[Bug 1741491] [NEW] Default logwatch configuration causes spurious "critical" states
Public bug reported: The file /etc/check_mk/logwatch.cfg contains the following stanza: /var/log/syslog /var/log/kern.log I registered panic notifier C panic C Oops W generic protection rip W .*Unrecovered read error - auto reallocate failed the "C panic" line sometimes fools Check_MK to mark the "Log /var/log/syslog" service as critical, e.g. when an email is sent to "a.papanico...@example.com". This is because there are no word boundaries in the regular expression matching the "panic" string. Maybe it should be "C \bpanic\b" This problem exists on trusty and xenial ** Affects: check-mk (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1741491 Title: Default logwatch configuration causes spurious "critical" states To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/check-mk/+bug/1741491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1700754] Re: php-memcached is not fully working with PHP 7
Specifically this bug: https://bugs.php.net/bug.php?id=71187 "PHP 7.0 and up does not allow buggy return values from user save handler" Maybe a php7.0-memcached package using 3.0.4? https://pecl.php.net/package/memcached/3.0.4 ** Bug watch added: bugs.php.net/ #71187 http://bugs.php.net/bug.php?id=71187 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1700754 Title: php-memcached is not fully working with PHP 7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php-memcached/+bug/1700754/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1289977] Re: Ubuntu 14.04 Update breaks grub, resulting in error: symbol 'grub_term_highlight_color' not found
@Phillip, Sorry for the slow reply. I borrowed another windows PC for my urgent problem. Here's the output: chris:~$ sudo efibootmgr BootCurrent: 0003 Timeout: 2 seconds BootOrder: 0003,0005,0004,0002,0001, Boot* Windows Boot Manager Boot0001* HDD0: Boot0002* HDD0: Boot0003* ubuntu Boot0004* HDD0: Boot0005* HDD0: I moved to the ubuntu boot using the 'bios' ... if EFI systems have bios's. It's the Windows Boot Manager that's broken. I tried dpkg-reconfigure grub-efi-amd64 but it had no effect - there was nowhere to select the install device. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1289977 Title: Ubuntu 14.04 Update breaks grub, resulting in error: symbol 'grub_term_highlight_color' not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1289977/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1289977] Re: Ubuntu 14.04 Update breaks grub, resulting in error: symbol 'grub_term_highlight_color' not found
I have the same problem. Since upgrade from 13.10 to 14.04, I've run Boot Repair which failed. I do recall some issues getting grub working when I originally installed 13.04 but don't have a record of how I got it working. Upgrade from 13.04 to 13.10 went OK. I've spent the last five hours searching so any suggestions would be greatly appreciated. When I try to dpkg-reconfigure grub-pc, I get: chris:~$ sudo dpkg-reconfigure grub-pc dpkg-query: package 'grub-pc' is not installed and no information is available Use dpkg --info (= dpkg-deb --info) to examine archive files, and dpkg --contents (= dpkg-deb --contents) to list their contents. /usr/sbin/dpkg-reconfigure: grub-pc is not installed. sudo grub-install runs and does not report any errors. I've got no installed_devices listed. chris:~$ sudo debconf-show grub-pc grub-pc/partition_description: grub2/device_map_regenerated: grub-pc/timeout: 10 grub-pc/disk_description: grub-pc/install_devices_failed: false grub-pc/install_devices_empty: false grub-pc/install_devices: grub-pc/postrm_purge_boot_grub: false * grub2/linux_cmdline_default: quiet splash grub-pc/mixed_legacy_and_grub2: true grub-pc/kopt_extracted: false grub-pc/install_devices_failed_upgrade: true grub-pc/hidden_timeout: true grub-pc/chainload_from_menu.lst: true grub2/kfreebsd_cmdline: * grub2/linux_cmdline: grub2/kfreebsd_cmdline_default: quiet splash grub-pc/install_devices_disks_changed: chris:~$ sudo parted -l Model: ATA TOSHIBA MQ01ABD1 (scsi) Disk /dev/sda: 1000GB Sector size (logical/physical): 512B/4096B Partition Table: gpt Number Start End SizeFile system Name Flags 1 1049kB 420MB 419MB ntfsBasic data partition hidden, diag 2 420MB 735MB 315MB fat32 EFI system partition boot 3 735MB 869MB 134MB Microsoft reserved partition msftres 4 869MB 248GB 247GB ntfsBasic data partition msftdata 7 248GB 458GB 210GB ext4 msftdata 8 458GB 966GB 508GB ntfs msftdata 6 966GB 982GB 16.0GB linux-swap(v1) 5 982GB 1000GB 18.3GB ntfsBasic data partition hidden, diag chris:~$ dpkg-query -l 'grub*' Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name VersionArchitecture Description +++-==-==-==-== un grub none none (no description available) ii grub-common2.02~beta2-9 amd64 GRand Unified Bootloader (common files) un grub-coreboot none none (no description available) un grub-doc none none (no description available) un grub-efi none none (no description available) ii grub-efi-amd64 2.02~beta2-9 amd64 GRand Unified Bootloader, version 2 (EFI-A ii grub-efi-amd64-bin 2.02~beta2-9 amd64 GRand Unified Bootloader, version 2 (EFI-A ii grub-efi-amd64-sig 1.34+2.02~beta amd64 GRand Unified Bootloader, version 2 (EFI-A un grub-efi-ia32 none none (no description available) un grub-efi-ia64 none none (no description available) un grub-emu none none (no description available) un grub-ieee1275 none none (no description available) un grub-legacynone none (no description available) un grub-legacy-docnone none (no description available) un grub-linuxbios none none (no description available) un grub-pcnone none (no description available) un grub-xen none none (no description available) un grub-yeeloong none none (no description available) un grub2 none none (no description available) ii grub2-common 2.02~beta2-9 amd64 GRand Unified Bootloader (common files for -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1289977 Title: Ubuntu 14.04 Update breaks grub, resulting in error: symbol 'grub_term_highlight_color' not found To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1289977/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1263065] [NEW] php5-memcache segfaults with object (un)serialization
Public bug reported: I can reproduce https://bugs.php.net/bug.php?id=63142 in an up-to-date Ubuntu 12.04.3 LTS Package: php5-memcache Priority: optional Section: universe/web Installed-Size: 151 Maintainer: Ubuntu Developers ubuntu-devel-disc...@lists.ubuntu.com Original-Maintainer: Sergey B Kirpichev skirpic...@gmail.com Architecture: amd64 Source: php-memcache Version: 3.0.6-1 Depends: libc6 (= 2.7), phpapi-20090626 Suggests: memcached Filename: pool/universe/p/php-memcache/php5-memcache_3.0.6-1_amd64.deb Size: 47062 MD5sum: 7d3bf387e029e1d7fe43ab9996842aa3 SHA1: d0f30749170e789311ae062c5346092881190a49 SHA256: de3fad7fe68a68e61ccf55ad923364d9578b0125353e3d24986b2ec0d9c158e0 Description-en: memcache extension module for PHP5 Memcached is a caching daemon designed especially for dynamic web applications to decrease database load by storing objects in memory. . This extension allows you to work with memcached through handy OO and procedural interfaces in your php5 applications. Homepage: http://pecl.php.net/package/memcache Description-md5: 58db38616cd7be3fdacd6d17d7baf2e8 Bugs: https://bugs.launchpad.net/ubuntu/+filebug Origin: Ubuntu The test case at bugs.php.net is reproduced below: ?php echo Test: PHP-.phpversion()./memcache-.phpversion('memcache'); $obj = new StdClass; $obj-obj = $obj; $memcache = new Memcache; $memcache-connect('127.0.0.1', 11211); $memcache-set('x', $obj, false, 300); $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .\n; chris@home:~$ php memcache.php Test: PHP-5.3.10-1ubuntu3.9/memcache-3.0.6. Segmentation fault (core dumped) ** Affects: php-memcache (Ubuntu) Importance: Undecided Status: New ** Tags: precise ** Tags added: precise ** Package changed: php5 (Ubuntu) = php-memcache (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/1263065 Title: php5-memcache segfaults with object (un)serialization To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php-memcache/+bug/1263065/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1263065] [NEW] php5-memcache segfaults with object (un)serialization
Public bug reported: I can reproduce https://bugs.php.net/bug.php?id=63142 in an up-to-date Ubuntu 12.04.3 LTS Package: php5-memcache Priority: optional Section: universe/web Installed-Size: 151 Maintainer: Ubuntu Developers ubuntu-devel-disc...@lists.ubuntu.com Original-Maintainer: Sergey B Kirpichev skirpic...@gmail.com Architecture: amd64 Source: php-memcache Version: 3.0.6-1 Depends: libc6 (= 2.7), phpapi-20090626 Suggests: memcached Filename: pool/universe/p/php-memcache/php5-memcache_3.0.6-1_amd64.deb Size: 47062 MD5sum: 7d3bf387e029e1d7fe43ab9996842aa3 SHA1: d0f30749170e789311ae062c5346092881190a49 SHA256: de3fad7fe68a68e61ccf55ad923364d9578b0125353e3d24986b2ec0d9c158e0 Description-en: memcache extension module for PHP5 Memcached is a caching daemon designed especially for dynamic web applications to decrease database load by storing objects in memory. . This extension allows you to work with memcached through handy OO and procedural interfaces in your php5 applications. Homepage: http://pecl.php.net/package/memcache Description-md5: 58db38616cd7be3fdacd6d17d7baf2e8 Bugs: https://bugs.launchpad.net/ubuntu/+filebug Origin: Ubuntu The test case at bugs.php.net is reproduced below: ?php echo Test: PHP-.phpversion()./memcache-.phpversion('memcache'); $obj = new StdClass; $obj-obj = $obj; $memcache = new Memcache; $memcache-connect('127.0.0.1', 11211); $memcache-set('x', $obj, false, 300); $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .; $x = $memcache-get('x'); echo .\n; chris@home:~$ php memcache.php Test: PHP-5.3.10-1ubuntu3.9/memcache-3.0.6. Segmentation fault (core dumped) ** Affects: php-memcache (Ubuntu) Importance: Undecided Status: New ** Tags: precise ** Tags added: precise ** Package changed: php5 (Ubuntu) = php-memcache (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1263065 Title: php5-memcache segfaults with object (un)serialization To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php-memcache/+bug/1263065/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 802565] [NEW] Arbitrary file limit in garbage-collection cron script causes loss of service
Public bug reported: PHP in Ubuntu 10.04.2 LTS includes /etc/cron.d/php5: 09,39 * * * * root [ -x /usr/lib/php5/maxlifetime ] [ -d /var/lib/php5 ] find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm $ dpkg -S /etc/cron.d/php5 php5-common: /etc/cron.d/php5 if your server generates PHP sessions faster than they can be deleted by the cron job, the disk on which /var/lib/php5 is located will run out of inodes, and thence to a loss of service. It is caused by this upstream workaround: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755#20 The latest version of the cron job that does PHP session garbage collection is here: http://anonscm.debian.org/gitweb/?p=pkg- php/php.git;a=blob;f=debian/php5-common.php5.cron.d;hb=HEAD This is related to Bug #316441 and Bug #482720 ** Affects: php5 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/802565 Title: Arbitrary file limit in garbage-collection cron script causes loss of service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/802565/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 802565] [NEW] Arbitrary file limit in garbage-collection cron script causes loss of service
Public bug reported: PHP in Ubuntu 10.04.2 LTS includes /etc/cron.d/php5: 09,39 * * * * root [ -x /usr/lib/php5/maxlifetime ] [ -d /var/lib/php5 ] find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm $ dpkg -S /etc/cron.d/php5 php5-common: /etc/cron.d/php5 if your server generates PHP sessions faster than they can be deleted by the cron job, the disk on which /var/lib/php5 is located will run out of inodes, and thence to a loss of service. It is caused by this upstream workaround: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755#20 The latest version of the cron job that does PHP session garbage collection is here: http://anonscm.debian.org/gitweb/?p=pkg- php/php.git;a=blob;f=debian/php5-common.php5.cron.d;hb=HEAD This is related to Bug #316441 and Bug #482720 ** Affects: php5 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/802565 Title: Arbitrary file limit in garbage-collection cron script causes loss of service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/802565/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 316441] Re: PHP session garbage collection
I had a similar issue to Phil. A web server was generating PHP sessions faster than they were being deleted by the cron job. This caused the disk on which /var/lib/php5 was located to run out of inodes, and thence to a loss of service. It is caused by this upstream workaround, which is poor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755#20 The latest version of the cron job that does PHP session garbage collection is here: http://anonscm.debian.org/gitweb/?p=pkg- php/php.git;a=blob;f=debian/php5-common.php5.cron.d;hb=HEAD It would probably be a good idea to backport to this LTS release, because it fixes Phil's issue, among other security concerns. ** Bug watch added: Debian Bug tracker #461755 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/316441 Title: PHP session garbage collection To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/316441/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 316441] Re: PHP session garbage collection
I had a similar issue to Phil. A web server was generating PHP sessions faster than they were being deleted by the cron job. This caused the disk on which /var/lib/php5 was located to run out of inodes, and thence to a loss of service. It is caused by this upstream workaround, which is poor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755#20 The latest version of the cron job that does PHP session garbage collection is here: http://anonscm.debian.org/gitweb/?p=pkg- php/php.git;a=blob;f=debian/php5-common.php5.cron.d;hb=HEAD It would probably be a good idea to backport to this LTS release, because it fixes Phil's issue, among other security concerns. ** Bug watch added: Debian Bug tracker #461755 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461755 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/316441 Title: PHP session garbage collection To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/316441/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 282674] Re: max_execution_time and max_input_time settings in php.ini are ignored by php cli
Thanks. Then I'll ask PHP to update their documentation. You link to a page that states: When running PHP from the command line the default setting is 0. It is not sufficiently clear that this value cannot be overridden in php.ini. However, it does say so here: http://www.php.net/manual/en/features.commandline.php Sorry I didn't spot that earlier. -- max_execution_time and max_input_time settings in php.ini are ignored by php cli https://bugs.launchpad.net/bugs/282674 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 282674] Re: max_execution_time and max_input_time settings in php.ini are ignored by php cli
Thanks. Then I'll ask PHP to update their documentation. You link to a page that states: When running PHP from the command line the default setting is 0. It is not sufficiently clear that this value cannot be overridden in php.ini. However, it does say so here: http://www.php.net/manual/en/features.commandline.php Sorry I didn't spot that earlier. -- max_execution_time and max_input_time settings in php.ini are ignored by php cli https://bugs.launchpad.net/bugs/282674 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 282674] [NEW] max_execution_time and max_input_time settings in php.ini are ignored by php cli
Public bug reported: Binary package hint: php5 Using PHP 5.2.3-1ubuntu6.4 (cli) (built: Jul 23 2008 06:20:35) on Ubuntu 7.10 Steps to reproduce: Edit /etc/php5/cli/php.ini Change max_execution_time to a non-zero value, e.g. 10 Change max_input_time to a non-zero value, e.g. 10 php -i | grep max_ max_execution_time = 0 = 0 max_input_time = -1 = -1 The file is definitely being read: php -i | head -n 20 phpinfo() PHP Version = 5.2.3-1ubuntu6.4 System = Linux testubuntu.lse.ac.uk 2.6.22-15-server #1 SMP Wed Aug 20 19:08:24 UTC 2008 i686 Build Date = Jul 23 2008 06:18:41 Server API = Command Line Interface Virtual Directory Support = disabled Configuration File (php.ini) Path = /etc/php5/cli Loaded Configuration File = /etc/php5/cli/php.ini Scan this dir for additional .ini files = /etc/php5/cli/conf.d additional .ini files parsed = /etc/php5/cli/conf.d/apc.ini, /etc/php5/cli/conf.d/curl.ini, /etc/php5/cli/conf.d/gd.ini, /etc/php5/cli/conf.d/ldap.ini, /etc/php5/cli/conf.d/mysql.ini, /etc/php5/cli/conf.d/mysqli.ini, /etc/php5/cli/conf.d/pdo.ini, /etc/php5/cli/conf.d/pdo_mysql.ini, /etc/php5/cli/conf.d/xmlrpc.ini A quick check to see if max_execution_time is set elsewhere: grep -R max_execution /etc/php /etc/php5/apache2/php.ini:max_execution_time = 30 ; Maximum execution time of each script, in seconds /etc/php5/cli/php.ini:max_execution_time = 10 ; Maximum execution time of each script, in seconds So it is not being specified in any configuration files read by the command-line interpreter Test case: nano test.php ?php while (true) { echo AA!\n; } ? php test.php /dev/null top -d 1 Watch php continue to execute past 10 seconds of CPU time. You will have to stop php manually, e.g. fg, then ^C, or killall php Return to the test case, and add ini_set('max_execution_time', 10); to the top of the file, then repeat the test. Watching top will show php exits after 10 seconds. If you have configured error logging, you will see PHP Fatal error: Maximum execution time of 10 seconds exceeded in /home/testuser/test.php in whatever you have specified for error_log ** Affects: php5 (Ubuntu) Importance: Undecided Status: New -- max_execution_time and max_input_time settings in php.ini are ignored by php cli https://bugs.launchpad.net/bugs/282674 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 282674] [NEW] max_execution_time and max_input_time settings in php.ini are ignored by php cli
Public bug reported: Binary package hint: php5 Using PHP 5.2.3-1ubuntu6.4 (cli) (built: Jul 23 2008 06:20:35) on Ubuntu 7.10 Steps to reproduce: Edit /etc/php5/cli/php.ini Change max_execution_time to a non-zero value, e.g. 10 Change max_input_time to a non-zero value, e.g. 10 php -i | grep max_ max_execution_time = 0 = 0 max_input_time = -1 = -1 The file is definitely being read: php -i | head -n 20 phpinfo() PHP Version = 5.2.3-1ubuntu6.4 System = Linux testubuntu.lse.ac.uk 2.6.22-15-server #1 SMP Wed Aug 20 19:08:24 UTC 2008 i686 Build Date = Jul 23 2008 06:18:41 Server API = Command Line Interface Virtual Directory Support = disabled Configuration File (php.ini) Path = /etc/php5/cli Loaded Configuration File = /etc/php5/cli/php.ini Scan this dir for additional .ini files = /etc/php5/cli/conf.d additional .ini files parsed = /etc/php5/cli/conf.d/apc.ini, /etc/php5/cli/conf.d/curl.ini, /etc/php5/cli/conf.d/gd.ini, /etc/php5/cli/conf.d/ldap.ini, /etc/php5/cli/conf.d/mysql.ini, /etc/php5/cli/conf.d/mysqli.ini, /etc/php5/cli/conf.d/pdo.ini, /etc/php5/cli/conf.d/pdo_mysql.ini, /etc/php5/cli/conf.d/xmlrpc.ini A quick check to see if max_execution_time is set elsewhere: grep -R max_execution /etc/php /etc/php5/apache2/php.ini:max_execution_time = 30 ; Maximum execution time of each script, in seconds /etc/php5/cli/php.ini:max_execution_time = 10 ; Maximum execution time of each script, in seconds So it is not being specified in any configuration files read by the command-line interpreter Test case: nano test.php ?php while (true) { echo AA!\n; } ? php test.php /dev/null top -d 1 Watch php continue to execute past 10 seconds of CPU time. You will have to stop php manually, e.g. fg, then ^C, or killall php Return to the test case, and add ini_set('max_execution_time', 10); to the top of the file, then repeat the test. Watching top will show php exits after 10 seconds. If you have configured error logging, you will see PHP Fatal error: Maximum execution time of 10 seconds exceeded in /home/testuser/test.php in whatever you have specified for error_log ** Affects: php5 (Ubuntu) Importance: Undecided Status: New -- max_execution_time and max_input_time settings in php.ini are ignored by php cli https://bugs.launchpad.net/bugs/282674 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 121374] Re: Denial of service through log injection in fail2ban
This is the relevant line from /etc/fail2ban.conf when fail2ban 0.6.0-3 is installed on Ubuntu 6.06 LTS (Dapper). failregex = : (?:(?:Authentication failure|Failed [-/\w+]+) for(?: [iI](?:llegal|nvalid) user)?|[Ii](?:llegal|nvalid) user) .* from (?:::f{4,6}:)?(?Phost\S*) This seems to allow any non-whitespace characters after host, which I believe is the nature of the vulnerability described in CVE-2006-6302. Please correct me if I'm wrong. -- Denial of service through log injection in fail2ban https://bugs.launchpad.net/bugs/121374 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 121374] Re: Denial of service through log injection in fail2ban
** Description changed: Binary package hint: fail2ban According to CVE 2006-6302 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6302) fail2ban 0.6.1 and below is vulnerable to log injection techniques, which can lead to the wrong IP address being banned. This can result in denial of service. Ubuntu 6.06 (Dapper) uses fail2ban-0.6.0-3.deb - Ubuntu 6.10 (Edgy) uses 0.6.1-8.deb + Ubuntu 6.10 (Edgy) uses fail2ban-0.6.1-8.deb Both are still vulnerable. There is a very similar vulnerability reported here: http://www.ossec.net/en/attacking-loganalysis.html#fail2ban However, I am unsure whether this is specific to fail2ban version 0.8 -- Denial of service through log injection in fail2ban https://bugs.launchpad.net/bugs/121374 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 121374] Re: Denial of service through log injection in fail2ban
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2006-6302 -- Denial of service through log injection in fail2ban https://bugs.launchpad.net/bugs/121374 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs