Your message dated Wed, 16 Sep 2009 22:03:59 +0000
with message-id <e1mo2bx-0006nz...@ries.debian.org>
and subject line Bug#541607: fixed in apache2 2.2.13-2
has caused the Debian Bug report #541607,
regarding apache2: fails to start because of SSL configuration changes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
541607: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=541607
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: apache2
Version: 2.2.12-1
Severity: grave
Justification: apache2 with a (quite common) SSL configuration won't work
Coin,
I just upgraded from 2.2.11-6 to 2.2.12-1, and my server failed to
start with the following error:
[error] Server should be SSL-aware but has no certificate
configured [Hint: SSLCertificateFile]
This configuration is working (unchanged) since months without any
problem, and all the SSL-aware vhosts have proper
SSLCertificateFile-and-friends parameters. My SSL certificate is not
expired and openssl verify is perfectly happy with it.
There is no indication in NEWS.Debian of any important configuration change.
I tried to add SSL parameters from a working SSL vhost at the global
configuration level, and the error disappeared, but the server still
fails to start. Without any other error message, i then don't know
what to do next to please this new version.
I reverted to 2.2.11-6 for the time being.
--
Marc Dequènes (Duck)
pgpRy9h9ySrxy.pgp
Description: PGP Digital Signature
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.2.13-2
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive:
apache2-dbg_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-dbg_2.2.13-2_i386.deb
apache2-doc_2.2.13-2_all.deb
to pool/main/a/apache2/apache2-doc_2.2.13-2_all.deb
apache2-mpm-event_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-mpm-event_2.2.13-2_i386.deb
apache2-mpm-itk_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-mpm-itk_2.2.13-2_i386.deb
apache2-mpm-prefork_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-mpm-prefork_2.2.13-2_i386.deb
apache2-mpm-worker_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-mpm-worker_2.2.13-2_i386.deb
apache2-prefork-dev_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-prefork-dev_2.2.13-2_i386.deb
apache2-suexec-custom_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-suexec-custom_2.2.13-2_i386.deb
apache2-suexec_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-suexec_2.2.13-2_i386.deb
apache2-threaded-dev_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-threaded-dev_2.2.13-2_i386.deb
apache2-utils_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2-utils_2.2.13-2_i386.deb
apache2.2-bin_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2.2-bin_2.2.13-2_i386.deb
apache2.2-common_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2.2-common_2.2.13-2_i386.deb
apache2_2.2.13-2.diff.gz
to pool/main/a/apache2/apache2_2.2.13-2.diff.gz
apache2_2.2.13-2.dsc
to pool/main/a/apache2/apache2_2.2.13-2.dsc
apache2_2.2.13-2_i386.deb
to pool/main/a/apache2/apache2_2.2.13-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 541...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch <s...@debian.org> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 16 Sep 2009 20:55:02 +0200
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork
apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec
apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev
apache2-threaded-dev apache2-dbg
Architecture: source i386 all
Version: 2.2.13-2
Distribution: unstable
Urgency: high
Maintainer: Debian Apache Maintainers <debian-apa...@lists.debian.org>
Changed-By: Stefan Fritsch <s...@debian.org>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Closes: 541536 541607 544509 545951
Changes:
apache2 (2.2.13-2) unstable; urgency=high
.
* mod_proxy_ftp security fixes (closes: #545951):
- DoS by malicious ftp server (CVE-2009-3094)
- missing input sanitization: a user could execute arbitrary ftp commands
on the backend ftp server (CVE-2009-3095)
* Add entries to NEWS.Debian and README.Debian about Apache being stricter
about certain misconfigurations involving name based SSL virtual hosts.
Also make Apache print the location of the misconfigured VirtualHost when
it complains about a missing SSLCertificateFile statement. Closes: #541607
* Add Build-Conflicts: autoconf2.13 (closes: #541536).
* Adjust priority of apache2-mpm-itk to extra.
* Switch apache2.2-common and the four mpm packages from architecture all to
any. This is stupid but makes apache2 binNMUable again (closes: #544509).
* Bump Standards-Version (no changes).
Checksums-Sha1:
bbd12d630b1005da87f4a40d1e7889a10c8de1e9 1813 apache2_2.2.13-2.dsc
7938c204ffb780f9f66dc20269d049f99877c53f 181484 apache2_2.2.13-2.diff.gz
34209f96e048870b3b3e957f2b3d95237bd04965 292296
apache2.2-common_2.2.13-2_i386.deb
208a848093a9cce5610ebb80ae1b59bb5b91587b 1301960
apache2.2-bin_2.2.13-2_i386.deb
85be746b8de17525a4c6fc3e42c2f77bdb189848 2268
apache2-mpm-worker_2.2.13-2_i386.deb
817038c091c470b463ed0eb30038d18055938701 2330
apache2-mpm-prefork_2.2.13-2_i386.deb
f5ea922ce44cc90f0d2dad5c1ba5cbb57fbfaa23 2300
apache2-mpm-event_2.2.13-2_i386.deb
5c7fb9e384ff086f5c759dd1c82a7a50f8cf61bb 2328 apache2-mpm-itk_2.2.13-2_i386.deb
80a939fcd07158426bf46a4335d98e3919393863 154800 apache2-utils_2.2.13-2_i386.deb
ee1532bdeb716d7a65b070f44c125a9b0c719417 90904 apache2-suexec_2.2.13-2_i386.deb
9705b9247d5f1bc8a43ce4fd23c0f473cf8c2755 92454
apache2-suexec-custom_2.2.13-2_i386.deb
9d94647ee45435dfe7b6fd615de87caa43a322d1 1376 apache2_2.2.13-2_i386.deb
15b21bf3143516d9cf474cf8b07eca7b0a4498ba 138032
apache2-prefork-dev_2.2.13-2_i386.deb
0695a7874db9faf3a1f3b3f486a02f1215a536b9 139216
apache2-threaded-dev_2.2.13-2_i386.deb
1fe9992cb0b4506b69deab0f1eba372167846b14 2672452 apache2-dbg_2.2.13-2_i386.deb
8f355ceb4dc3863438dcf5356f7cccf422c21a45 2272814 apache2-doc_2.2.13-2_all.deb
Checksums-Sha256:
aaf0110a68aa27e084f356c343c4aa411e35c01bdd519992615fa722cf72a5bd 1813
apache2_2.2.13-2.dsc
269b3301498c8ff0a5187502a1999ad7e78d35e3afafc2bfba8747d7256b5930 181484
apache2_2.2.13-2.diff.gz
bf601051a11727ca378925b2f08fc1c0f1fbc45fc375c54b38809974e1005b77 292296
apache2.2-common_2.2.13-2_i386.deb
4f1f9bb778349d1a8955e953364e9fcd22ff26f9007b568ee7f2ac3410beae54 1301960
apache2.2-bin_2.2.13-2_i386.deb
d9e11cea3b05c0eca723851beb6b6977db22d99221af107b8064072bbdd98087 2268
apache2-mpm-worker_2.2.13-2_i386.deb
bb7bc32609b0393c8f23c4092a919aec8541f7edb19b246124228bc7ad0d80c3 2330
apache2-mpm-prefork_2.2.13-2_i386.deb
efac0d8b55f1758170e41a824800703861cf64fe4dac0ff6d98d2612ec9e83d3 2300
apache2-mpm-event_2.2.13-2_i386.deb
c5d6389bb3d5a8ad95ac476ecd0b8eccf87eee9fdb022b662eed801d5c963a92 2328
apache2-mpm-itk_2.2.13-2_i386.deb
6f9fb6690307496ab52005723a80ca3e1cc8527170f57454610662324ffb4764 154800
apache2-utils_2.2.13-2_i386.deb
7a212bc37d2219500de6e15bf3224bb5a3348cd1ede593aa28812ed13779676d 90904
apache2-suexec_2.2.13-2_i386.deb
71baa7bce8942912efe669378dfe3f0fce5fe9542d8ec5f600821c157af35f27 92454
apache2-suexec-custom_2.2.13-2_i386.deb
7710a1cca521eae7ca282ae0f21d914577bcfadbf5c503cb31e4569d845127e7 1376
apache2_2.2.13-2_i386.deb
da938db98baecb070b2839d287e54a6d0d95a681e9ea8d04982b389080a9ccc5 138032
apache2-prefork-dev_2.2.13-2_i386.deb
dfc063caae79629fa18744cea730ef73be2c0fc103ba7f5f0c6c0c9c7871bec7 139216
apache2-threaded-dev_2.2.13-2_i386.deb
cf2718c27af28f88343d7e3b7f19d09651d5a12ec5b31d025432b3ab8e05ebaf 2672452
apache2-dbg_2.2.13-2_i386.deb
22fbf875bbaf412d194d8604d61bf3045769414d840d939f1558663796e77887 2272814
apache2-doc_2.2.13-2_all.deb
Files:
97bad00546872899c897af892c472e61 1813 httpd optional apache2_2.2.13-2.dsc
b86f09d23e32384f679276007cbd9095 181484 httpd optional apache2_2.2.13-2.diff.gz
471bccf7c92ca8ee22fae71ef847e52a 292296 httpd optional
apache2.2-common_2.2.13-2_i386.deb
286a5778b758a073aa296269e49cb596 1301960 httpd optional
apache2.2-bin_2.2.13-2_i386.deb
ffa4691e7df5d0178d5ff7f9322c1b41 2268 httpd optional
apache2-mpm-worker_2.2.13-2_i386.deb
e8743341f6b03f4c3d8b81fad957e738 2330 httpd optional
apache2-mpm-prefork_2.2.13-2_i386.deb
2ff7fa8d12596611ded962aae41fce0b 2300 httpd optional
apache2-mpm-event_2.2.13-2_i386.deb
22e76983a8954a25126b1e19f6b507ae 2328 httpd extra
apache2-mpm-itk_2.2.13-2_i386.deb
39a3ffb8d6162841a1269c23bfb13479 154800 httpd optional
apache2-utils_2.2.13-2_i386.deb
8ca00bd9a08c22b4797db31e4ee2abd7 90904 httpd optional
apache2-suexec_2.2.13-2_i386.deb
cf2ba08382e1563c0194152509e843b3 92454 httpd extra
apache2-suexec-custom_2.2.13-2_i386.deb
fd9b3cecff03088b35bddde0be34e2c8 1376 httpd optional apache2_2.2.13-2_i386.deb
7cfbf6f406d8cf1829d4ad5c8e5825b2 138032 httpd extra
apache2-prefork-dev_2.2.13-2_i386.deb
f527eb83f7179f02b7cc0bc13261ae07 139216 httpd extra
apache2-threaded-dev_2.2.13-2_i386.deb
0a58245ed8f8a40acf08589505afa026 2672452 debug extra
apache2-dbg_2.2.13-2_i386.deb
31bb0c0e3c48710812e5dda3fc128e5c 2272814 doc optional
apache2-doc_2.2.13-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFKsUSJbxelr8HyTqQRAgkBAJ9LUO53e3KLjYkG18vdJ06Jce90EwCdFwDa
WoBXtQ17ZlGTgSu60SHu65Q=
=XRVy
-----END PGP SIGNATURE-----
--- End Message ---