From:
[email protected]
Package: apache-ssl
Version: 1.3.31-3
Severity: grave
Justification: user security hole
Basic Auth no longer works. Worked for years prior to upgrade. Auth module is loaded correctly from modules.conf
LoadModule auth_module /usr/lib/apache/1.3/mod_auth_ssl.so
regeneration of users & passwords using htpasswd also has no effect. apache-utils is also Version: 1.3.31-3
permissions appear to have no effect.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.7
Locale: LANG=C, LC_CTYPE=C
Versions of packages apache-ssl depends on:
ii apache-common 1.3.31-3 Support files for all Apache webse ii debconf 1.4.30 Debian configuration management sy ii dpkg 1.10.23 Package maintenance system for Deb ii libc6 2.3.2.ds1-13 GNU C Library: Shared libraries an ii libdb4.2 4.2.52-16 Berkeley v4.2 Database Libraries [ ii libexpat1 1.95.6-8 XML parsing C library - runtime li ii libkeynote0 2.3-10 Decentralized Trust-Management sys ii libmagic1 4.10-2 File type determination library us ii libpam0g 0.76-22 Pluggable Authentication Modules l ii libssl0.9.7 0.9.7d-5 SSL shared libraries
ii logrotate 3.7-2 Log rotation utility
ii mime-support 3.28-1 MIME files 'mime.types' & 'mailcap ii openssl 0.9.7d-5 Secure Socket Layer (SSL) binary a ii perl 5.8.4-2 Larry Wall's Practical Extraction ii ssl-cert 1.0-8 Simple debconf wrapper for openssl
-- debconf information:
apache-ssl/server-name: localhost
apache-ssl/server-admin:
[email protected]
* apache-ssl/enable-suexec: false
apache-ssl/init: true
apache-ssl/document-root: /var/www
--
To UNSUBSCRIBE, email to
[email protected]
with a subject of "unsubscribe". Trouble? Contact
[email protected]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)