Hosting Provided By

Bug#443196: marked as done (apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory)

From: Debian Bug Tracking System <owner(at)bugs.debian.org>
Date: Sat Sep 22 2007 - 16:06:05 EDT

Your message dated Sat, 22 Sep 2007 19:56:18 +0000 with message-id <E1IZB5O-0004Hw-Oc@ries.debian.org> and subject line Bug#443196: fixed in apache2 2.2.3-4+etch3 has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

attached mail follows:

Package: apache2-mpm-worker
Version: 2.2.3-4+etch1
Severity: critical
Justification: breaks the whole system

Start with a simple apache2.conf containing two vhosts:

Do you need help?

Listen 192.168.1.1:80
<VirtualHost 192.168.1.1:80>
ServerName my.server
DocumentRoot /var/www
</VirtualHost>

Listen 192.168.1.2:80
<VirtualHost 192.168.1.2:80>
ServerName my.server
DocumentRoot /var/www
</VirtualHost>

With Apache running, edit apache2.conf to remove the first vhost (i.e. comment out the first Listen+VirtualHost section) and reload Apache
(SIGUSR1). It then consumes all memory, making the system unusable
until the process is killed.

System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: amd64 Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-amd64 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
attached mail follows:

Source: apache2
Source-Version: 2.2.3-4+etch3

We believe that the bug you reported is fixed in the latest version of apache2, which is due to be installed in the Debian FTP archive:

apache2-doc_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2-doc_2.2.3-4+etch3_all.deb apache2-mpm-event_2.2.3-4+etch3_i386.deb   to pool/main/a/apache2/apache2-mpm-event_2.2.3-4+etch3_i386.deb apache2-mpm-perchild_2.2.3-4+etch3_all.deb   to pool/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch3_all.deb apache2-mpm-prefork_2.2.3-4+etch3_i386.deb   to pool/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch3_i386.deb apache2-mpm-worker_2.2.3-4+etch3_i386.deb   to pool/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch3_i386.deb apache2-prefork-dev_2.2.3-4+etch3_i386.deb   to pool/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch3_i386.deb apache2-src_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2-src_2.2.3-4+etch3_all.deb apache2-threaded-dev_2.2.3-4+etch3_i386.deb   to pool/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch3_i386.deb apache2-utils_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2-utils_2.2.3-4+etch3_i386.deb apache2.2-common_2.2.3-4+etch3_i386.deb
  to pool/main/a/apache2/apache2.2-common_2.2.3-4+etch3_i386.deb apache2_2.2.3-4+etch3.diff.gz
  to pool/main/a/apache2/apache2_2.2.3-4+etch3.diff.gz apache2_2.2.3-4+etch3.dsc
  to pool/main/a/apache2/apache2_2.2.3-4+etch3.dsc apache2_2.2.3-4+etch3_all.deb
  to pool/main/a/apache2/apache2_2.2.3-4+etch3_all.deb

Do you need more help?

A summary of the changes between this version and the previous one is attached.

Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 443196@bugs.debian.org, and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software pp.
Stefan Fritsch <sf@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 15 Sep 2007 11:33:58 +0200
Source: apache2
Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2.2-common apache2-mpm-worker apache2-src apache2-threaded-dev apache2-mpm-perchild Architecture: source all i386
Version: 2.2.3-4+etch3
Distribution: stable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Stefan Fritsch <sf@debian.org> Description:
apache2 - Next generation, scalable, extendable web server

 apache2-doc - documentation for apache2
 apache2-mpm-event - Event driven model for Apache HTTPD 2.1
 apache2-mpm-perchild - Transitional package - please remove
 apache2-mpm-prefork - Traditional model for Apache HTTPD 2.1
 apache2-mpm-worker - High speed threaded model for Apache HTTPD 2.1
 apache2-prefork-dev - development headers for apache2
 apache2-src - Apache source code
 apache2-threaded-dev - development headers for apache2
 apache2-utils - utility programs for webservers

apache2.2-common - Next generation, scalable, extendable web server Closes: 441845 443196
Changes:
apache2 (2.2.3-4+etch3) stable; urgency=low .

fix CVE-2007-3847: DoS in mod_proxy (for threaded MPMs) (Closes: #441845)
Don't eat all memory on graceful restart when config has changed from many listening sockets to one (Closes: #443196) Files: ba55ad79fd3c89a1cfb6b885b1993825 1068 web optional apache2_2.2.3-4+etch3.dsc 6d768b11c97a321a0e8c9249e949ab91 111619 web optional apache2_2.2.3-4+etch3.diff.gz 631e142ac2a0e9e2b2232d93d0f20af3 962480 web optional apache2.2-common_2.2.3-4+etch3_i386.deb 2afcadbdf1c43bbcced0a153f2e6855c 422638 web optional apache2-mpm-worker_2.2.3-4+etch3_i386.deb 9f12ebe74eb26350082106ecb67dbd86 418870 web optional apache2-mpm-prefork_2.2.3-4+etch3_i386.deb 0e719f33bd4c909d5a55acbca33bf23d 423212 web optional apache2-mpm-event_2.2.3-4+etch3_i386.deb a91938ec934908fa3d50bbd86e54de49 342068 web optional apache2-utils_2.2.3-4+etch3_i386.deb c4cf8aa286d21e9ce0f8682755ae0488 407284 devel optional apache2-prefork-dev_2.2.3-4+etch3_i386.deb ea3daac53c745850b8696e22d79afe4e 407898 devel optional apache2-threaded-dev_2.2.3-4+etch3_i386.deb b37190594bfe638f5aa8a5503f7d4c45 273730 web optional apache2-mpm-perchild_2.2.3-4+etch3_all.deb 5ce5f2c7902102548d2b34640542e9a2 40424 web optional apache2_2.2.3-4+etch3_all.deb c05606ffde65b8e3276d21f58242917a 2207486 doc optional apache2-doc_2.2.3-4+etch3_all.deb 5381a88a04d93b9985b15614c325cbda 6613604 devel extra apache2-src_2.2.3-4+etch3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG8YKAbxelr8HyTqQRAmc+AKCF1kE0PaPsBUqsdrZst/wxk+OFcgCgkYtx SDBEfEW/7jvOjetcTbNw5xc=
=CYaH
-----END PGP SIGNATURE-----

-- 
To UNSUBSCRIBE, email to debian-apache-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Received on Sat Sep 22 16:06:34 2007

Can we help you?

This message: [ Message body ]
Next message: Christian Perrier: "[RFR] templates://ssl-cert/{templates}"
Previous message: Debian Bug Tracking System: "Bug#441845: marked as done (CVE-2007-3847: apache2 denial of service vulnerability (for threaded MPMs) in mod_proxy)"
In reply to: moog: "Bug#443196: apache2-mpm-worker: reload after altering apache2.conf immediately eats all memory"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 07 2007 - 07:57:45 EDT