Date: Mon, 15 May 2006 03:16:33 +0100 From: Chris <chrcoluk@gmail.com> To: freebsd-ports@freebsd.org Subject: Re: Bug in Apache 1.3.35 ... or something changed ... ? Message-ID: <3aaaa3a0605141916g426ab631m4d9f3321930a4543@mail.gmail.com> In-Reply-To: <20060513065041.GA82761@pentarou.parodius.com> References: <20060513003616.Q1279@ganymede.hub.org> <20060513065041.GA82761@pentarou.parodius.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 13/05/06, Jeremy Chadwick <freebsd@jdc.parodius.com> wrote: > On Sat, May 13, 2006 at 12:39:47AM -0300, Marc G. Fournier wrote: > > Don't know if anyone else has noticed this, but I just installed apache > > 1.3.35 on one of my FreeBSD 6.x/amd64 servers, and it no longer appears= to > > process my: > > > > Include etc/apache/virtual_hosts/*.conf > > > > directive ... > > > > {snip} > > > > Anyone? > > Looks to me like the Apache team botched it up and didn't test > commits thoroughly -- AGAIN. This has becoming a habit of theirs > in recent years. :-) I could be completely wrong with the > facts shown below, but CVS is CVS... > > Here's the committed change and all associated files. Note that > this is the 2nd-to-most-recent commit to the 1.3.x tree: > > http://svn.apache.org/viewcvs.cgi?rev=3D396294&view=3Drev > > The applicable source-code change is here, and I see absolutely no > support for wildcards in the code, which explains why it broke: > > http://svn.apache.org/viewcvs.cgi/httpd/httpd/branches/1.3.x/src/main/htt= p_config.c?rev=3D396294&view=3Ddiff&r1=3D396294&r2=3D396293&p1=3Dhttpd/http= d/branches/1.3.x/src/main/http_config.c&p2=3D/httpd/httpd/branches/1.3.x/sr= c/main/http_config.c > > The official "patch" submitted can be viewed here, and is the > responsibility of an Apache developer ("colm"): > > http://people.apache.org/~colm/include_directive-1.3.patch > > Someone obviously realised the mistake and backed out the commit, > as you can see in the commit reason here: > > >>> "Back out 396294. This keeps HEAD in a non-regression state > >>> and allows us to re-add/fix the functionality "later on" > > http://svn.apache.org/viewcvs.cgi?rev=3D405142&view=3Drev > > So basically your options at this point are as follows: > > * Upgrade to 2.0 or 2.2 (recommended unless you use Apache modules > which don't support it) > * Stick with 1.3.34 (not recommended due to the security hole) > * Stop using wildcards in your Include directives (until they release > 1.3.36 or higher, of course) and specify individual files > * Use a trunk/CVS build (risky) > > -- > | Jeremy Chadwick jdc at parodius.com | > | Parodius Networking http://www.parodius.com/ | > | UNIX Systems Administrator Mountain View, CA, USA | > | Making life hard for others since 1977. | > > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" > Apache really should release 1.3.35a or something but wouldnt surprise me if they leave a buggy version as latest release for a while. Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3aaaa3a0605141916g426ab631m4d9f3321930a4543>