As the bug is now fixed upstream [1], can we get a patch for the current
stable (bullseye)? Because it's impossible to have SSL on apache without
the mod-gnutls
I know maybe it's impossible to re-insert a removed package to stable, but,
I beg the Debian people to let this package come back directl
Finally managed to write a patch. This patch applies ok on mod-gnutls
0.9.0 and not sure if it will work for buster.
--
Atte. Félix Arreola
Firmado con GPG 0x1e249ee4
Author: Félix Arreola RodrÃguez
Date: Thu, 5 Jun 2022 10:42:46 -0500
Subject: Fix a loop caused by timeout if mod_reqtimeout is
Tags 942737 security
thanks
--
Atte. Félix Arreola
Firmado con GPG 0x1e249ee4
pgpJSeaWennzx.pgp
Description: Firma digital OpenPGP
Now I think this bug, this could be used as DOS, should we call the
security team to handle this?
--
Atte. Félix Arreola
Firmado con GPG 0x1e249ee4
pgpV3xZ_Wj95S.pgp
Description: Firma digital OpenPGP
On Mon, 16 Dec 2019 02:37:50 +0100 =?UTF-8?Q?Bernhard_=c3=9cbelacker?=
wrote:
> Dear Maintainer,
> tried to reconstruct the given backtrace with debug symbols
> in a gdb session and came to following, maybe it could be
> of some help.
> (Still a proper backtrace with dbgsym packages
> installed wo
Dear Maintainer,
tried to reconstruct the given backtrace with debug symbols
in a gdb session and came to following, maybe it could be
of some help.
(Still a proper backtrace with dbgsym packages
installed would be better.)
Kind regards,
Bernhard
Reconstructed:
#0 0x7f78b4cfb92f in gnutls_a
Package: libapache2-mod-gnutls
Version: 0.9.0-1
Severity: grave
Tags: upstream
Justification: renders package unusable
Dear Maintainer,
I have updated apache2 & mod gnutls application. In testing with a basic html
page,
I notice that apache2 process loops infinitly, "ps" output:
www-data 6103
7 matches
Mail list logo
