Package: libapache2-mod-fcgid Version: 1:2.3.9-1 Severity: important Tags: patch
Hi! libapache2-mod-fcgid always loads the whole request (including large file uploads) into memory although it shouldn't, since it should read the stream in parts. See FcgidMaxRequestInMem, default 65536 bytes. The issue is reported at https://bz.apache.org/bugzilla/show_bug.cgi?id=51747 including a working patch. Since the issue has not been handled for 7 years now, can we please include the patch at least in Debian? Thanks in advance! Best regards, Roland Reichwein -- System Information: Debian Release: 9.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (x86_64) Kernel: Linux 2.6.36.4-vs2.3.0.36.39-nc (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: unable to detect Versions of packages libapache2-mod-fcgid depends on: pn apache2-api-20120211 <none> pn apache2-bin <none> ii libc6 2.24-11+deb9u1 libapache2-mod-fcgid recommends no packages. libapache2-mod-fcgid suggests no packages. -- no debconf information
