[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1109839: marked as done (apache2: in ssl.conf, SSLProtocol has a duplicate "all")

Your message dated Tue, 29 Jul 2025 20:34:13 +0000
with message-id <E1ugr1Z-0097qy-2r@fasolo.debian.org>
and subject line Bug#1109839: fixed in apache2 2.4.65-2
has caused the Debian Bug report #1109839,
regarding apache2: in ssl.conf, SSLProtocol has a duplicate "all"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1109839: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109839
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: apache2
Version: 2.4.65-1
Severity: minor

In the /etc/apache2/mods-available/ssl.conf file:

#   The protocols to enable.
#   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
#   SSL v2  is no longer supported
SSLProtocol all all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

"all" appears twice.

BTW, I suppose that -SSLv2 could be removed since SSLv2 is no longer
an available value.

-- Package-specific info:

-- System Information:
Debian Release: 13.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-security'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.38+deb13-amd64 (SMP w/16 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apache2 depends on:
ii  apache2-bin          2.4.65-1
ii  apache2-data         2.4.65-1
ii  apache2-utils        2.4.65-1
ii  init-system-helpers  1.68
ii  media-types          13.0.0
ii  perl                 5.40.1-5
ii  procps               2:4.0.4-8

Versions of packages apache2 recommends:
ii  ssl-cert  1.1.3

Versions of packages apache2 suggests:
ii  apache2-doc                                      2.4.65-1
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  elinks [www-browser]                             0.18.0-1+b1
ii  firefox [www-browser]                            140.0.4-1
ii  firefox-esr [www-browser]                        128.13.0esr-1
ii  links [www-browser]                              2.29-2+b3
ii  links2 [www-browser]                             2.29-2+b3
ii  lynx [www-browser]                               2.9.2-1
pn  ufw                                              <none>
ii  w3m [www-browser]                                0.5.3+git20230121-2.1

Versions of packages apache2-bin depends on:
ii  libapr1t64               1.7.5-1
ii  libaprutil1-dbd-sqlite3  1.6.3-3+b1
ii  libaprutil1-ldap         1.6.3-3+b1
ii  libaprutil1t64           1.6.3-3+b1
ii  libbrotli1               1.1.0-2+b7
ii  libc6                    2.41-10
ii  libcrypt1                1:4.4.38-1
ii  libcurl4t64              8.14.1-2
ii  libjansson4              2.14-2+b3
ii  libldap2                 2.6.10+dfsg-1
ii  liblua5.4-0              5.4.7-1+b2
ii  libnghttp2-14            1.64.0-1.1
ii  libpcre2-8-0             10.45-1
ii  libssl3t64               3.5.1-1
ii  libxml2                  2.12.7+dfsg+really2.9.14-2
ii  perl                     5.40.1-5
ii  zlib1g                   1:1.3.dfsg+really1.3.1-1+b1

Versions of packages apache2-bin suggests:
ii  apache2-doc                                      2.4.65-1
pn  apache2-suexec-pristine | apache2-suexec-custom  <none>
ii  elinks [www-browser]                             0.18.0-1+b1
ii  firefox [www-browser]                            140.0.4-1
ii  firefox-esr [www-browser]                        128.13.0esr-1
ii  links [www-browser]                              2.29-2+b3
ii  links2 [www-browser]                             2.29-2+b3
ii  lynx [www-browser]                               2.9.2-1
ii  w3m [www-browser]                                0.5.3+git20230121-2.1

Versions of packages apache2 is related to:
ii  apache2      2.4.65-1
ii  apache2-bin  2.4.65-1

-- Configuration Files:
/etc/apache2/mods-available/userdir.conf changed [not included]

-- no debconf information

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)

--- End Message ---
--- Begin Message --- 
Source: apache2
Source-Version: 2.4.65-2
Done: Bastien Roucariès <rouca@debian.org>

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1109839@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastien Roucariès <rouca@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 29 Jul 2025 19:52:31 +0200
Source: apache2
Architecture: source
Version: 2.4.65-2
Distribution: unstable
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1109839
Changes:
 apache2 (2.4.65-2) unstable; urgency=high
 .
   * Fix SSLProtocol has a duplicate "all"
     (Closes: #1109839)
   * Warn about misconfigured load balancer following fix of
     CVE-2025-23048.
Checksums-Sha1:
 842cbf2abe413d4f3d5c071c17be9b8a0a5e915f 3494 apache2_2.4.65-2.dsc
 4ed636770daecef70f300156d0ad0ee35e872623 824328 apache2_2.4.65-2.debian.tar.xz
 884b61b0e762c5175f3130f64e91793f574de5cf 11930 apache2_2.4.65-2_amd64.buildinfo
Checksums-Sha256:
 95dc154965dc99627580f9dbc6ba4b9c9a0ede366b2e10724c9f41f7ef8d98f9 3494 apache2_2.4.65-2.dsc
 2cd33c87bc7fbd455d1bda0c2beab8ba4bc3571684ffb8caba12f712c2154c24 824328 apache2_2.4.65-2.debian.tar.xz
 bed5d1af4323403393ad9980ed8b83f10b0ca03c65d19c2a23803d2d8236a6e7 11930 apache2_2.4.65-2_amd64.buildinfo
Files:
 fbeaf836f2eee2081627e22080b6dad5 3494 httpd optional apache2_2.4.65-2.dsc
 9da198eab03439205c613fddc821dda3 824328 httpd optional apache2_2.4.65-2.debian.tar.xz
 ffe21fd7840a673669d08a5cd14302ce 11930 httpd optional apache2_2.4.65-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmiJKIwACgkQADoaLapB
CF924hAAqPoZlEaUCnBpTBlGLSptJf0FuX1Fr6e8y1TZzZQL02BYEJPs6aTeSqqG
e3oUwfAxjYzxQy1kV+Cek7zBCTpnyJvMITBprMaVGAsj+kyakGOKg6s7qupV9Cl1
DJv+lPcPnlxaTnSPzO/9vFA5sGmC2pITB21zVGkIYVnS6jZMZ0MWH4PXNLICw8s7
YSe2EbvmIYaZGNI9FhukQaXPenxTS/GalwU0Nspvc79ONo1UKMD09vLKoS4MeFjr
QC5OYPq1udmHs4a3D+C2xoytEvBGW1pMsepJdvqCp5xFsqGXsze/cfEZLgQyTguH
saTYyI1gL7DzcqVHlbmEGaXNWYPc10gr1HPPt3418dKHtl0b1FGHTE1aqu22mlIj
r8XMMFoXP41cAFQTAV2SNasBhXyJ0+ob5GH9BupB8KiYNXzK+734UybF5m52i4Ez
Etxv1Yoy989o/eSwcrQJ95AFF54Jy4Md078e4FG8wQ/qqS2pnz5kBgohwMimSq5h
Luur3e40EzuI5RvMcf6qh4YsftpU6sF+2nZeWAmrrPxWkj+HgWH4Xh0dfRLZcINK
HzMP3MN3ToaEgu40BBpXBXR0wYtMlpJECY0KSyUwfO8SDIZFYdBOnbwAOWsUGSWD
vI1blMQct2XuIhIdoNhVKn4FcgaYQuuNwSUggGcihL/VEzSZw+Y=
=bDXi
-----END PGP SIGNATURE-----

Attachment: pgpZ7ivkpYLUb.pgp
Description: PGP signature


--- End Message ---
Reply to: