[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#678740: marked as done (apache2.2-common: bad comment in /etc/apache2/conf.d/security)

Your message dated Sun, 24 Jun 2012 18:32:15 +0000
with message-id <E1Sirbb-0008Ri-Lr@franck.debian.org>
and subject line Bug#678740: fixed in apache2 2.2.22-9
has caused the Debian Bug report #678740,
regarding apache2.2-common: bad comment in /etc/apache2/conf.d/security
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
678740: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678740
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: apache2.2-common
Version: 2.2.22-8
Severity: minor

/etc/apache2/conf.d/security contains:

# Some browsers have a built-in XSS filter that will detect some cross site
# scripting attacks. By default, these browsers the the suspicious part of
                                                ^^^^^^^
# the page and display the result. This behavior can create various problems
# including new security issues. This header will tell the XSS filter to
# completely block access to the page instead.

The first "the" should be replaced by a verb (is it "skip" / "ignore" or
something else?).

-- Package-specific info:
List of /etc/apache2/mods-enabled/*.load:
  alias auth_basic authn_file authz_default authz_groupfile
  authz_host authz_user autoindex cgi cgid dav dav_svn deflate dir
  env mime negotiation perl reqtimeout rewrite setenvif ssl status
  userdir

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apache2.2-common depends on:
ii  apache2-utils  2.2.22-8
ii  apache2.2-bin  2.2.22-8
ii  lsb-base       4.1+Debian7
ii  mime-support   3.52-1
ii  perl           5.14.2-12
ii  procps         1:3.3.3-2

Versions of packages apache2.2-common recommends:
ii  ssl-cert  1.0.31

Versions of packages apache2.2-common suggests:
ii  apache2-doc                             2.2.22-8
pn  apache2-suexec | apache2-suexec-custom  <none>
ii  chromium [www-browser]                  20.0.1132.41~r143299-1
ii  elinks [www-browser]                    0.12~pre5-8
ii  epiphany-browser [www-browser]          3.4.2-1
ii  iceweasel [www-browser]                 10.0.5esr-1
ii  links [www-browser]                     2.6-2
ii  links2 [www-browser]                    2.6-2
ii  lynx-cur [www-browser]                  2.8.8dev.12-2
ii  midori [www-browser]                    0.4.3-1
ii  uzbl [www-browser]                      0.0.0~git.20120514-1
ii  w3m [www-browser]                       0.5.3-8

Versions of packages apache2.2-common is related to:
pn  apache2-mpm-event    <none>
pn  apache2-mpm-itk      <none>
pn  apache2-mpm-prefork  <none>
ii  apache2-mpm-worker   2.2.22-8

-- Configuration Files:
/etc/apache2/mods-available/userdir.conf changed [not included]

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: apache2
Source-Version: 2.2.22-9

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:

apache2-dbg_2.2.22-9_i386.deb
  to main/a/apache2/apache2-dbg_2.2.22-9_i386.deb
apache2-doc_2.2.22-9_all.deb
  to main/a/apache2/apache2-doc_2.2.22-9_all.deb
apache2-mpm-event_2.2.22-9_i386.deb
  to main/a/apache2/apache2-mpm-event_2.2.22-9_i386.deb
apache2-mpm-itk_2.2.22-9_i386.deb
  to main/a/apache2/apache2-mpm-itk_2.2.22-9_i386.deb
apache2-mpm-prefork_2.2.22-9_i386.deb
  to main/a/apache2/apache2-mpm-prefork_2.2.22-9_i386.deb
apache2-mpm-worker_2.2.22-9_i386.deb
  to main/a/apache2/apache2-mpm-worker_2.2.22-9_i386.deb
apache2-prefork-dev_2.2.22-9_i386.deb
  to main/a/apache2/apache2-prefork-dev_2.2.22-9_i386.deb
apache2-suexec-custom_2.2.22-9_i386.deb
  to main/a/apache2/apache2-suexec-custom_2.2.22-9_i386.deb
apache2-suexec_2.2.22-9_i386.deb
  to main/a/apache2/apache2-suexec_2.2.22-9_i386.deb
apache2-threaded-dev_2.2.22-9_i386.deb
  to main/a/apache2/apache2-threaded-dev_2.2.22-9_i386.deb
apache2-utils_2.2.22-9_i386.deb
  to main/a/apache2/apache2-utils_2.2.22-9_i386.deb
apache2.2-bin_2.2.22-9_i386.deb
  to main/a/apache2/apache2.2-bin_2.2.22-9_i386.deb
apache2.2-common_2.2.22-9_i386.deb
  to main/a/apache2/apache2.2-common_2.2.22-9_i386.deb
apache2_2.2.22-9.debian.tar.gz
  to main/a/apache2/apache2_2.2.22-9.debian.tar.gz
apache2_2.2.22-9.dsc
  to main/a/apache2/apache2_2.2.22-9.dsc
apache2_2.2.22-9_i386.deb
  to main/a/apache2/apache2_2.2.22-9_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 678740@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 24 Jun 2012 20:10:27 +0200
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source i386 all
Version: 2.2.22-9
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 apache2    - Apache HTTP Server metapackage
 apache2-dbg - Apache debugging symbols
 apache2-doc - Apache HTTP Server documentation
 apache2-mpm-event - Apache HTTP Server - event driven model
 apache2-mpm-itk - multiuser MPM for Apache 2.2
 apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
 apache2-mpm-worker - Apache HTTP Server - high speed threaded model
 apache2-prefork-dev - Apache development headers - non-threaded MPM
 apache2-suexec - Standard suexec program for Apache 2 mod_suexec
 apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
 apache2-threaded-dev - Apache development headers - threaded MPM
 apache2-utils - utility programs for webservers
 apache2.2-bin - Apache HTTP Server common binary files
 apache2.2-common - Apache HTTP Server common files
Closes: 678740
Changes: 
 apache2 (2.2.22-9) unstable; urgency=low
 .
   * Fix typo in conf.d/security comment. Closes: #678740
Checksums-Sha1: 
 966279aa12230de2769fdac2fe51a6de0b1c88e5 2235 apache2_2.2.22-9.dsc
 1b448a45d7bb3a2518b3c6d06626650ea0013e6f 192747 apache2_2.2.22-9.debian.tar.gz
 54ef2b655d656b848b8af98b4c136f8380c34766 319076 apache2.2-common_2.2.22-9_i386.deb
 8852eeac053e7f8b670d50421ff49451258176b6 1459538 apache2.2-bin_2.2.22-9_i386.deb
 28c0aca8948e5ae6ab470af04a2298ca5115a56b 2186 apache2-mpm-worker_2.2.22-9_i386.deb
 5655ba1adbd44ed0e8b4e30fe9e1b4328e21b628 2292 apache2-mpm-prefork_2.2.22-9_i386.deb
 c22c16e7e059cfb30e3efd6f38d9ae4828e64cbd 2252 apache2-mpm-event_2.2.22-9_i386.deb
 3e17dbd283049393eaf19df3ce7c0a2e0b2f8ec4 2278 apache2-mpm-itk_2.2.22-9_i386.deb
 16b5c1b5cb120ecfcd8641bb1dc67e18e0fe9c3c 176498 apache2-utils_2.2.22-9_i386.deb
 84c7e8f25683b5da86d9d755af4335d2f81c190c 106828 apache2-suexec_2.2.22-9_i386.deb
 2febe754d5cee25c3b0a2a5155d96fb06f854837 108506 apache2-suexec-custom_2.2.22-9_i386.deb
 776aa860343fc647cd6ca9f6f4a1ba3a14043142 1390 apache2_2.2.22-9_i386.deb
 c830d047a96faca094521e8d0fe4d2a7c199cd9f 2704538 apache2-doc_2.2.22-9_all.deb
 823d37d56a9ce3dea09ee684e3e23d976e784aab 137968 apache2-prefork-dev_2.2.22-9_i386.deb
 d8e1e486864fd990399254238a498fae61f6adfa 139132 apache2-threaded-dev_2.2.22-9_i386.deb
 29eead8e648c974188bbc52502c9956f02a5b92a 3502572 apache2-dbg_2.2.22-9_i386.deb
Checksums-Sha256: 
 5619f6774664b80a44532f9c46e426e5d15d07c985191c43c1136e5d4bfd138a 2235 apache2_2.2.22-9.dsc
 0f5b0c997884c2961af3833a6e9aab2150c7d2b087a64e7c14f73ad775849dba 192747 apache2_2.2.22-9.debian.tar.gz
 5eaebe559d5e1b20d3d8d2e0efafa26273472d8212a74c7b9c729d9ad2397437 319076 apache2.2-common_2.2.22-9_i386.deb
 98952a68b35d9edc6d9e2ac4f5b00864e4ddcd9ee922da26a10a2f2ce44caebf 1459538 apache2.2-bin_2.2.22-9_i386.deb
 1b53041adc3ff79a218cffa6dc34d474ac059ca1b068ead457912b6603644b2f 2186 apache2-mpm-worker_2.2.22-9_i386.deb
 6273da0cd89980393f37e72974ad859dc4fa148349d047652d80de70e284149c 2292 apache2-mpm-prefork_2.2.22-9_i386.deb
 3c0c0d5fe9e8bf463250759af8a3af66c24490ddada84618790a50ccc52b0b57 2252 apache2-mpm-event_2.2.22-9_i386.deb
 7c78d105817d5d9ca77ffb9a6d9a13ce80fb57755959c905429a6015b5175a4c 2278 apache2-mpm-itk_2.2.22-9_i386.deb
 e4388d96e125fe11272e3ba379f3d73745b79b8a4685d5f3d5a2ae33a5ff591e 176498 apache2-utils_2.2.22-9_i386.deb
 81a15d072f0765f661b407192b63aeaf00fd8eb83cec1db7721e4827c759dae9 106828 apache2-suexec_2.2.22-9_i386.deb
 678eb7f56a9afe5d905449d688fa4966f24290ce9fa0a76ccb64c28960f5fcca 108506 apache2-suexec-custom_2.2.22-9_i386.deb
 04e5dbb284cc41c12b85eb0f612f859be420572516c7d8d3a314c5f159f394e8 1390 apache2_2.2.22-9_i386.deb
 fba580b17549c5ed8460804b4c5947fff62822c99528126d7f7f5a89dda7f548 2704538 apache2-doc_2.2.22-9_all.deb
 020c6033fdaf72f47574a74e6e0724f9ce74dc552254a0579cbf9d2577191d31 137968 apache2-prefork-dev_2.2.22-9_i386.deb
 32917b5b86b7532c4783bacac4df6ca97d1c89a50a300eb0d9f1c87b36e34ba3 139132 apache2-threaded-dev_2.2.22-9_i386.deb
 954b1cb68a445b42efe07ad423fa08ef3bdbe20e62df00e2c792fcedddc8778c 3502572 apache2-dbg_2.2.22-9_i386.deb
Files: 
 052e6ffce5054b2515e2726bae9a8200 2235 httpd optional apache2_2.2.22-9.dsc
 045a4e0a8b4e9f741efa7fac840720b4 192747 httpd optional apache2_2.2.22-9.debian.tar.gz
 be1cc6479eeac7d272e9ca65f5ecbf35 319076 httpd optional apache2.2-common_2.2.22-9_i386.deb
 75699bc33ece12409707693ac184c2fb 1459538 httpd optional apache2.2-bin_2.2.22-9_i386.deb
 447560bfc93ceaa4e2d8e28099200569 2186 httpd optional apache2-mpm-worker_2.2.22-9_i386.deb
 84a728f0be2d9999b60f3f3e07eb3364 2292 httpd optional apache2-mpm-prefork_2.2.22-9_i386.deb
 a507a0bea81deee74690a4fe2035f4cc 2252 httpd optional apache2-mpm-event_2.2.22-9_i386.deb
 86b0420041d39f2e43d5d832ba8bf304 2278 httpd extra apache2-mpm-itk_2.2.22-9_i386.deb
 42f6dedc2796fbd8088ccd8246344d8f 176498 httpd optional apache2-utils_2.2.22-9_i386.deb
 6cb0c0037b597bcd1be16fc4aeb1b99c 106828 httpd optional apache2-suexec_2.2.22-9_i386.deb
 786f8dbf028887a9a4b810f880440f42 108506 httpd extra apache2-suexec-custom_2.2.22-9_i386.deb
 92fb01a039b963b40cf5ef32e8ee063b 1390 httpd optional apache2_2.2.22-9_i386.deb
 ef91dd68d3b39283bb434ecda16bfddd 2704538 doc optional apache2-doc_2.2.22-9_all.deb
 9a8266a4442d6b3836c4583d2590f677 137968 httpd extra apache2-prefork-dev_2.2.22-9_i386.deb
 b516b3adb6d942bf5eb1719e339bd77c 139132 httpd extra apache2-threaded-dev_2.2.22-9_i386.deb
 078b489ecd42ea1298837f8482636683 3502572 debug extra apache2-dbg_2.2.22-9_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFP51qObxelr8HyTqQRAkzGAKCjjEHZAUck2tNF7atC/9EcdtsuWQCgwJye
h3hQsFuvxStGRydAikCUalU=
=ojFZ
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: