Bug#774319: marked as done (dpkg-www: Error in apache2/erro.log when using http://127.0.0.1/cgi-bin/dpkg)

To: Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>
Subject: Bug#774319: marked as done (dpkg-www: Error in apache2/erro.log when using http://127.0.0.1/cgi-bin/dpkg)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Tue, 15 Sep 2015 21:42:23 +0000
Message-id: <[🔎] handler.774319.D774319.14423532718741.ackdone@bugs.debian.org>
References: <E1ZbxyQ-00081C-Ag@franck.debian.org> <20141231173830.20813.115.reportbug@eiffel4.mcfm>

Your message dated Tue, 15 Sep 2015 21:41:10 +0000
with message-id <E1ZbxyQ-00081C-Ag@franck.debian.org>
and subject line Bug#774319: fixed in dpkg-www 2.56
has caused the Debian Bug report #774319,
regarding dpkg-www: Error in apache2/erro.log when using http://127.0.0.1/cgi-bin/dpkg
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
774319: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774319
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dpkg-www: Error in apache2/erro.log when using http://127.0.0.1/cgi-bin/dpkg
From: Francois Mescam <francois@mescam.org>
Date: Wed, 31 Dec 2014 18:38:30 +0100
Message-id: <20141231173830.20813.115.reportbug@eiffel4.mcfm>

Package: dpkg-www
Version: 2.54+nmu1
Severity: normal

Dear Maintainer,

Each time I use http://127.0.0.1/cgi-bin/dpkg I have an error in /etc/apache2/error.log :

[Tue Dec 30 21:56:10.101629 2014] [cgi:error] [pid 28021] [client 127.0.0.1:36430] AH01215: CGI::param called
+in list context from package main line 1, this can lead to vulnerabilities. See the warning in "Fetching the
+value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436., referer:
+http://127.0.0.1/cgi-bin/dpkg

Despite this error the result obtained is correct.

With my best regards.

I wish you a good new year.

François


-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.16.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages dpkg-www depends on:
ii  apache2 [httpd]  2.4.10-8
ii  apt              1.0.9.5
ii  dwww             1.12.1
ii  info2www         1.2.2.9-24
ii  perl [perl5]     5.20.1-4

dpkg-www recommends no packages.

Versions of packages dpkg-www suggests:
ii  chromium [www-browser]              39.0.2171.71-2
ii  dctrl-tools [grep-dctrl]            2.23
ii  dlocate                             1.02+nmu3
ii  google-chrome-stable [www-browser]  39.0.2171.95-1
ii  iceweasel [www-browser]             31.3.0esr-1
ii  links [www-browser]                 2.8-2+b3
ii  links2 [www-browser]                2.8-2+b3
ii  lynx-cur [www-browser]              2.8.9dev1-2+b1
ii  man2html                            1.6g-7
ii  tasksel                             3.29
ii  w3m [www-browser]                   0.5.3-19

-- Configuration Files:
/etc/apache2/conf.d/dpkg-www [Errno 2] Aucun fichier ou dossier de ce type: u'/etc/apache2/conf.d/dpkg-www'

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 774319-close@bugs.debian.org
Subject: Bug#774319: fixed in dpkg-www 2.56
From: Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>
Date: Tue, 15 Sep 2015 21:41:10 +0000
Message-id: <E1ZbxyQ-00081C-Ag@franck.debian.org>

Source: dpkg-www
Source-Version: 2.56

We believe that the bug you reported is fixed in the latest version of
dpkg-www, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 774319@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com> (supplier of updated dpkg-www package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 15 Sep 2015 21:17:14 +0200
Source: dpkg-www
Binary: dpkg-www
Architecture: source all
Version: 2.56
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Jean-Michel Nirgal Vourgère <jmv_deb@nirgal.com>
Description:
 dpkg-www   - Web based Debian package browser
Closes: 712018 774319 781295
Changes:
 dpkg-www (2.56) unstable; urgency=medium
 .
   * QA upload.
   * Bumped compat level to 9.
   * Bumped Standards-Version to 3.9.6:
     - Move menu to section Applications/System/Package Management.
   * Bumped source format to 3.0 (native).
   * Minimize d/rules to use dh $@.
   * Use d/install to install files. Drop unused targets from Makefile.
   * Use d/manpages to install manuals.
   * Use .so in dpkg-www-installer.8 rather than creating links manually.
   * Other d/control changed:
     - Added Vcs-* fields.
     - Added ${misc:Depends}.
     - Replace mozilla-firefox by iceweasel.
   * src/dpkg-www.8:
     - Fix hyphen-used-as-minus-sign.
     - Spelling fix.
   * Polish apache2.4 upgrade:
     - New require apache2.4 syntax in d/dpkg-www.conf.
     - Update README.Debian.
     - New lintian override for Build-Depending on dh-apache2.
   * d/copyright: Switch to DEP5 format, fix link to GPL-2 license.
   * New .desktop file since menu is deprecated.
   * Set utf-8 charset in html responses. (Closes: #712018)
   * Force perl 'scalar' parsing of CGI parameters. (Closes: #774319)
   * Delete unwanted 'debian/:q' file. (Closes: #781295)
Checksums-Sha1:
 343f651f43bc1cedea32add802516a75f2425798 1177 dpkg-www_2.56.dsc
 5d9db371e1579eb02e9aa64587197f370e5a9c00 25568 dpkg-www_2.56.tar.xz
 de47ef2b5013824926275fa88711b19326c3252d 30314 dpkg-www_2.56_all.deb
Checksums-Sha256:
 0cbe8ec418207aa15d0e0e860f2a715df67cf7c612c09f5e44dc9068eb6d48de 1177 dpkg-www_2.56.dsc
 695ea0bd41787cf317160f7f2f7951d301624c2f56eb26e71686746669d4fe81 25568 dpkg-www_2.56.tar.xz
 b7252b13f243c0fdc73831547a77de65c648ebde3086861cde26be506887aed5 30314 dpkg-www_2.56_all.deb
Files:
 a7b8f01de11c07b5b09e8b45b74b1890 1177 doc optional dpkg-www_2.56.dsc
 b93c1f9917b2c1f3b3743c93cfd8e629 25568 doc optional dpkg-www_2.56.tar.xz
 a8721f57064d658955d4e364e3cf718b 30314 doc optional dpkg-www_2.56_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJV+IedAAoJEEHOfwufG4syE/sH/0sc6GYRqMjNoxJZsp+yMKX2
x8cfjBt3Cc42WycuHjx9ZQx7ETm7m8aFitm33TceNDPo6OXuCNjdQWqYFQLWBN/U
7zIf/eGuTkOhYgvfxll8W6RcjcJxYhH5slGETYl33AXjXQ9Z/c2e9P4UhXRZ9VEa
jLQjuMcQMSncqq1UwJ1b04f9BrGSuJVx1MyjWBo/m+sdFanfiG1s2i/RO5XCO+MD
Tq1VhfftP2CnnVjNx4x0ZOt+n6q8EzhCB77Of57wlp+WIIVpnI1Aeew+hFSP8uY1
RFzrDtRHAo+O12/zBoShu3isxeYYXNWu1Qh+dHSbJoC21K1DOZiU+qCKtFDNx24=
=DARw
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Bug#712018: marked as done (dpkg-www: Should set encoding to UTF-8)
Next by Date: Bug#797165: Uploaded to delay/2
Previous by thread: Bug#712018: marked as done (dpkg-www: Should set encoding to UTF-8)
Next by thread: Bug#797165: Uploaded to delay/2
Index(es):
- Date
- Thread