Bug#397310: apache2: silently breaks website authentication
Package: apache2
Version: 2.2.3-3
Severity: grave
Justification: renders package unusable
Upgrading apache2 this morning broke all websites using the "Require
valid-user" directive because the authz_user module was not (no longer?)
activated. No startup warning was issued, and only a cryptic "require
directives present and no Authoritative handler." message could be seen
in the logs upon access attempts.
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable'), (50, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.11
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages apache2 depends on:
ii apache2-mpm-worker 2.2.3-3 High speed threaded model for Apac
apache2 recommends no packages.
-- no debconf information
Reply to: