ports/97672: www/apache22 BROKEN on FreeBSD 4
Dan Lukes
dan at obluda.cz
Tue May 23 02:20:18 UTC 2006
>Number: 97672
>Category: ports
>Synopsis: www/apache22 BROKEN on FreeBSD 4
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue May 23 02:20:15 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Dan Lukes
>Release: FreeBSD 4.11-RELEASE-p17 i386
>Organization:
Obludarium
>Environment:
System: FreeBSD 4.11-RELEASE-p17 i386
>Description:
Apply to FreeBSD 4.x only:
Bug in OPENSSL's secure stack handling cause httpd+mod_ssl abends during
graceful restart
For detailed informations see the OpenSSL's PR:
http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=1047
>How-To-Repeat:
Compile www/apache22 on RELENG_4*, start httpd it with mod_ssl present (it's
not necesarry to configure a SSL VHOST or server). Then request graceful restart.
ABEND of httpd will ocur.
>Fix:
In the fact, the problem is not within Apache but libcrypto.
The FreeBSD 4.11 and RELENG_4 contain OpenSSL 0.9.7d-p1,
the libcrypto bug has been repaired in newer versions of OpenSSL (starting from 0.9.7e).
Unfortunatelly, as it's not security bug, we can't wish it will be patched
in 4.11-R branch. Also, it's not so probable the 0.9.7e will be MFC'ed into RELENG_4.
So, as a workaround, we should make www/apache22 depend on security/openssl port
(on FreeBSD 4.x only)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list