Re: Apache SHA1 Password bug (AMD64)
On Tuesday 13 January 2009, Kirk Ismay wrote:
> I have experienced a bug on AMD64 Apache/1.3.33 & Apache/1.3.34
> (Debian) . SHA1 encrypted passwords do not seem to work. The
> issue is similar to this, but only seems to affect AMD64 on sarge
> and etch (I've tried it on several machines):
> https://issues.apache.org/bugzilla/show_bug.cgi?id=17343
>
> The following test case works on my i386 machine, but fails on
> AMD64. The SHA login is guest/guest, crypt is test/test.
While this would be a bug, it does not seem severe enough to fix it in
a stable release. Apache 1.3 is not included in Debian releases after
etch. Therefore, if it is a problem for you, please migrate to apache
2.2. You will have to migrate sooner or later anyway, since security
support for Apache 1.3 will finish one year after lenny is released.
Cheers,
Stefan
Reply to: