[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#873945: marked as done (apache2-bin: apache2 with http2 segfault)



Your message dated Mon, 02 Jul 2018 16:47:10 +0000
with message-id <E1fa1yo-000ARR-5c@fasolo.debian.org>
and subject line Bug#873945: fixed in apache2 2.4.25-3+deb9u5
has caused the Debian Bug report #873945,
regarding apache2-bin: apache2 with http2 segfault
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
873945: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873945
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Title: apache2-bin: apache2 with http2 segfault
Package: apache2-bin
Version: 2.4.25-3+deb9u2
Severity: important
 
Dear Maintainer,
 
*** Reporter, please consider answering these questions, where appropriate ***
 
   * What led up to the situation?
 
SEGFAULT Apache2 with http2, just by having users visiting the site.
 
gdb /usr/sbin/apache2 core-apache2-11-33-33-16474-1504205745
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/apache2...Reading symbols from /usr/lib/debug/.build-id/1b/81c3ec196acae651912c3a4025bc1c6a07c375.debug...done.
done.
[New LWP 16532]
[New LWP 16477]
[New LWP 16474]
[New LWP 16475]
[New LWP 16479]
[New LWP 16476]
[New LWP 16480]
[New LWP 16481]
[New LWP 16511]
[New LWP 16478]
[New LWP 16487]
[New LWP 16482]
[New LWP 16512]
[New LWP 16489]
[New LWP 16483]
[New LWP 16491]
[New LWP 16494]
[New LWP 16513]
[New LWP 16484]
[New LWP 16499]
[New LWP 16485]
[New LWP 16500]
[New LWP 16516]
[New LWP 16502]
[New LWP 16486]
[New LWP 16504]
[New LWP 16517]
[New LWP 16488]
[New LWP 16506]
[New LWP 16507]
[New LWP 16490]
[New LWP 16518]
[New LWP 16492]
[New LWP 16509]
[New LWP 16514]
[New LWP 16519]
[New LWP 16522]
[New LWP 16527]
[New LWP 16520]
[New LWP 16523]
[New LWP 16524]
[New LWP 16525]
[New LWP 16529]
[New LWP 16495]
[New LWP 16533]
[New LWP 16496]
[New LWP 16497]
[New LWP 16535]
[New LWP 16498]
[New LWP 16501]
[New LWP 16536]
[New LWP 16503]
[New LWP 16537]
[New LWP 16505]
[New LWP 16510]
[New LWP 16515]
[New LWP 16521]
[New LWP 16526]
[New LWP 16528]
[New LWP 16530]
[New LWP 16531]
[New LWP 16534]
[New LWP 16538]
[New LWP 16539]
[New LWP 16540]
[New LWP 16541]
[New LWP 16493]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  h2_stream_out_prepare (stream=stream@entry=0x7ff7772330a0, plen=plen@entry=0x7ff77cfe89e0, peos=peos@entry=0x7ff77cfe89dc, presponse=presponse@entry=0x7ff77cfe89e8) at h2_stream.c:604
604     h2_stream.c: No such file or directory.
[Current thread is 1 (Thread 0x7ff77cfe9700 (LWP 16532))]
(gdb) bt
#0  h2_stream_out_prepare (stream=stream@entry=0x7ff7772330a0, plen=plen@entry=0x7ff77cfe89e0, peos=peos@entry=0x7ff77cfe89dc, presponse=presponse@entry=0x7ff77cfe89e8) at h2_stream.c:604
#1  0x00007ff7ae7bb6cb in on_stream_resume (ctx=0x7ff7768410a0, stream=0x7ff7772330a0) at h2_session.c:1576
#2  0x00007ff7ae7b2e3b in h2_mplx_dispatch_master_events (m=0x7ff7768412d0, _on_resume_=on_resume@entry=0x7ff7ae7bb500 <on_stream_resume>, _on_ctx_=on_ctx@entry=0x7ff7768410a0) at h2_mplx.c:1379
#3  0x00007ff7ae7bc7ab in h2_session_process (session=0x7ff7768410a0, async=async@entry=1) at h2_session.c:2210
#4  0x00007ff7ae7a8b2a in h2_conn_run (ctx=ctx@entry=0x7ff78c144360, c=c@entry=0x7ff78c14b348) at h2_conn.c:212
#5  0x00007ff7ae7aea5b in h2_h2_process_conn (c=0x7ff78c14b348) at h2_h2.c:658
#6  0x0000558b46d1e6f0 in ap_run_process_connection (c=c@entry=0x7ff78c14b348) at connection.c:42
#7  0x00007ff7ad8976e8 in process_socket (my_thread_num=<optimized out>, my_child_num=<optimized out>, cs=0x7ff78c14b2b8, sock=<optimized out>, p=0x7ff78c14b028, thd=<optimized out>) at event.c:1099
#8  worker_thread (thd=<optimized out>, dummy=<optimized out>) at event.c:2003
#9  0x00007ff7b1862494 in start_thread (arg=0x7ff77cfe9700) at pthread_create.c:333
#10 0x00007ff7b15a4aff in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
 
   * What exactly did you do (or not do) that was effective (or ineffective)?
 
http2 enabled caused it, disable module fixes it immediately
 
 
 
-- Package-specific info:
 
-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
 
Kernel: Linux 4.9.0-3-amd64 (SMP w/3 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
 
Versions of packages apache2-bin depends on:
ii  libapr1                  1.5.2-5
ii  libaprutil1              1.5.4-3
ii  libaprutil1-dbd-sqlite3  1.5.4-3
ii  libaprutil1-ldap         1.5.4-3
ii  libc6                    2.24-11+deb9u1
ii  libldap-2.4-2            2.4.44+dfsg-5
ii  liblua5.2-0              5.2.4-1.1+b2
ii  libnghttp2-14            1.18.1-1
ii  libpcre3                 2:8.39-3
ii  libssl1.0.2              1.0.2l-2
ii  libxml2                  2.9.4+dfsg1-2.2+deb9u1
ii  perl                     5.24.1-3+deb9u1
ii  zlib1g                   1:1.2.8.dfsg-5
 
apache2-bin recommends no packages.
 
Versions of packages apache2-bin suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34
 
Versions of packages apache2 depends on:
ii  apache2-data         2.4.25-3+deb9u2
ii  apache2-utils        2.4.25-3+deb9u2
ii  dpkg                 1.18.24
ii  init-system-helpers  1.48
ii  lsb-base             9.20161125
ii  mime-support         3.60
ii  perl                 5.24.1-3+deb9u1
ii  procps               2:3.3.12-3
 
Versions of packages apache2 recommends:
ii  ssl-cert  1.0.39
 
Versions of packages apache2 suggests:
pn  apache2-doc                                      <none>
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  w3m [www-browser]                                0.5.3-34
 
Versions of packages apache2-bin is related to:
ii  apache2      2.4.25-3+deb9u2
ii  apache2-bin  2.4.25-3+deb9u2
 
-- no debconf information
 

 

 

 


--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.4.25-3+deb9u5

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 873945@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 02 Jun 2018 10:01:13 +0200
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source amd64 all
Version: 2.4.25-3+deb9u5
Distribution: stretch
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 850947 873945 897218 898563
Changes:
 apache2 (2.4.25-3+deb9u5) stretch; urgency=medium
 .
   * Upgrade mod_http and mod_proxy_http2 to the versions from 2.4.33. This
     fixes
     - CVE-2018-1302: mod_http2: Potential crash w/ mod_http2
     - Segfaults in mod_http2 (Closes: #873945)
     - mod_http2 issue with option "Indexes" and directive "HeaderName"
       (Closes: #850947)
     Unfortunately, this also removes support for http2 when running on
     mpm_prefork.
   * mod_http2: Avoid high memory usage with large files, causing crashes on
     32bit archs. Closes: #897218
   * Make the apache-htcacheclean init script actually look into
     /etc/default/apache-htcacheclean for its config. Closes: #898563
Checksums-Sha1:
 fdac535212c1cf95c335c058966b09341cca546f 2986 apache2_2.4.25-3+deb9u5.dsc
 222669e18a9027b65e7d49c5addb58670a627449 786444 apache2_2.4.25-3+deb9u5.debian.tar.xz
 42daafa1a07e6af45f9db52c94b318ffc5504bbf 1185526 apache2-bin_2.4.25-3+deb9u5_amd64.deb
 faf46c716f49448978c8999f3155ec64b6ce8a93 162430 apache2-data_2.4.25-3+deb9u5_all.deb
 37fb8923ae00f527086924e9b1eb5b2e1c29635d 4016942 apache2-dbg_2.4.25-3+deb9u5_amd64.deb
 33d6b7816874b12fea0dcb09e9563128ac74931c 313898 apache2-dev_2.4.25-3+deb9u5_amd64.deb
 24e76f8ba471f18899735f371c9f4dc442ef8876 3770868 apache2-doc_2.4.25-3+deb9u5_all.deb
 d4b76295607383d06d970252fb6f514cec41cf94 2264 apache2-ssl-dev_2.4.25-3+deb9u5_amd64.deb
 d745709ad9f29b3fa48cb7a08a8a41015d19abc8 155174 apache2-suexec-custom_2.4.25-3+deb9u5_amd64.deb
 ec4471ee41e7fa3bd0afcaca8bc7b7a365fcafe0 153704 apache2-suexec-pristine_2.4.25-3+deb9u5_amd64.deb
 0568111f1c2eaa209919ae4e94beeac4f3bc4419 217066 apache2-utils_2.4.25-3+deb9u5_amd64.deb
 a81e796710a4c0974fd6ba013d6d772df666eb09 10102 apache2_2.4.25-3+deb9u5_amd64.buildinfo
 fe3bd51275b977b519ffcc9a70d84996106dc92d 235980 apache2_2.4.25-3+deb9u5_amd64.deb
Checksums-Sha256:
 89f87b98db2629bb298e83a27bfc8078a141e6001303b55cc5947e4535aba43b 2986 apache2_2.4.25-3+deb9u5.dsc
 66d6f8381e5e913e0e20fa5d555115d55d82dbbd2110c3c44d591840bf57f143 786444 apache2_2.4.25-3+deb9u5.debian.tar.xz
 259001920e738bcff8b06dc59c5ed0e2c279de7995b4a7763c0c73b29a7a46ac 1185526 apache2-bin_2.4.25-3+deb9u5_amd64.deb
 0407478f446ed7253b7f43c3907ae4bc4c913437c1e0b8b75db2bd35a15480e2 162430 apache2-data_2.4.25-3+deb9u5_all.deb
 5ecceac2ffbe5776fc5007fda814f3235a1f68a980bee15dfb961dbcf87d854c 4016942 apache2-dbg_2.4.25-3+deb9u5_amd64.deb
 859f190b80bcf14197f1060f3bbba43f403615004b1fc3d840f2fd226337eda5 313898 apache2-dev_2.4.25-3+deb9u5_amd64.deb
 6b51d63e7224f88298655723d3fa75a878c030882e89d8b4919ee0e7299cb770 3770868 apache2-doc_2.4.25-3+deb9u5_all.deb
 e7ef47fb459933c2786f11e414b5f38ec41e385b6daa091e643029e2190fadbd 2264 apache2-ssl-dev_2.4.25-3+deb9u5_amd64.deb
 2e9152dbb2449789598774ac29badf45fe54e473978f6ec0226027a87a58f893 155174 apache2-suexec-custom_2.4.25-3+deb9u5_amd64.deb
 2f2db56dee710dee5c023d3eae51fc0687fa0b24addb0693f9a0988fffedf8b9 153704 apache2-suexec-pristine_2.4.25-3+deb9u5_amd64.deb
 65048e223915b9fe2ad5d6af2ab2cbb06b07f79bb7f3af0abc22b3ad4db73ca5 217066 apache2-utils_2.4.25-3+deb9u5_amd64.deb
 10609d5e3c05a7c162e93bb9bd6896f42609252cfb51dfc697c880aa8965f674 10102 apache2_2.4.25-3+deb9u5_amd64.buildinfo
 2f0b391e8ad280747fcb4846d2fa48135e2bccd6bb358e3ca5dd50b08713bacc 235980 apache2_2.4.25-3+deb9u5_amd64.deb
Files:
 adca6af370ddcabf704dd20529dcd12c 2986 httpd optional apache2_2.4.25-3+deb9u5.dsc
 d7a3d205fc0516654e904c6f844d5887 786444 httpd optional apache2_2.4.25-3+deb9u5.debian.tar.xz
 06fe2c27af927b1e8d95acbec6d4eabf 1185526 httpd optional apache2-bin_2.4.25-3+deb9u5_amd64.deb
 a7dc8ef5496a3d9fe736d1b71a0ea8ae 162430 httpd optional apache2-data_2.4.25-3+deb9u5_all.deb
 f445cd12998b585e500864e38af2cd23 4016942 debug extra apache2-dbg_2.4.25-3+deb9u5_amd64.deb
 a037c139900c8d9f7d4e7e18104d8449 313898 httpd optional apache2-dev_2.4.25-3+deb9u5_amd64.deb
 496e62321bc3635702273f3fc347a772 3770868 doc optional apache2-doc_2.4.25-3+deb9u5_all.deb
 805f7c041563282647d7371691c9e1a3 2264 httpd optional apache2-ssl-dev_2.4.25-3+deb9u5_amd64.deb
 a976442c7c324f09eb87e414a6eef666 155174 httpd extra apache2-suexec-custom_2.4.25-3+deb9u5_amd64.deb
 ead7c32c002109866da50589aeb6420c 153704 httpd optional apache2-suexec-pristine_2.4.25-3+deb9u5_amd64.deb
 230b2c6b1b2bff67c1548819d90abc2a 217066 httpd optional apache2-utils_2.4.25-3+deb9u5_amd64.deb
 1472bd7aed256344348f5354b7c0ec60 10102 httpd optional apache2_2.4.25-3+deb9u5_amd64.buildinfo
 196a09a927954e927802fa47bcc0bf52 235980 httpd optional apache2_2.4.25-3+deb9u5_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAlsSVMMACgkQxodfNUHO
/eA6ixAArXXpZ7PBw/3hm6OJUTdj4zCbRnq9IQqBd+A5jyuKE0AAByYlaAn5VgBu
8LcRABX/GtoGQ7QGWCaXS8nPtiJv0Tt0DcrttFCVUaqPfLva7tvUluB1Ok1wchXI
B4u5VErSNaqrJZCQWqi9O7vKPzeWTpAU1M0I9SsnxVce8B9EH3vRIF2xo0y/KAkS
6f1ae6hhRoD7ScWwpPW2LSGB/UlhzlGLNAY1KyBuEhy56VzI9UWZN/M6lbTb15E2
OP4acrKTqy99leojQU/6qjlkdHzLEgWryF/k5eRa5n5QOQ3l39mfUTFEHJxvZvpb
C2SRnc/VuumegTjM//tnIwHbf+IO2vpqt0b0kT/24IMiqMiVqd3XWLQ3NrGA2NTD
hSLdz5aUp6ESXFULHisSOAfdFefoFtx4TuNTIWt0txXCw6TVUV8/+Xe7H9EVR/C/
edKXZ8xSx/8m4LN5uENamEjc34Z3bKIfB9yp69MKtCElHQBW8ezDOwYLpoXSuHHw
dyLfXRK6918twisffzqjeu4XiEgBrAE3v7Kz1s1xnqhH4DeEa0GGNATsft0N8p7n
UgOPVfls//TI9qR79IJKx1rSU6h23CBd9AIh38kroY0JXayBj8nqKJLyEamLS8+b
LlTK1ZOqs7xqaxGxVXx2auLxDLoi9dNsDhsTCzMSWU9D/h/xVLw=
=Tggv
-----END PGP SIGNATURE-----

--- End Message ---

Reply to: