Bug#836818: marked as done (apache2: Better handling of obsoleting configuration files during the upgrade process in preinst script)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Thu, 09 Mar 2017 23:17:10 +0000
with message-id <E1cm7J0-0008DF-Mc@fasolo.debian.org>
and subject line Bug#836818: fixed in apache2 2.4.10-10+deb8u8
has caused the Debian Bug report #836818,
regarding apache2: Better handling of obsoleting configuration files during the upgrade process in preinst script
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
836818: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836818
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: apache2: Better handling of obsoleting configuration files during the upgrade process in preinst script
• From: Erik Wasser <ewasser@maxcluster.de>
• Date: Tue, 06 Sep 2016 10:21:12 +0200
• Message-id: <20160906082112.18373.78853.reportbug@srv-a-io.c-700.maxcluster.net>

Package: apache2
Version: 2.4.10-10+deb8u5
Severity: normal

Dear Maintainer,

is it possible to modify the function obsolete_conffile_exists() in the
`preinst' script?

I'm asking this with the following background: We're having the following
configuration files in our apache environment:

FILE  /etc/apache2/sites-available/default.conf
DIR   /etc/apache2/sites-available/default
FILES /etc/apache2/sites-available/default/*.conf

During the (jessie) upgrade process between 2.4.10-10+deb8u4 and
2.4.10-10+deb8u5 `our' directory `/etc/apache2/sites-available/default'
was renamed to `/etc/apache2/sites-available/default.dpkg-remove'.

The restart of the apache then failed because the configuration file
`/etc/apache2/sites-available/default/default.conf' still referenced to
the moved file/directory
`/etc/apache2/sites-available/default/default.conf'.

Please consider the following changes:

1) Replace the check against real files with `-f' instead of `-e'
(in the `preinst/obsolete_conffile_exists()' function).

2) Skip the whole obsolete-file-check if the upgrade is between
two apache 2.4.X instances.

Thanks for your help

--- End Message ---

--- Begin Message ---

• To: 836818-close@bugs.debian.org
• Subject: Bug#836818: fixed in apache2 2.4.10-10+deb8u8
• From: Stefan Fritsch <sf@debian.org>
• Date: Thu, 09 Mar 2017 23:17:10 +0000
• Message-id: <E1cm7J0-0008DF-Mc@fasolo.debian.org>

Source: apache2
Source-Version: 2.4.10-10+deb8u8

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 836818@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 24 Feb 2017 19:36:41 +0100
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2.2-bin apache2.2-common libapache2-mod-proxy-html libapache2-mod-macro apache2-utils apache2-suexec apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.10-10+deb8u8
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-mpm-event - transitional event MPM package for apache2
 apache2-mpm-itk - transitional itk MPM package for apache2
 apache2-mpm-prefork - transitional prefork MPM package for apache2
 apache2-mpm-worker - transitional worker MPM package for apache2
 apache2-suexec - transitional package for apache2-suexec-pristine
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
 apache2.2-bin - Transitional package for apache2-bin
 apache2.2-common - Transitional package for apache2
 libapache2-mod-macro - Transitional package for apache2-bin
 libapache2-mod-proxy-html - Transitional package for apache2-bin
Closes: 836818
Changes:
 apache2 (2.4.10-10+deb8u8) jessie-security; urgency=medium
 .
   * CVE-2016-8743: Enforce more HTTP conformance for request lines and
     request headers, to prevent response splitting and cache pollution
     by malicious clients or downstream proxies.
     If this causes problems with non-conforming clients, some checks can
     be relaxed by adding the new directive 'HttpProtocolOptions unsafe'
     to the configuration.
     Differently than the upstream 2.4.25 release which will also be in the
     Debian 9 (stretch) release, this update for Debian 8 (jessie) accepts
     underscores in host and domain names even while 'HttpProtocolOptions
     strict' is in effect.
     More information is available at
     http://httpd.apache.org/docs/2.4/mod/core.html#httpprotocoloptions
   * CVE-2016-0736: mod_session_crypto: Prevent padding oracle attack.
   * CVE-2016-2161: mod_auth_digest: Prevent segfaults when the shared memory
     space is exhausted.
   * Activate mod_reqtimeout in new installs and during updates from
     before 2.4.10-10+deb8u8. It was wrongly not activated in new installs
     since jessie. This made the default installation vulnerable to some
     DoS attacks.
   * Don't run 2.2 to 2.4 upgrade logic again when upgrading from
     2.4.10-10+deb8u*. Closes: #836818
Checksums-Sha1:
 dd6e773c03c22eb97beffe56e39b9f4b17eea31e 3277 apache2_2.4.10-10+deb8u8.dsc
 a789b374f989dfe3734cb9b1895e7d2891b5fd04 555484 apache2_2.4.10-10+deb8u8.debian.tar.xz
 eca349323d757c556927f2f464b6317bbb858d2a 1154 libapache2-mod-proxy-html_2.4.10-10+deb8u8_amd64.deb
 77301fbf47c8fd1c6dddfa5e559a7e15ffb9529a 1144 libapache2-mod-macro_2.4.10-10+deb8u8_amd64.deb
 614ddb2e7ddcdc8ac27a4d3214762cae0d6f7325 207864 apache2_2.4.10-10+deb8u8_amd64.deb
 674977677e376e5a815aff1b3087c07e9f20d229 162406 apache2-data_2.4.10-10+deb8u8_all.deb
 9cfbe70817c7d93bc76f791f297c74d4b36d6e3b 1038126 apache2-bin_2.4.10-10+deb8u8_amd64.deb
 a69da5560d584ab7c48e2b549be5ba91f08eab73 1512 apache2-mpm-worker_2.4.10-10+deb8u8_amd64.deb
 cafcc2087aac55983162c6c3aa163c0f844a6e79 1516 apache2-mpm-prefork_2.4.10-10+deb8u8_amd64.deb
 a0d59e70ea06d145af068f46649ba80a75bb75cf 1520 apache2-mpm-event_2.4.10-10+deb8u8_amd64.deb
 52a844e16bb2bf5763895f5c3e10842b29accb8b 1516 apache2-mpm-itk_2.4.10-10+deb8u8_amd64.deb
 d99e68a3f46e0891c5fa8d23b5791e605c43f8a5 1700 apache2.2-bin_2.4.10-10+deb8u8_amd64.deb
 1279f9a662cfd48a920981cc31807af41c8be26c 125296 apache2.2-common_2.4.10-10+deb8u8_amd64.deb
 cac2edc3c895607a1e834ceec50c08b2857d8094 195542 apache2-utils_2.4.10-10+deb8u8_amd64.deb
 f85de16092354b6f7b366edc954541d2341cd509 1658 apache2-suexec_2.4.10-10+deb8u8_amd64.deb
 996868cfbf6d78148fe21577d8e281c5375754ff 130468 apache2-suexec-pristine_2.4.10-10+deb8u8_amd64.deb
 2c1e65c74b7da8a0650d99e32a8c5fcb5decb0ca 132000 apache2-suexec-custom_2.4.10-10+deb8u8_amd64.deb
 a10fd327bab9a0bdbbe371e24d2f505965732885 2726758 apache2-doc_2.4.10-10+deb8u8_all.deb
 34c6c78fb9dedc2d644e49ebea7e2419034a84b7 282096 apache2-dev_2.4.10-10+deb8u8_amd64.deb
 cfb7275aa2d70c5f8f625e45411716759035059f 1710146 apache2-dbg_2.4.10-10+deb8u8_amd64.deb
Checksums-Sha256:
 c20dc666e6192c3db716e1dfb60afed3248aabd9a2d3232301a11fe8d936dac6 3277 apache2_2.4.10-10+deb8u8.dsc
 352be8c8245c162a9d97cf167a904fd1684904ffede565f23a654935701b40fa 555484 apache2_2.4.10-10+deb8u8.debian.tar.xz
 a09d2b7bfd971095922fc3ca589cc0501aabdfc0755791bacf012d16b300c103 1154 libapache2-mod-proxy-html_2.4.10-10+deb8u8_amd64.deb
 e2bde29696b975a927f7a3e725ba0b6901304394737efcfc412f18e0dd944ff1 1144 libapache2-mod-macro_2.4.10-10+deb8u8_amd64.deb
 d67bc2f70311b241f31cced37b44fa85e9ab2dc98f87d944151fcd3ba5032b82 207864 apache2_2.4.10-10+deb8u8_amd64.deb
 73fe8d7cb2fe67a0c752f1cd5e2c1a940ead1f0ec8583c626234e120ee7699d1 162406 apache2-data_2.4.10-10+deb8u8_all.deb
 18bd449c9e26a22cf29efde7de14b879127e3c3d73d1ebaf3ac09c3bdf1313ca 1038126 apache2-bin_2.4.10-10+deb8u8_amd64.deb
 8e8fc08d0cbff2e6fc58bddf80badda224cfd3c504a739e69497c0ae266cdc33 1512 apache2-mpm-worker_2.4.10-10+deb8u8_amd64.deb
 fb826d2dfb5bc995ddd4b3b31fecebf1ecc596d119ab8346fe3d54d604c5d18a 1516 apache2-mpm-prefork_2.4.10-10+deb8u8_amd64.deb
 e756d82ab7111a9c76291c91e344bbbddc0d9945704ad42f1140af0594c74cad 1520 apache2-mpm-event_2.4.10-10+deb8u8_amd64.deb
 85a6d3d41de34be86a4acb810a24e72da2a7a9efb554fc173807f75329b3f448 1516 apache2-mpm-itk_2.4.10-10+deb8u8_amd64.deb
 7e80bcb3c4f2d2ed6afaa049fb4130d55653470750300e8fc3adb5434a39e2e7 1700 apache2.2-bin_2.4.10-10+deb8u8_amd64.deb
 8b08c3c976c8c7b35f7a76d6176a174eb1d801622e7973a689d29cece825b1bd 125296 apache2.2-common_2.4.10-10+deb8u8_amd64.deb
 751cbf16fde465da8fdc31f860c54f5487eb2ac582c9a5097611a99bb020a7b4 195542 apache2-utils_2.4.10-10+deb8u8_amd64.deb
 82e308b5fef7d26dad6d382e020a270f8cf5572bc05c1950b5d64e0b59d0a67f 1658 apache2-suexec_2.4.10-10+deb8u8_amd64.deb
 e54bfb362c72af14a64b6eb0b7da3fb48594d51fb6fddf4b6b0b53215399d17b 130468 apache2-suexec-pristine_2.4.10-10+deb8u8_amd64.deb
 f56682e5b498f42b90bce546eb6eadba4c54618c6147e560c8fceee175172c35 132000 apache2-suexec-custom_2.4.10-10+deb8u8_amd64.deb
 4515cffae66cee5417f262d6435de8b861db875e461de2a4a647a1419c878935 2726758 apache2-doc_2.4.10-10+deb8u8_all.deb
 9f885bb62dc21af34dbc4985911b472c1d6154af4288b9f68a24aca148c4c19c 282096 apache2-dev_2.4.10-10+deb8u8_amd64.deb
 7c5975cfbc1d1c3c9f60d2b9d427bef11dbead146ad0325c1dc8336d08731df0 1710146 apache2-dbg_2.4.10-10+deb8u8_amd64.deb
Files:
 4cc0006932cbdb7a2597691505f39424 3277 httpd optional apache2_2.4.10-10+deb8u8.dsc
 7d43a85707568321b98305fe61e386d5 555484 httpd optional apache2_2.4.10-10+deb8u8.debian.tar.xz
 3e47646cf09cb400f9ffc4a91a8e76c3 1154 oldlibs extra libapache2-mod-proxy-html_2.4.10-10+deb8u8_amd64.deb
 589d68b12b551813914a86abd4e357c8 1144 oldlibs extra libapache2-mod-macro_2.4.10-10+deb8u8_amd64.deb
 4d062041edc9d16d7b51483ae6040549 207864 httpd optional apache2_2.4.10-10+deb8u8_amd64.deb
 032b846217bde330e468287fe1641f9b 162406 httpd optional apache2-data_2.4.10-10+deb8u8_all.deb
 d5f0daa9b346b8e0ce9260e09299dd47 1038126 httpd optional apache2-bin_2.4.10-10+deb8u8_amd64.deb
 9fb3b665a27206c7e38bcab206e13cbf 1512 oldlibs extra apache2-mpm-worker_2.4.10-10+deb8u8_amd64.deb
 7051fe995c6774171c816a4155a60753 1516 oldlibs extra apache2-mpm-prefork_2.4.10-10+deb8u8_amd64.deb
 e82aa67838c581d8217795dd6dbcb614 1520 oldlibs extra apache2-mpm-event_2.4.10-10+deb8u8_amd64.deb
 02087a3aca5137b2dfa84a16e798335f 1516 oldlibs extra apache2-mpm-itk_2.4.10-10+deb8u8_amd64.deb
 d75e14ca2236e25011f677c317d41860 1700 oldlibs extra apache2.2-bin_2.4.10-10+deb8u8_amd64.deb
 8f563c18f007dd36905c45b957ebad2b 125296 oldlibs extra apache2.2-common_2.4.10-10+deb8u8_amd64.deb
 7e6e33847d9ec6e7ca1d810e54d2e335 195542 httpd optional apache2-utils_2.4.10-10+deb8u8_amd64.deb
 d8e34574d2f54e31c5a27d1f2167184d 1658 oldlibs extra apache2-suexec_2.4.10-10+deb8u8_amd64.deb
 0f6146529311b60fdf76414c8216b31d 130468 httpd optional apache2-suexec-pristine_2.4.10-10+deb8u8_amd64.deb
 a711b33267a0a4ea94c57206ea37316e 132000 httpd extra apache2-suexec-custom_2.4.10-10+deb8u8_amd64.deb
 c5d33425a0d9f021d0b39df527b4634a 2726758 doc optional apache2-doc_2.4.10-10+deb8u8_all.deb
 48cbfda3a06e3ecafe6f13a4454a03cd 282096 httpd optional apache2-dev_2.4.10-10+deb8u8_amd64.deb
 fbe93f7d4eacb7f4dc3e2b24c2f69b84 1710146 debug extra apache2-dbg_2.4.10-10+deb8u8_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAliwgxsACgkQxodfNUHO
/eBCGBAAuEZC4ZPOU3jSpchWD0d9mt4I7YijN3Ao+fMcnM4S/woj3iLQCbJU7ThI
yjij9vDtspnRPIriGf1iECmXrye421KvEZ9wMFWZlmcManV/vSr+1vKqPK8ngN2+
GR+SookKOpeSJmtfbZn8H1qPF8ZMfwbU3SAsaCFQrW3rJjLwLHy3OZOEasrerXTq
w/04coSJLQXpBkhELLY3q7VPtjh8F5a6wrzYp41emg5QIIMAmYVXv2nf5XBpmx8R
cKhAB0f1Rg+0X0TGq+cKR6KPTwF5bCocM7A6QsXUliguFc+Th8LCkE6tovRW9miH
XbzSTcNPTKhc7ou60rkPYQKxy8ifTnG1lLjnOdz6GdFSgtU0/kXTBVp20uCzzzD2
oiNT4HucABG68evQoc6CGUzQpqVD5iibl1RzUHCsu4+7QaKSQz+ZsXkwRrLpVuOY
pNdjURtjuG5/LzjbmgJCOsk0wxJ8q0XxO6W9ikprSqxGsAZdoY2pdzY+ZB0HeQC5
wmPouIqjN+S/8eZdhm+Q+oowZHtauO+0U+n4MontTuxPqWpmej+UZQo/beyjuJay
Ty3mToyBayIa8ZVdEUv2k/FA25c+pVrSHxfc9chHqd57kuBN8Rok6pb00+aadBR1
N2IDFHdP8B8ryOL718fVuyrGszF0nIKJLjoOpioFPq6VbAQOb1I=
=9/uL
-----END PGP SIGNATURE-----

--- End Message ---