Bug#151384: apache2-common: Linux is not a version of GNU
Package: apache2-common
Version: 2.0.37-2
Severity: minor
Apache is returning headers like this:
Server: Apache/2.0.37 Debian GNU/Linux (Unix)
According to RFC2616 parts 14.38 and 3.8, this means:
* The server uses a product "Apache" with version "2.0.37".
* The server uses a product "Debian" with unspecified version.
* The server uses a product "GNU" with version "Linux".
* There is a comment "Unix". The standard doesn't specify what
that means.
Note that "Linux" appears as a product-version of "GNU".
RFC2616 part 3.8 states:
# Product tokens SHOULD be short and to the point. They MUST NOT be
# used for advertising or other non-essential information. Although any
# token character MAY appear in a product-version, this token SHOULD
# only be used for a version identifier (i.e., successive versions of
# the same product SHOULD only differ in the product-version portion of
# the product value).
"Linux" is not a version of "GNU"; it is a product that has its
own version numbers. Thus it should not appear at the right side
of the slash.
If you must have an equivalent of "Debian GNU/Linux" in the
header, this might do:
Server: Apache/2.0.37 Debian-GNU-Linux (Unix)
Or, if you prefer listing the parts as separate products,
you could use something like these:
Server: Apache/2.0.37 Debian GNU Linux (Unix)
Server: Apache/2.0.37 Debian/3.0 GNU Linux/2.4.18 (Unix)
-- System Information
Debian Release: 3.0
Kernel Version: Linux Astalo 2.4.18-kon.astalo.1 #1 ke kesä 26 12:20:32 EEST 2002 i686 unknown
Versions of the packages apache2-common depends on:
ii debconf 1.1.14 Debian configuration management system
ii debianutils 1.16.3 Miscellaneous utilities specific to Debian.
ii libapr0 2.0.37-2 The Apache Portable Runtime
ii libc6 2.2.5-6 GNU C Library: Shared libraries and Timezone
ii libssl0.9.6 0.9.6d-1 SSL shared libraries
ii libxmltok1 1.1-8 XML Parser Toolkit, runtime libraries
ii zlib1g 1.1.4-1 compression library - runtime
ii libssl0.9.6 0.9.6d-1 SSL shared libraries
^^^ (Provides virtual package libssl096)
--
To UNSUBSCRIBE, email to debian-apache-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: