load a picture using safari from an apache webserver with HTTP/2 > enabled and repeat that multiple times in a row (F5), > at least each 3rd request fails with > "Failed to load

Bug#914297: apache2: getrandom call blocks on first startup, systemd kills with timeout

On Friday, 14 December 2018 12:43:29 CET Adrian Bunk wrote: > On Sun, Nov 25, 2018 at 11:35:37PM +0100, Stefan Fritsch wrote: > >... > > > > I don't see why it should take so > > long for the random number generator to initialize. > > > >... > >

Bug#914297: apache2: getrandom call blocks on first startup, systemd kills with timeout

reassign 914297 systemd affects 914297 apache2 thanks On Saturday, 15 December 2018 02:24:54 CET Alexander E. Patrakov wrote: > Stefan Fritsch : > > The rng should be initialized after the seed is loaded from disk. > > This is false according to systemd developers. Its state is ch

Bug#915103: Apache2 HTTP/2 connection problems with Safari clients

Hi Philip, On Friday, 14 December 2018 22:49:13 CET Philip Iezzi wrote: > But the patch from bee2facd9343beda10677b139cd9b2e49e986f01 > (https://salsa.debian.org/apache-team/apache2/commit/bee2facd9343beda10677b > 139cd9b2e49e986f01) was already applied to latest apache2 package in Debian > 9.6 (m

Bug#915103: Apache2 HTTP/2 connection problems with Safari clients

Hi Philip, sorry for the late respone, I have been quite busy with other things. I could find no indication that any other upstream release has the same bug. Therefore I hope that adding more fixes from upstream versions up to the version from where I took the security fixes (2.4.34 and 2.4.35)

Bug#921024: apache2: DEP8 failure with 2.4.38-1: allowmethods.t

On Thursday, 31 January 2019 19:16:06 CET Andreas Hasenack wrote: > Package: apache2 > Version: 2.4.38-1 > Severity: normal > > Dear Maintainer, > > The updated 2.4.38-1 package for apache2 triggered a DEP8 test failure: > > https://ci.debian.net/packages/a/apache2/unstable/amd64/ > > >From htt

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

Between 2.4.25 and the fix for this issue, there were some intrusive changes in mpm_evnt. If we did a backport, rhe risk of introducing regressions would be quite high. Therefore, and because the next Debian stable release is quite near, I don't think it makes sense to backport the fix.

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

On Tuesday, 12 February 2019 17:44:39 CET Gedalya wrote: > On 2/13/19 12:38 AM, Jan Wagner wrote: > > backports is not meant for fixing things. beside that it would require > > all rebuilding most of the additional apache modules not shiped by the > > apache2 source package. > > So we're back to d

Bug#915103: Apache2 HTTP/2 connection problems with Safari clients

On Tuesday, 12 February 2019 16:45:34 CET Philip Iezzi wrote: > Hi Stefan, > > Confirming again that your patch from Feb 4th fixed the issue. I've got now > positive feedback from my customers and have upgraded all HTTPS-sites back > to HTTP/2. Will this patch make it into Debian Stretch? > > Tha

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

Hi, I am not comfortable with switching to mpm_worker, either, since this would be a significant behavior change. I have however tried a backport of the patch referenced in the upstream bug report and put a build here: https://people.debian.org/~sf/apache2-mpm-event-902493/2.4.25-3+deb9u7~test

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

On Monday, 11 March 2019 09:35:45 CET Sven Hartge wrote: > This breaks quite fast, resulting in apache2 processes at 100% CPU, doing > nothing but: Thanks for the quick feed-back. Second try with different approach is at https://people.debian.org/~sf/apache2-mpm-event-902493/2.4.25-3+deb9u7~test

Re: Apache 2.4.39 in Buster ?

Hi, On Tuesday, 2 April 2019 22:21:31 CEST Xavier wrote: > New Apache 2.4.39 fixes many bugs (including 5 CVEs [1]) with only 2 > minor new features. Do you think it is a good idea to upgrade Apache > version in Buster or do you prefer a 2.4.38 with 2.4.39 fixes (means > 2.4.39 without ~2 commits)

Bug#926400: libapr1-dbd-mysql: apache fails to start if dbd with mysql is used

serverity 926400 grave thanks On Thu, Apr 04, 2019 at 03:00:19PM +0200, csta...@digitus.itk.ppke.hu wrote: > AH00526: Syntax error on line 19 of /etc/apache2/sites-enabled/mydomain.conf: > Can't load driver file apr_dbd_mysql.so > Action 'start' failed. > In this current form this might be consid

Bug#913823: apache2: dav.load does not check for an already loaded dav_module

On Friday, 1 February 2019 03:49:22 CEST Nye Liu wrote: > Package: apache2 > Version: 2.4.38-1 > Followup-For: Bug #913823 > > Workaround in /etc/apache2/mods-available/dav.load: > > > LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so > > > Alternately just make dav_fs not depend o

Bug#926609: unblock: apache2/2.4.38-3

uri.path safety + in server/request.c, server/util.c. +- debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in + server/util.c. +- CVE-2019-0220 + + [ Stefan Fritsch ] + * Pull security fixes from 2.4.39 via Ubuntu + * CVE-2019-0197: mod_http2: Fix possible crash on late

Bug#489625: libapr1-dev: please don't ship your own copy of libtool

forwarded 489625 https://bz.apache.org/bugzilla/show_bug.cgi?id=62640 thanks https://bz.apache.org/bugzilla/show_bug.cgi?id=62640 has some infos and a patch

Bug#925061: apache2: Cannot disabled old TLS Versions (prior to TLS1.2)

Hi, On Tue, Mar 19, 2019 at 05:18:49PM +0100, Thomas Knaller wrote: > Therefore I edited /etc/apache2/mods-enabled/ssl.conf so that it > states "SSLProtocol TLSv1.2", which should disable all SSLProtocols > except for TLS1.2, but TLS1.0 und TLS1.1 are still active, as seen > with nmap: > > # nma

Bug#928173: apache2: SSLCipherSuite is ignored

On Monday, 29 April 2019 13:22:56 CEST Olaf Zaplinski wrote: > I have set > SSLCipherSuite "-ALL ECDHE-ECDSA-CHACHA20-POLY1305 > ECDHE-RSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384" in > mods-enabled/ssl.conf > > SSLProtocol is not defined anywhere. SSLCipherSuite is only defined here. > >

Bug#902493: SSL Issue

Thank you very much for the testing. On Fri, 14 Jun 2019, Jean-Louis Dupond wrote: > We had the test2 version running for some days on a machine. > But we noticed a quite important issue with it. > > The configuration has a lot of SSL certificates. > Now when doing a lot of sequential requests,

Bug#936034: broken http2 in apache2 2.4.25-3+deb9u8 for mod_dav_svn on stretch?

Sorry for the late response. This is unfortunately a bug in subversion that is now triggered by the new http2 module. The fix is here http://svn.apache.org/viewvc?view=revision&revision=1845204 . I will have to ask how this can be fixed, by DSA or by stable point release. Am 29.08.19 um 11:55 sc

Bug#936034: DSA-4509-1 regression needs to be fixed in subversion

reassign 936034 libapache2-mod-svn found 936034 1.9.0-1 fixed 1.10.4-1 affects 936034 apache2 thanks DSA-4509-1 for apache2 caused a regression with libapache2-mod-svn that needs a fix in subversion. In agreement with the security team, I will upload a fix for this to security.debian.org

Bug#489625: Maybe fixable with apr 1.7

According to the changelog, apr 1.7 adds all the --tag parameters to the libtool invocations. Maybe this allows this to be fixed. But I won't change that in the -1 upload because I want the python builddep fix to make it to testing without problems.

Bug#489625: Maybe fixable with apr 1.7

notforwarded 489625 thanks Am 29.08.20 um 11:20 schrieb Stefan Fritsch: According to the changelog, apr 1.7 adds all the --tag parameters to the libtool invocations. Maybe this allows this to be fixed. This is not enough. There are many projects that use apr that don't pass the

Bug#978045: apache2-bin: Immediate exit with "AH00141: Could not initialize random number generator"

reassign 978045 libapr1 found 978045 1.7.0-1 thanks Am 25.12.20 um 03:18 schrieb David W: You can see that the associated call/failure is happening inside APR here, on line 216: https://svn.apache.org/viewvc/apr/apr/trunk/misc/unix/rand.c?revision=1832691&view=markup#l216

Bug#978045: apache2-bin: Immediate exit with "AH00141: Could not initialize random number generator"

Am 27.12.20 um 12:24 schrieb David W: I think a perfectly valid fix would be to document (in the changelog or elsewhere) that this hard requirement was added, in particular because (IIUC) using getrandom() instead of one of the other codepaths is the choice of the package maintainer. (I.e. this

Bug#987156: mod_ssl depends on mod_setenvif while it does not

Am 18.04.21 um 17:10 schrieb MichaIng: Hence I believe that this module dependency might come from some previous use of setenvif directives in the default mod_ssl config, which have been removed meanwhile, rendering this dependency as obsolete. I'm not sure how those dependencies are defined a

Bug#988310: ssl-cert: make-ssl-cert uses same filename for template and output

I won't be able to deal with this for at least 1-2 weeks. It would be nice if someone could look at it and downgrade or NMU+unblock. Am 06.06.21 um 13:14 schrieb Stefan Bühler: Hi, On Mon, 10 May 2021 11:09:58 +0200 Parodper wrote: Package: ssl-cert Version: 1.1.0 Severity: grave Tags: patch

Bug#1017868: ssl-cert: Needless bash dependency

Hi, Am 21.08.22 um 21:59 schrieb наб: The installed make-ssl-cert depends on bash, but doesn't really need to. I am sorry, but I don't see any advantage here in switching away from bash. The performance advantage of dash over bash is completely irrelevant in make-ssl-cert, and bash is essent

Bug#1030376: apache2: Deal with future removal of berkeley DB

Package: apache2 Version: 2.4.55-1 Severity: important It seems db5.3 will go away sooner or later [1], probably after the bookworm release. Apache httpd supports using auth/authz data from DBM files with mod_authn_dbm/mod_authz_dbm [2,3] and in a bunch of other places, at least mod_authn_socache

Bug#1031034: apr: Missing LFS support triggers FTBFS on other packages

Hi Helge, Am 10.02.23 um 17:24 schrieb Helge Deller: On 32-bit platforms it's necessary to compile programs and libraries with Large File Support (LFS) in order to allow them to function correctly on filesystems with > 2GB or 4GB size. This can be solved by adding "-D_LARGEFILE_SOURCE -D_FIL

Bug#1031034: apr: Missing LFS support triggers FTBFS on other packages

It seems a large transition will be needed for 64bit time_t, anyway. And glibc enforces _FILE_OFFSET_BITS=64 if _TIME_BITS=64 is set. apr should do both transitions at the same time. It seems there won't be a transition for i386 but the whole point of i386 is running old binaries. https://wi

Bug#1057126: "AH03490: scoreboard is full" after nightly maintenance

Hi, Am 30.11.23 um 09:05 schrieb Peter Krefting: we are experiencing that the Apache httpd locks up, filling the error.log with errors after the nightly maintenance (not every night, though):   [Wed Nov 29 00:00:01.922731 2023] [mpm_event:notice] [pid 62346:tid 139841215223680] AH00489: Ap

Bug#1066821: apr-util: FTBFS on arm{el,hf}: /bin/bash: line 3: 3132384 Segmentation fault LD_LIBRARY_PATH="`echo "../crypto/.libs:../dbm/.libs:../dbd/.libs:../ldap/.libs:$LD_LIBRARY_PATH" | sed -e 's/

Am 13.03.24 um 22:32 schrieb Sebastian Ramacher: Source: apr-util Version: 1.6.3-1.1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: sramac...@debian.org https://buildd.debian.org/status/fetch.php?pkg=apr-util&arch=armh

Bug#1066821: apr-util: FTBFS on arm{el,hf}: /bin/bash: line 3: 3132384 Segmentation fault LD_LIBRARY_PATH="`echo "../crypto/.libs:../dbm/.libs:../dbd/.libs:../ldap/.libs:$LD_LIBRARY_PATH" | sed -e 's/

Am 18.03.24 um 19:30 schrieb Stefan Fritsch: Am 13.03.24 um 22:32 schrieb Sebastian Ramacher: Source: apr-util Version: 1.6.3-1.1 Severity: serious Tags: ftbfs Justification: fails to build from source (but built successfully in the past) X-Debbugs-Cc: sramac...@debian.org https

Bug#1067120: nmu: apache2_2.4.58-1

Package: release.debian.org Severity: normal X-Debbugs-Cc: apac...@packages.debian.org Control: affects -1 + src:apache2 User: release.debian@packages.debian.org Usertags: binnmu libaprutil1t64 1.6.3-1.1 contains a wrong symbol file, causing a wrong dependency on libaprutil164 (missing a "t")

Bug#1067104: server stalls: AH00046: child process 2876749 still did not exit, sending a SIGKILL

Am 18.03.24 um 13:59 schrieb Yaroslav Halchenko: Package: apache2 Version: 2.4.57-2 Severity: important Server was working just fine for years and recently started to stall completely after 3-7 days of functioning normally. error logs get filled up first with AH03490 and then eventually with AH

Bug#1071596: apache2: envvars evaluates string in conditional instead of testing for empty string

Hi Mark, Am 21.05.24 um 22:30 schrieb Mark Hedges: Package: apache2 Version: 2.4.59-1~deb12u1 Severity: normal Dear Maintainer, `envvars` evaluates string in conditional instead of testing for empty string. `apachectl` calls `envvars` which shows a syntax error despite working: root@nodeo:

Bug#576235: apache2: secure connection failed: SSL received a record that exceeded the maximum permissible length.

On Friday 02 April 2010, Julian Gilbey wrote: > I have installed this version of apache2 from testing, and now when > I try to connect to https://localhost/, I get the weird error > message: If you have upgraded from a previous version, this is probably a configuration problem. It may be relate

Bug#575009: apache2: mod_auth_sys_group does not play nice with Require valid-user

reassign 575009 libapache2-mod-auth-sys-group thanks On Monday 22 March 2010, Ben Hildred wrote: > when seting up authentication using Require valid-user an > errormessage of the form GROUP: * not in required group(s). where > * is the name that is attempting to authenticate if > mod_auth_sys_g

Bug#573996: Lost recent reports in /var/log/apache2/ when restarting with /etc/init.d/apache2 restart.

On Monday 15 March 2010, Bernhard Schiffner wrote: > Package: apache2.2-common > Version: 2.2.9-10+lenny6 > Severity: normal > > > 0.) The server did not resposne http://... requests. > 1.) ps showed 110 sleeping apache2 instances, no other anormalities > (dmesg, free, du etc.) > 2.) I did a nor

Bug#307298: bug resolved upstream

On Tuesday 23 March 2010, Roel Teuwen wrote: > Now that the bug is (finally) fixed upstream in TRUNK, is there any > chance of appying the patch to the current version ? > http://svn.apache.org/viewvc?view=revision&revision=813178 > > You might want to apply the fix in r924455 too : > http://svn.a

Re: Backport apache2 version >= 2.2.12 ?

Hi Sandro, On Friday 26 March 2010, Sandro Tosi wrote: > I've prepared some packages for backport, and copied on [1] (it's > also apt-get-able); I tested them and they work, at least SNI is > fully functional (that's my purpose) > > [1] http://people.debian.org/~morph/bpo/ > > The chain of dep

Re: Backport apache2 version >= 2.2.12 ? With or without new openssl?

On Wednesday 14 April 2010, Sandro Tosi wrote: > On Mon, Apr 5, 2010 at 10:54, Stefan Fritsch wrote: > > - 2.2.15-2 still has some bugs in mod_reqtimeout, 2.2.15-3 would > > be better (but will take some time until it hits testing). > > so do you suggest to backport -3 in

Bug#578566: Apache process hangs when trying to authenticate against Fedora Directory Server LDAP using mod_authnz_ldap

On Tuesday 20 April 2010, Kevin Göser wrote: > We are using Apache and basic auth against a Fedora Directory > Server (v1.1.3, running on a different machine). The setup worked > fine on etch. After upgrading to lenny today, the LDAP > authentication seems to be broken: Directly after reloading

Bug#579609: RemoveHandler and RemoveType does not work (libapache2-mod-php5 disable problem)

On Thursday 29 April 2010, Svyatoslav Lempert wrote: > By the information from httpd.apache.org error not operations > RemoveHandler and RemoveType have been corrected in Apache version > 2.2.15 > It is necessary to make backport this correction in Apache 2.2.9 > which in Debian Lenny repos, or (i

Bug#581514: apache2-dbg: gdb does not find debug info

Package: apache2-dbg Version: 2.2.15-5 Something with the symlink/objcopy magic is still broken. gdb does not find /usr/sbin/apache2's debug info without help. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists

Re: https://issues.apache.org/bugzilla/show_bug.cgi?id=46425

Hi Christian, On Tuesday 18 May 2010, Christian Kapalczynski wrote: > just found the Bug about the "apr lib" which has been fixed by > Stefan in "apr 1.3.6". In Debian Lenny there is still the package > 1.2.12-5+lenny1 with the Security BUG available. > Since through this BUG you can compromise th

Bug#587037: CVE-2009-3555: Firefox reports server is "potentially vulnerable"

On Thursday 24 June 2010, Jon Daley wrote: > Hi, http://security-tracker.debian.org/tracker/CVE-2009-3555, says > this has been fixed in my version of apache, and I am not using > SSLVerifyClient at all, and there is one default SSLCipherSuite > line in ssl.conf. Firefox reports (in the javascript

Bug#587685: apache2: lenny8 rev broke DirectoryIndex processing

On Wednesday 30 June 2010, John Bazik wrote: > Package: apache2 > Version: 2.2.9-10+lenny8 > Severity: normal > > With the update from lenny7 to lenny8 a few days ago, my apache > server began choosing the wrong DirectoryIndex files to serve. I > have a config snippet in /etc/apache2/conf.d/mod_d

Bug#588231: apache2: Haphazard permission check on symlinks (might be a Linux bug)

On Tuesday 06 July 2010, Edward Welbourne wrote: > The web-server succeeded > in displaying the contents *usually*, but one of my colleagues > noticed that, on reload, he got 403'd. > > The fact that this (mostly) worked at all suggests that apache is > sometimes accessing content as root, instead

Bug#580445: apache2 -t run from a bash prompt returns "apache2: bad user name ${APACHE_RUN_USER}

Use "apache2ctl -t" instead. This is documented in README.Debian and the apache2 man page (though maybe it could be in a more prominent place in README.Debian). -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@list

Bug#528062: is this getting fixed?

tags 528062 +patch thanks On Monday 19 July 2010, Michal Kovac wrote: > He described the bug, submitted a patch. Sorry, this has somehow fallen through the cracks. I will try to get it fixed before squeeze is released. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with

Bug#528062: needs testing with include exec

I suspect that the patch would break suexec for mod_include's exec subrequests, but haven't tested it yet. Maybe the note needs to be set both on the main and the sub request. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact

Bug#591286: libapr1: upgrade breaks apache

On Sunday 01 August 2010, Adrian Bridgett wrote: > However, if I downgrade _just_ libapr1 to 1.2.12-5+lenny1 then > posixsem (and sem) work just fine. Which architecture are you using? -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble?

Bug#591286: libapr1: upgrade breaks apache

On Sunday 01 August 2010, Adrian Bridgett wrote: > i386 (but it's a KVM guest, sorry - I should have said). I found out why posixsem does not work: A bug in pbuilder/cowbuilder causes posix shared mem/posix semaphores to not work in the build chroot and this causes apr's configure to disable it.

Bug#592257: Include patch that fixes the problem of CONNECT via SSL

reassign 592257 apache2.2-common forcemerge 307298 592257 thanks On Sunday 08 August 2010, Dmitry Katsubo wrote: > If it is possible, please include patch [1] into v2.2 of Apache > Debian build. It looks it has been accepted into mainstream for > v2.4, so it is just a matter of applying it for v2.

Re: apache2 (2.2.16-1)

On Fri, 13 Aug 2010, Dejan Minic wrote: Sorry, I might have not been very specific in my question. I am interested to know if you have compiled apache2 with just a ./configure (default) options, or you have added arguments to ./configure? We use lots of specific options. See http://svn.deb

Bug#593334: apache2: Upgrade to Squeeze broke Apache+TRAC+SSL setup

On Tuesday 17 August 2010, Daniel Franganillo wrote: > yesterday i was trying to upgrade our server to squeeze in wich wer > have an SSL+TRAC+APACHE2 service and i noticed that with the > upgrade the service was unavaliable. > There are other services running under apache as well in the same > serv

Bug#546759: Hangs with 1.2.12+dfsg-8+lenny4_amd64

On Friday 20 August 2010, Drew Eckhardt wrote: > This hangs 100% of the time on my quad-core i720M (8 hardware > threads) running Lenny. In a couple cases it unhang and completed > after several minutes passed and I attached and detached GDB > although I couldn't say the GDB was causal. How long

Re: Bug#589991: mime-support: MIME types needed for x-gzip and x-compress

Hi Brian, On Friday 03 September 2010, Brian White wrote: > I'm being petitioned quite strongly to re-add types for gzipped > files to the /etc/mime.types file. I originally removed those > types from that file because they caused Apache to work > incorrectly, namely that Apache would then send a

Bug#500558: apache2.2-common: Apache fails to start on boot after upgrade Etch -> Lenny

On Monday 06 April 2009, Ian Zimmerman wrote: > For me, it happens with 127.0.0.1 . > I really, really don't want to explicitly say in /e/n/i that lo is > 127.0.0.1 . > > This is intermittent; I'd say it happens about 25% of the > time. And, when I manually start apache (with invoke-rc.d apache2

Re: packaging Rivet

Hi Massimo, On Friday 17 September 2010, Massimo Manghi wrote: > My questions are: > > 1) is this list the right audience to seek help for refining and > amending the scripts needed by deb-buildpackage for an apache > related project? I think it would be best if you tried to ask general packagin

Re: packaging Rivet

On Saturday 18 September 2010, Massimo Manghi wrote: > thank you for the answer. I think the package I built is already > 80% baked. I based my work on the scripts David Welton made when > he packaged Rivet 0.5 for Debian Apache 1.3, before he quit his > committment with Debian. So my doubts are ab

Re: packaging Rivet

Hi Massimo, On Tuesday 21 September 2010, Massimo Manghi wrote: > After some efforts to tame the effects of debhelper scripts I got a > libapache2-mod-rivet that installs quite gently. > > I managed to satisfy all of the lintian requirement except for the > warning > > W: libapache2-mod-rivet: n

Bug#598732: /usr/share/ssl-cert/ssleay.cnf should use 2048 bits

On Friday 01 October 2010, Daniel Kahn Gillmor wrote: > It would be a shame if squeeze shipped with this default set below > some common expectations of a key to last at least the lifetime of > a debian release. 1024 bits are more than enough to satisfy the security expectations of an auto-genera

Re: libapr1 dependency

Hi, On Thursday 14 October 2010, Massimo Manghi wrote: > The problem has to do more with my (still) vast ignorance in the > Debian packaging tools. I'm going to write the following line as > Build-Depends for the package: > > Build-Depends: tcl8.5-dev, apache2-prefork-dev, debhelper (>= > 7.0.50

Bug#601520: Can't install apache2 because of libkrb53 issues

Which architecture are you using? -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.1.10.1010281539020.23...@eru.sfritsch.de

Re: /etc/apache2/conf.d/security default for the release after lenny

On Friday 05 November 2010, Teodor MICU wrote: > I've noticed that this paragraph is still a comment in the default > conf.d/security file: > > # This currently breaks the configurations that come with some web application > # Debian packages. It will be made the default for the release after le

Bug#602957: apache2: Error when using mod_proxy from SSL virtual host to HTTP

reassign 602957 libapache2-mod-gnutls thanks On Tuesday 09 November 2010, Petr Vyhnal wrote: > I have SSL virtual host using mod_gnutls and there is configured > proxy connection using mod_proxy & mod_proxy_http to HTTP site. > Configuration worked fine on Lenny with patched mod_gnutls. Now > afte

Bug#603586: apache2.2-common: README.Debian claims /etc/apache2/magic would be empty

On Monday 15 November 2010, Christoph Anton Mitterer wrote: > The documentation in > /usr/share/doc/apache2.2-common/README.Debian.gz must be wrong, as > it claims /etc/apache2/magic would be empty, which is not the > case. True. It has been an empty file before 2.2.12-1. Thanks for reporting thi

Bug#603275: apache2: When machine is booting, Apache2 does not bind to IPv6 address - needs restarting

On Friday 12 November 2010, G.P. wrote: > When the machine is booting, apache does not bind to the IPv6 > address: postmortem:~# netstat -pan | grep LISTEN|grep apache > tcp0 0 0.0.0.0:80 0.0.0.0:*LISTEN Do you have network-manager installed? If yes and this is a

Bug#603463: apache2-mpm-worker: Seems to send incorrect multi-page reply

On Sunday 14 November 2010, Bas Wijnen wrote: > Everything normally works fine. However, in some cases (I don't > know when exactly), I get an invalid reply from my local archive. > I've captured the traffic with wireshark and attached it. Do you have mod_cache enabled in apache? If yes, this is p

Bug#601033: apache2.2-common: AddOutputFilterByType is deprecated but used in deflate.conf

On Friday 22 October 2010, Andrew Pimlott wrote: > It gets weirder: if I change text/plain to text/html, the encoding > is not added. It seems that AddOutputFilterByType catches proxied > requests if text/plain appears in its list of mime types, as if > all proxied requests were considered text/pl

Bug#603463: apache2-mpm-worker: Seems to send incorrect multi-page reply

reassign 603463 apt-cacher-ng thanks On Wednesday 17 November 2010, Bas Wijnen wrote: > Op 16-11-10 23:50, Stefan Fritsch schreef: > >> The problem seems to be in packet 19. It contains 3 HTTP parts, > >> the second of which does not seem to have data in it (according > &

Re: apache module postinst/prerm scripts

On Sunday 21 November 2010, Massimo Manghi wrote: > So, after a remove and subsequent install the package is disabled > because the symlinks from mods-enabled to mods-available are > missing. I'm not sure I if I got it right, but it seems to me the > checks on the arguments have to be changed, per

Bug#606958: Truncation with passwords generated with htpasswd

On Monday 13 December 2010, Daniel Bareiro wrote: > Apparently, crypt() is the algorithm used by default, which would > limit passwords to 8 characters. This does not happen with SHA-1. Yes, that is described in the htpasswd man page. The recommended algorithm is apr_md5 (the SHA algorithm does n

Bug#607755: apache2: suexec-custom does not allow docroot=/ (trailing slash gets removed)

tags 607755 wontfix thanks On Tuesday 21 December 2010, Daniel Hahler wrote: > I want to use suexec-custom for a setup using mod_chroot, and > therefore want/have to use a DocumentRoot of "/" (which is the > root of the chroot). > > Unfortunately there appears to be a bug in > debian/patches/202_

Bug#606958: Truncation with passwords generated with htpasswd

Sorry for the late response On Monday 13 December 2010, Daniel Bareiro wrote: > > Yes, that is described in the htpasswd man page. The recommended > > algorithm is apr_md5 (the SHA algorithm does not use a salt and > > is less secure). The default will be changed in Apache 2.4. > > When you say "

Bug#609209: apache2.2-common: update to 2.2.9-10+lenny9 breaks libapache2-mod-php5

On Friday 07 January 2011, Matej Susta wrote: > Yesterday, my automatic update script on one of my servers > installed latest security update to apache, version > 2.2.9-10+lenny9. This somehow caused automatic uninstallation of > libapache2-mod-php5. At that moment I just downgraded to > 2.2.9-10+l

Re: apache boot script depends

On Wed, 12 Jan 2011, Massimo Manghi wrote: A few months after installation of squeeze I've just done an upgrade of a machine and found out that an apache2 based application didn't start anymore at boot time. Logging in and restarting apache2 manually restored the ordinary functioning of the ap

Bug#610424: apache2: segfault after installation with tasksel

reassign 610424 libapache2-mod-python found 610424 3.3.1-9 affects 610424 apache2 thanks Looks like a mod_python or python bug to me: #0 sem_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/sem_wait.S:45 No locals. #1 0x7f1381bbc5f8 in PyThread_acquire_lock (lock=0x0, waitflag=1) at ../Py

Bug#613438: apache2.2 WebDav write error after upgrade to squeeze

On Monday 14 February 2011, Andreas B wrote: > i have upgrade to squeeze. After upgrade i can not write to WebDAV > share. In error log you can see: > > [Mon Feb 14 21:31:40 2011] [error] [client 192.168.x.xx] Unable to > PUT new contents for /kalender/bal.txt. [403, #0] [Mon Feb 14 > 21:31:40 20

Bug#614421: apache2: virtual host rewrite log has owner root and group root

On Monday 21 February 2011, David Christensen wrote: > I'm designing a Linux/ Apache/ MySQL/ Perl content management > system that I'd like to work in shared hosting environments (among > other configurations). Apache typically runs as an unpriviledged > user (www-data on Debian, suexec, others?)

Bug#615632: apache2: Ability to set ulimit limits (eg. open file limit)

On Sunday 27 February 2011, Tim Stoop wrote: > I might be missing something, but I would really appreciate some > way of overriding ulimit limits, preferably from > /etc/default/apache2 or something. We running into open file limit > problems and to fix those, I see no other solution than changing

Re: [php-maint] Bug#619036: php5: Build-Depends uninstallable

On Sunday 20 March 2011, Raphael Geissert wrote: > On Sunday 20 March 2011 11:15:54 Kurt Roeckx wrote: > > Your build-depends are uninstallable because you build-depend on > > libdb-dev, which depends on libdb5.1-dev, and apache2-prefork-dev > > which depends on libaprutil1-dev, which depends on li

Re: [php-maint] Bug#619036: php5: Build-Depends uninstallable

On Monday 21 March 2011, Peter Samuelson wrote: > Since only a single libdb*-dev can be installed at a time, and > since libaprutil1-dev Depends on one of them, any apr-util reverse > dep is forced to use the same bdb version. Even though, in > Subversion's case, we don't use the apr-util frontend

Bug#619408: apache2.2-common: mod_authnz_ldap require directives unrecognized if loaded after mod_authnz_default

On Wed, 23 Mar 2011, Brian P Kroth wrote: In the default configuration mod_authnz_ldap.load is symlinked from mods-available to mods-enabled but that orders it (lexicographically) after the symlink to load mod_authnz_default. This causes a number of ldap specific arguments to the Require definit

Bug#619408: apache2.2-common: mod_authnz_ldap require directives unrecognized if loaded after mod_authnz_default

reassign 619408 libapache2-mod-auth-plain thanks > Fixed your grep up and did this instead: > > # for pid in `pgrep apache2`; do for so in `cat /proc/$pid/maps | > fgrep .so | awk '{ print $6 }' | sort -u`; do strings $so | grep > -qi 'unknown require directive:' && echo $so; done; done > > Whi

Bug#620347: "Include conf.d/" should really be "Include conf.d/*.conf"

On Friday 01 April 2011, Christoph Berg wrote: > we just hit a situation where /etc/apache2/conf.d/security was > edited by cfengine which left a backup file behind. Unfortunately, > apache2 read the backup after the file itself, so any config > changes were futile. > I guess *.dpkg-old style file

Bug#620759: apache2: apache does chroot twice with mod_chroot

On Monday 04 April 2011, Stephan Goll wrote: > I have apache2 running chrooted in /var/www since lenny. After > upgrading to squeeze I got permanent errors about not finding > /var. After all I tried and copied and hoped to find it out and > finally I created a var in /var/www/var/www and apache di

Bug#620759: apache2: apache does chroot twice with mod_chroot

On Thursday 07 April 2011, stephan.g...@t-online.de wrote: > >From Stefan Fritsch: > > The apache2 core includes now a "Chroot" directive which probably > > clashes with mod_chroot. Please try without mod_chroot. It is > > possible that you may have to adjust your

Bug#621506: apache: segmentation fault

On Thursday 07 April 2011, Eugene wrote: > we have own servers with apache2-prefork + mod_php, xcache, > ioncube, everything except ioncube was installed from debian > packages. Since xcache installation it keeps crashing several > times per day From the backtrace, this is looks like a xcache or m

Bug#625223: Please make the different MPMs co-installable

On Monday 02 May 2011, Christoph Berg wrote: > | MPMs > | > | > | You can use different MPMs for different instances by setting > | APACHE_HTTPD to one of /usr/lib/apache2/mpm-*/apache2. Note that > | some modules like mod_php only work with the non-threaded MPMs > | (prefork, itk). > > Alon

Bug#625223: Please make the different MPMs co-installable

On Tuesday 03 May 2011, Christoph Berg wrote: > Re: Stefan Fritsch 2011-05-03 <201105032258.02556...@sfritsch.de> > > > I am not sure what problem you want to solve, exactly. AFAIK, > > there is no package that exclusively depends on a threaded MPM. > > Therefore,

<    1   2   3   4   5   6   7   8   9   >