Bug#443196: marked as done (apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory)

To: Stefan Fritsch <sf@debian.org>
Subject: Bug#443196: marked as done (apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 22 Sep 2007 20:06:05 +0000
Message-id: <[🔎] handler.443196.D443196.119049128010410.ackdone@bugs.debian.org>
References: <E1IZB5O-0004Hw-Oc@ries.debian.org> <[🔎] 20070919153754.22588.1157.reportbug@full-refund.oucs.ox.ac.uk>

Your message dated Sat, 22 Sep 2007 19:56:18 +0000
with message-id <E1IZB5O-0004Hw-Oc@ries.debian.org>
and subject line Bug#443196: fixed in apache2 2.2.3-4+etch3
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory
From: moog <moog@sysdev.oucs.ox.ac.uk>
Date: Wed, 19 Sep 2007 16:37:54 +0100
Message-id: <[🔎] 20070919153754.22588.1157.reportbug@full-refund.oucs.ox.ac.uk>

Package: apache2-mpm-worker
Version: 2.2.3-4+etch1
Severity: critical
Justification: breaks the whole system


Start with a simple apache2.conf containing two vhosts:

Listen 192.168.1.1:80
<VirtualHost 192.168.1.1:80>
  ServerName my.server
  DocumentRoot /var/www
</VirtualHost>

Listen 192.168.1.2:80
<VirtualHost 192.168.1.2:80>
  ServerName my.server
  DocumentRoot /var/www
</VirtualHost>

With Apache running, edit apache2.conf to remove the first vhost (i.e.
comment out the first Listen+VirtualHost section) and reload Apache
(SIGUSR1). It then consumes all memory, making the system unusable
until the process is killed.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable'), (1, 'experimental')
Architecture: amd64
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)

--- End Message ---

--- Begin Message ---

To: 443196-close@bugs.debian.org
Subject: Bug#443196: fixed in apache2 2.2.3-4+etch3
From: Stefan Fritsch <sf@debian.org>
Date: Sat, 22 Sep 2007 19:56:18 +0000
Message-id: <E1IZB5O-0004Hw-Oc@ries.debian.org>

Source: apache2
Source-Version: 2.2.3-4+etch3

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-doc_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2-doc_2.2.3-4+etch3_all.deb
apache2-mpm-event_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-mpm-event_2.2.3-4+etch3_i386.deb
apache2-mpm-perchild_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch3_all.deb
apache2-mpm-prefork_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch3_i386.deb
apache2-mpm-worker_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch3_i386.deb
apache2-prefork-dev_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch3_i386.deb
apache2-src_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2-src_2.2.3-4+etch3_all.deb
apache2-threaded-dev_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch3_i386.deb
apache2-utils_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-utils_2.2.3-4+etch3_i386.deb
apache2.2-common_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2.2-common_2.2.3-4+etch3_i386.deb
apache2_2.2.3-4+etch3.diff.gz
  to pool/main/a/apache2/apache2_2.2.3-4+etch3.diff.gz
apache2_2.2.3-4+etch3.dsc
  to pool/main/a/apache2/apache2_2.2.3-4+etch3.dsc
apache2_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2_2.2.3-4+etch3_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 443196@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 15 Sep 2007 11:33:58 +0200
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src apache2-threaded-dev apache2-mpm-perchild
Architecture: source all i386
Version: 2.2.3-4+etch3
Distribution: stable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 apache2    - Next generation, scalable, extendable web server
 apache2-doc - documentation for apache2
 apache2-mpm-event - Event driven model for Apache HTTPD 2.1
 apache2-mpm-perchild - Transitional package - please remove
 apache2-mpm-prefork - Traditional model for Apache HTTPD 2.1
 apache2-mpm-worker - High speed threaded model for Apache HTTPD 2.1
 apache2-prefork-dev - development headers for apache2
 apache2-src - Apache source code
 apache2-threaded-dev - development headers for apache2
 apache2-utils - utility programs for webservers
 apache2.2-common - Next generation, scalable, extendable web server
Closes: 441845 443196
Changes: 
 apache2 (2.2.3-4+etch3) stable; urgency=low
 .
   * fix CVE-2007-3847: DoS in mod_proxy (for threaded MPMs)
     (Closes: #441845)
   * Don't eat all memory on graceful restart when config has changed
     from many listening sockets to one (Closes: #443196)
Files: 
 ba55ad79fd3c89a1cfb6b885b1993825 1068 web optional apache2_2.2.3-4+etch3.dsc
 6d768b11c97a321a0e8c9249e949ab91 111619 web optional apache2_2.2.3-4+etch3.diff.gz
 631e142ac2a0e9e2b2232d93d0f20af3 962480 web optional apache2.2-common_2.2.3-4+etch3_i386.deb
 2afcadbdf1c43bbcced0a153f2e6855c 422638 web optional apache2-mpm-worker_2.2.3-4+etch3_i386.deb
 9f12ebe74eb26350082106ecb67dbd86 418870 web optional apache2-mpm-prefork_2.2.3-4+etch3_i386.deb
 0e719f33bd4c909d5a55acbca33bf23d 423212 web optional apache2-mpm-event_2.2.3-4+etch3_i386.deb
 a91938ec934908fa3d50bbd86e54de49 342068 web optional apache2-utils_2.2.3-4+etch3_i386.deb
 c4cf8aa286d21e9ce0f8682755ae0488 407284 devel optional apache2-prefork-dev_2.2.3-4+etch3_i386.deb
 ea3daac53c745850b8696e22d79afe4e 407898 devel optional apache2-threaded-dev_2.2.3-4+etch3_i386.deb
 b37190594bfe638f5aa8a5503f7d4c45 273730 web optional apache2-mpm-perchild_2.2.3-4+etch3_all.deb
 5ce5f2c7902102548d2b34640542e9a2 40424 web optional apache2_2.2.3-4+etch3_all.deb
 c05606ffde65b8e3276d21f58242917a 2207486 doc optional apache2-doc_2.2.3-4+etch3_all.deb
 5381a88a04d93b9985b15614c325cbda 6613604 devel extra apache2-src_2.2.3-4+etch3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG8YKAbxelr8HyTqQRAmc+AKCF1kE0PaPsBUqsdrZst/wxk+OFcgCgkYtx
SDBEfEW/7jvOjetcTbNw5xc=
=CYaH
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

References:
- Bug#443196: apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory
  - From: moog <moog@sysdev.oucs.ox.ac.uk>

Prev by Date: Bug#441845: marked as done (CVE-2007-3847: apache2 denial of service vulnerability (for threaded MPMs) in mod_proxy)
Next by Date: [RFR] templates://ssl-cert/{templates}
Previous by thread: Bug#443196: apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory
Next by thread: Processing of apache2_2.2.3-4+etch3_i386.changes
Index(es):
- Date
- Thread