Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Same problem!? Upgraded from sympa 5.4 to sympa_6.1.7~dfsg-2 Now wwsympa doesn't work any more. I got a lot of " Insecure errors when running setuid" in the logs, repeated many times. This are only the first and last lines ... [Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI:

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Dear all, This problem showed up recently and was fixed upstream: https://sourcesup.cru.fr/scm/viewvc.php?view=revision&root=sympa&revision=7215 I'm not sure whether this patch was already included in a new stable version but I'll tag the 6.1.8 pretty soon, so you will be able to add it to the

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

On Mon, Dec 19, 2011 at 09:39:54PM +0100, Emmanuel Bouthenot wrote: > Hi Olivier, > > On Thu, Dec 15, 2011 at 02:21:04PM +0100, Olivier Berger wrote: > [...] > > > I'm not sure, but I don't think so, for those errors above. > > > > On the other hand, the problem with these warnings : > > mod_fcg

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Hi Olivier, On Thu, Dec 15, 2011 at 02:21:04PM +0100, Olivier Berger wrote: [...] > I'm not sure, but I don't think so, for those errors above. > > On the other hand, the problem with these warnings : > mod_fcgid: stderr: Insecure dependency in open while running setuid at > /usr/share/sympa/li

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

On Mon, Nov 28, 2011 at 11:06:27PM +0100, Emmanuel Bouthenot wrote: > Hi Olivier, > > On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote: > > Package: sympa > > Version: 5.3.4-6.1 > > Severity: normal > > > > Hi. > > > > I just upgraded one of my servers from etch to lenny and got :

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Hi Olivier, On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote: > Package: sympa > Version: 5.3.4-6.1 > Severity: normal > > Hi. > > I just upgraded one of my servers from etch to lenny and got : > [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure > $ENV{PATH} whi

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

On Fri, Feb 20, 2009 at 02:40:58PM +0100, Olivier Berger wrote: > On Fri, Feb 20, 2009 at 02:25:14PM +0100, Olivier Berger wrote: > > > * Sympa 5.2 introduced a Perl wrapper for wwsympa.fcgi that uses > > > sudo. Do you use it? > > > > Nope... the wrapper is provided in the Debian packa

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

On Fri, Feb 20, 2009 at 02:25:14PM +0100, Olivier Berger wrote: > > * Sympa 5.2 introduced a Perl wrapper for wwsympa.fcgi that uses > > sudo. Do you use it? > > Nope... the wrapper is provided in the Debian package but not used in > the default setup. > I've tried with the wrapper an

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Le vendredi 20 février 2009 à 11:22 +0100, Olivier Salaün a écrit : > Hi Olivier, > > I might provide some useful informations : > > * first line of wwsympa.fcgi should look like "#!/usr/bin/perl -U". > If the "-U" option is missing, it might be the reason why you get > these warn

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Hi Olivier, I might provide some useful informations : * first line of wwsympa.fcgi should look like "#!/usr/bin/perl -U". If the "-U" option is missing, it might be the reason why you get these warnings/errors * Sympa 5.2 introduced a Perl wrapper for wwsympa.fcgi that uses

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Le jeudi 19 février 2009 à 17:40 +0100, Olivier Berger a écrit : > There's actually unfortunately more than these 2 : > > # grep "Insecure dependency" /var/log/apache2/error.log | sed > 's/.*Insecure/Insecure/g' | sed 's/, referer.*//g' | sort -u > Insecure dependency in open while running setui

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

title 516164 Several Insecure errors when running setuid in apache error log thanks On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote: > > I just upgraded one of my servers from etch to lenny and got : > [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure > $ENV{PAT

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Olivier Berger wrote: On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote: Package: sympa Version: 5.3.4-6.1 Severity: normal Hi. I just upgraded one of my servers from etch to lenny and got : [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure $ENV{PATH} while run

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

On Thu, Feb 19, 2009 at 05:12:30PM +0100, Olivier Berger wrote: > Package: sympa > Version: 5.3.4-6.1 > Severity: normal > > Hi. > > I just upgraded one of my servers from etch to lenny and got : > [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure > $ENV{PATH} while running se

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Olivier Berger wrote: Package: sympa Version: 5.3.4-6.1 Severity: normal Hi. I just upgraded one of my servers from etch to lenny and got : [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, line 37. [Th

Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log

Package: sympa Version: 5.3.4-6.1 Severity: normal Hi. I just upgraded one of my servers from etch to lenny and got : [Thu Feb 19 17:05:34 2009] [error] [client xxx.xxx.xxx.xxx] Insecure $ENV{PATH} while running setuid at /usr/lib/sympa/bin/Conf.pm line 295, line 37. [Thu Feb 19 17:05:34 2009]