[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#542623: marked as done (apache2: segfaults when using mod_deflate)

Your message dated Mon, 31 Aug 2009 19:02:27 +0000
with message-id <E1MiC95-0003gx-9t@ries.debian.org>
and subject line Bug#542623: fixed in apache2 2.2.13-1
has caused the Debian Bug report #542623,
regarding apache2: segfaults when using mod_deflate
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
542623: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542623
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: apache2.2-common
Version: 2.2.12-1
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu karmic ubuntu-patch

The fix for CVE-2009-1891 that is included in upstream's 2.2.12 release
causes segfaults when using mod_deflate.


*** /tmp/tmpajcHE_
In Ubuntu, we've applied the attached patch to achieve the following:

  * debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: 
    - Fix potential segfaults with the use of the legacy ap_rputs() etc
      interfaces, in cases where an output filter fails. This happens
      frequently after CVE-2009-1891 got fixed. (LP: #409987) 

We thought you might be interested in doing the same. 


-- System Information:
Debian Release: squeeze/sid
  APT prefers karmic-updates
  APT policy: (500, 'karmic-updates'), (500, 'karmic-security'), (500, 'karmic')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.31-6-generic (SMP w/2 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apache2.2-common depends on:
ii  apache2-utils           2.2.12-1ubuntu2  utility programs for webservers
ii  apache2.2-bin           2.2.12-1ubuntu2  Apache HTTP Server common binary f
ii  libmagic1               5.03-1ubuntu1    File type determination library us
ii  lsb-base                4.0-0ubuntu2     Linux Standard Base 4.0 init scrip
ii  mime-support            3.46-1           MIME files 'mime.types' & 'mailcap
ii  perl                    5.10.0-24ubuntu2 Larry Wall's Practical Extraction 
ii  procps                  1:3.2.8-1ubuntu2 /proc file system utilities

diff -u apache2-2.2.12/debian/changelog apache2-2.2.12/debian/changelog
diff -u apache2-2.2.12/debian/patches/00list apache2-2.2.12/debian/patches/00list
--- apache2-2.2.12/debian/patches/00list
+++ apache2-2.2.12/debian/patches/00list
@@ -25,0 +26 @@
+203_fix_legacy_ap_rputs_segfaults
only in patch2:
unchanged:
--- apache2-2.2.12.orig/debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch
+++ apache2-2.2.12/debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch
@@ -0,0 +1,36 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 203_fix_legacy_ap_rputs_segfaults.dpatch by Marc Deslauriers <marc.deslauriers@ubuntu.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: Fix potential segfaults with the use of the legacy ap_rputs() etc
+## DP:              interfaces, in cases where an output filter fails. This happens
+## DP:              frequently after CVE-2009-1891 got fixed.
+## DP: Ubuntu: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/409987
+## DP: Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537665
+## DP: Upstream: https://issues.apache.org/bugzilla/show_bug.cgi?id=36780
+## DP: Patch: http://svn.apache.org/viewvc?view=rev&revision=800333
+
+@DPATCH@
+diff -urNad apache2-2.2.12~/server/util_filter.c apache2-2.2.12/server/util_filter.c
+--- apache2-2.2.12~/server/util_filter.c	2006-07-11 23:38:44.000000000 -0400
++++ apache2-2.2.12/server/util_filter.c	2009-08-17 15:37:59.000000000 -0400
+@@ -578,8 +578,18 @@
+                                                 void *ctx)
+ {
+     ap_filter_t *f = ctx;
++    apr_status_t rv;
+ 
+-    return ap_pass_brigade(f, bb);
++    rv = ap_pass_brigade(f, bb);
++
++    /* Before invocation of the flush callback, apr_brigade_write et
++     * al may place transient buckets in the brigade, which will fall
++     * out of scope after returning.  Empty the brigade here, to avoid
++     * issues with leaving such buckets in the brigade if some filter
++     * fails and leaves a non-empty brigade. */
++    apr_brigade_cleanup(bb);
++
++    return rv;
+ }
+ 
+ AP_DECLARE(apr_status_t) ap_fflush(ap_filter_t *f, apr_bucket_brigade *bb)

--- End Message ---
--- Begin Message --- 
Source: apache2
Source-Version: 2.2.13-1

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-dbg_2.2.13-1_i386.deb
apache2-doc_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2-doc_2.2.13-1_all.deb
apache2-mpm-event_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2-mpm-event_2.2.13-1_all.deb
apache2-mpm-itk_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2-mpm-itk_2.2.13-1_all.deb
apache2-mpm-prefork_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.2.13-1_all.deb
apache2-mpm-worker_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.2.13-1_all.deb
apache2-prefork-dev_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.2.13-1_i386.deb
apache2-suexec-custom_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-suexec-custom_2.2.13-1_i386.deb
apache2-suexec_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-suexec_2.2.13-1_i386.deb
apache2-threaded-dev_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.2.13-1_i386.deb
apache2-utils_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2-utils_2.2.13-1_i386.deb
apache2.2-bin_2.2.13-1_i386.deb
  to pool/main/a/apache2/apache2.2-bin_2.2.13-1_i386.deb
apache2.2-common_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2.2-common_2.2.13-1_all.deb
apache2_2.2.13-1.diff.gz
  to pool/main/a/apache2/apache2_2.2.13-1.diff.gz
apache2_2.2.13-1.dsc
  to pool/main/a/apache2/apache2_2.2.13-1.dsc
apache2_2.2.13-1_all.deb
  to pool/main/a/apache2/apache2_2.2.13-1_all.deb
apache2_2.2.13.orig.tar.gz
  to pool/main/a/apache2/apache2_2.2.13.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 542623@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 31 Aug 2009 20:28:56 +0200
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source i386 all
Version: 2.2.13-1
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 apache2    - Apache HTTP Server metapackage
 apache2-dbg - Apache debugging symbols
 apache2-doc - Apache HTTP Server documentation
 apache2-mpm-event - Apache HTTP Server - event driven model
 apache2-mpm-itk - multiuser MPM for Apache 2.2
 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
 apache2-mpm-worker - Apache HTTP Server - high speed threaded model
 apache2-prefork-dev - Apache development headers - non-threaded MPM
 apache2-suexec - Standard suexec program for Apache 2 mod_suexec
 apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
 apache2-threaded-dev - Apache development headers - threaded MPM
 apache2-utils - utility programs for webservers
 apache2.2-bin - Apache HTTP Server common binary files
 apache2.2-common - Apache HTTP Server common files
Closes: 542623
Changes: 
 apache2 (2.2.13-1) unstable; urgency=low
 .
   * New upstream release:
     - Fixes segfault with mod_deflate and mod_php (closes: #542623).
Checksums-Sha1: 
 c9dfee3f405a2394c470090a48b78c30e6b1b189 1782 apache2_2.2.13-1.dsc
 d6bec35731200bcc79679d83b8c3f141ecb0304a 6897450 apache2_2.2.13.orig.tar.gz
 9b683cbd90ff52f94899ced8d9ccb17f7d2b4987 178634 apache2_2.2.13-1.diff.gz
 11f5fc07216ceba0e5531475c8a97bbca3c20c9d 1301428 apache2.2-bin_2.2.13-1_i386.deb
 3931747d8e4575ae699d720f7510928daa60f981 154478 apache2-utils_2.2.13-1_i386.deb
 9b73cb3b0a5acfd86f7f7e7f9e87b4867818026d 89940 apache2-suexec_2.2.13-1_i386.deb
 479bb60b4d139c3173001d8082a8fb1d59aab41f 91486 apache2-suexec-custom_2.2.13-1_i386.deb
 662d937cc3385c2d3ab6360d29006f53d88364e9 138026 apache2-prefork-dev_2.2.13-1_i386.deb
 d4f4f8d8709f54e11a4c46b864ae79fd1b27e4ac 139210 apache2-threaded-dev_2.2.13-1_i386.deb
 57d8713f0f7dcb97a2f81ff33541e024428868bc 2673530 apache2-dbg_2.2.13-1_i386.deb
 4da87ef0afe39d37f69434c235fac4bad35986a3 291246 apache2.2-common_2.2.13-1_all.deb
 d3d1fa476f717bee30cffc0b5535544cb671b818 2262 apache2-mpm-worker_2.2.13-1_all.deb
 8c642d4a298e013dd41fcdc75e9948919c41cdcd 2320 apache2-mpm-prefork_2.2.13-1_all.deb
 ce37f5adc7d83959c57cf60eaed43da4a7bca123 2298 apache2-mpm-event_2.2.13-1_all.deb
 89eb5774ea2e36fcd9e7dac628ce54af52805f0d 2324 apache2-mpm-itk_2.2.13-1_all.deb
 e5417e65b38a267599b94784f9777124c307681e 1376 apache2_2.2.13-1_all.deb
 4dad3c1518514264bfc2b978ce4d335da86a9f94 2271780 apache2-doc_2.2.13-1_all.deb
Checksums-Sha256: 
 02406e7c8cff723064807638a12fb2194af06ac463dc038ed0ea7b82ac27727a 1782 apache2_2.2.13-1.dsc
 e27dcea0c17596ae673c34be0c387ac7171c2eb083e7f442bb13a0c66cce0712 6897450 apache2_2.2.13.orig.tar.gz
 eae52ee6d47b28fe66def39f513f4df8ee809f9d9e0ec305a9ab748b663dc487 178634 apache2_2.2.13-1.diff.gz
 563663796fb167fcb2df98d7a093be04ce279a2aa9d23eea8b9ad647b8475255 1301428 apache2.2-bin_2.2.13-1_i386.deb
 e4e9e797ebf41d3ec88731662187584636025af8e9c6d91f487cac117c457bd4 154478 apache2-utils_2.2.13-1_i386.deb
 1bc5817597b16d1f0a09379c07e13106e09ea6d4a55c4dd1bf6e0a4a5e8c2c64 89940 apache2-suexec_2.2.13-1_i386.deb
 6b5262d47d17f76342fd692bb4f13ae5e9cc4bc0a70d60af8e7ebf460179313e 91486 apache2-suexec-custom_2.2.13-1_i386.deb
 8a83ced472fcf0879109421b06e7f98d18c4811b572d670a949c6809d89733d4 138026 apache2-prefork-dev_2.2.13-1_i386.deb
 7365843dc88a533afdc9e9404791a04c7da2deda410a400bd79c81521b04d511 139210 apache2-threaded-dev_2.2.13-1_i386.deb
 9fd61584452559dc668c3cdd3835e3202d3850dd7e6d74c6a308af9ee134729d 2673530 apache2-dbg_2.2.13-1_i386.deb
 a5b18599ea140ffc306cad99b361509f064b814b1eea261a7bc37db0668a6e6d 291246 apache2.2-common_2.2.13-1_all.deb
 71484b0ac866e789a1ec28e5644e0f34820c5d3826ba30d72438531a9c5fce05 2262 apache2-mpm-worker_2.2.13-1_all.deb
 e88ef9198ed100217df050fb2f7bd761babd94d4c057d67d0ca0cea320e0d05f 2320 apache2-mpm-prefork_2.2.13-1_all.deb
 115514632f42c4669fd4109b3cc3efddd1d27ad620fc9705a9a14526772e52ec 2298 apache2-mpm-event_2.2.13-1_all.deb
 6a040dfa0da4b26c43808a9d7f0268d678e2e43dbc7241ce36c459c1557b7b76 2324 apache2-mpm-itk_2.2.13-1_all.deb
 d12388ce1161a670864060b250096d7b0b25112eaaf943582a8f7bcf492fe8ee 1376 apache2_2.2.13-1_all.deb
 36462c9057a3a6ac3950a996bef26071578376e54a72635da247eb50088723c2 2271780 apache2-doc_2.2.13-1_all.deb
Files: 
 3dd0484ea0b93714e976bfb377813f83 1782 httpd optional apache2_2.2.13-1.dsc
 2803e35be6650f5b739e6e91faa824dd 6897450 httpd optional apache2_2.2.13.orig.tar.gz
 d77a52f262bcfa360934785354c1c98d 178634 httpd optional apache2_2.2.13-1.diff.gz
 040cea9b4cc95d9c34ec36f270fbb21d 1301428 httpd optional apache2.2-bin_2.2.13-1_i386.deb
 c199c309137570ee25887a785b72d1ce 154478 httpd optional apache2-utils_2.2.13-1_i386.deb
 dd88cdb5ad0f85b846b259e32a82e2d4 89940 httpd optional apache2-suexec_2.2.13-1_i386.deb
 de027b9502f4b9b85f0434ab4dc15822 91486 httpd extra apache2-suexec-custom_2.2.13-1_i386.deb
 290ebb83dd112b1a8b4f2c03930feb60 138026 httpd extra apache2-prefork-dev_2.2.13-1_i386.deb
 f6f7905dd5ab4360c23016a21a2e9a9b 139210 httpd extra apache2-threaded-dev_2.2.13-1_i386.deb
 cc6227341277d1f35e9d1cb9b33b5daf 2673530 debug extra apache2-dbg_2.2.13-1_i386.deb
 cb3b09cfbbc582870750c6ac9e1520f2 291246 httpd optional apache2.2-common_2.2.13-1_all.deb
 29323538b8ead5c3fa70ba45154c3091 2262 httpd optional apache2-mpm-worker_2.2.13-1_all.deb
 d618be4fac3a4adf25bb9ba249bfe198 2320 httpd optional apache2-mpm-prefork_2.2.13-1_all.deb
 af54adf737fc1f79833f333f8a31bfbc 2298 httpd optional apache2-mpm-event_2.2.13-1_all.deb
 38ef76d37704f4d6446ddaf9c8928c0b 2324 httpd optional apache2-mpm-itk_2.2.13-1_all.deb
 f121eff0bd5ef5fd4a23aa17fc9156af 1376 httpd optional apache2_2.2.13-1_all.deb
 96ba63b5f1e519357e096f29e989a851 2271780 doc optional apache2-doc_2.2.13-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKnBrubxelr8HyTqQRAhQZAKCAI+pOdxNUP8VcXcpXS9AROKRBgwCfWN+v
4uCLo42oqlEuUK3iZw6YZyg=
=rW6e
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: