Ubuntu
libapache2-mod-nss package

Request header field is missing ':' separator.

Bug #1093974 reported by Digitek
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
libapache2-mod-nss (Ubuntu)
Fix Released
Undecided
Unassigned
Precise
Fix Released
Undecided
Timo Aaltonen
Quantal
Fix Released
Undecided
Unassigned

Bug Description

[Impact]

HTTPS access to 389 admin console is broken

[Test Case]

install 389 instance and the admin console, try accessing it over SSL

[Regression Potential]

low, the patch has been in Fedora for quite some time

--

It happens when you use SSL to access the 389 Directory server.
When you click on the help button in the admin console, a new browser window opened and displays the error:
Bad Request

Your browser sent a request that this server could not understand.
Request header field is missing ':' separator.

Accept-Encoding/*;q=0.8

Apache/2.2 Server at ldap.testserver.local Port 443

It seems that this error has been fixed in Fedora and Redhat:
https://bugzilla.redhat.com/show_bug.cgi?id=669118

Environment:
ubuntu 12.04 precise
389-admin-console 1.1.8-1~ubuntu4
389-ds-console 1.2.6-0ubuntu1
libapache2-mod-nss 1.0.8-2~ubuntu3

See original description
Timo Aaltonen (tjaalton)
Changed in libapache2-mod-nss (Ubuntu Precise):
assignee: nobody → Timo Aaltonen (tjaalton)
description: updated
Timo Aaltonen (tjaalton)
Changed in libapache2-mod-nss (Ubuntu Precise):
status: New → In Progress
Revision history for this message
Timo Aaltonen (tjaalton) wrote :

btw, thanks for the bug!

Revision history for this message
Digitek (mykr0t) wrote :

Thank you too...

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libapache2-mod-nss - 1.0.8-2ubuntu1

---------------
libapache2-mod-nss (1.0.8-2ubuntu1) raring; urgency=low

  * Merge from unreleased debian git.

libapache2-mod-nss (1.0.8-3) UNRELEASED; urgency=low

  * watch: Add a comment about the upstream git tree.
  * mod_nss-overlapping_memcpy.patch: Patch from Fedora to use memmove
    instead of memcpy. (LP: #1093974)
 -- Timo Aaltonen <email address hidden> Fri, 08 Feb 2013 23:17:37 +0200

Changed in libapache2-mod-nss (Ubuntu):
status: New → Fix Released
Revision history for this message
Colin Watson (cjwatson) wrote :

Timo, quantal has the same version of this package. To preserve upgrade handling, could you please upload a higher version to quantal as well? https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging has a version numbering scheme you might use.

Revision history for this message
Dave Walker (davewalker) wrote :

Timo, is there any progress on this? It should be a case of uploading the same version to Quantal, with a higher version than the one in the Precise queue.

To be clear, the Precise upload shouldn't be processed until the Quantal one is ready, to at least do it in tandem.

Thanks.

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

right, uploaded it now for quantal too

Changed in libapache2-mod-nss (Ubuntu Quantal):
status: New → In Progress
Revision history for this message
Chris Halse Rogers (raof) wrote : Please test proposed package

Hello Digitek, or anyone else affected,

Accepted libapache2-mod-nss into quantal-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/libapache2-mod-nss/1.0.8-2~ubuntu3.12.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in libapache2-mod-nss (Ubuntu Quantal):
status: In Progress → Fix Committed
tags: added: verification-needed
Changed in libapache2-mod-nss (Ubuntu Precise):
status: In Progress → Fix Committed
Revision history for this message
Chris Halse Rogers (raof) wrote :

Hello Digitek, or anyone else affected,

Accepted libapache2-mod-nss into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/libapache2-mod-nss/1.0.8-2~ubuntu3.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

Digitek, please test the uploaded version..

Revision history for this message
Digitek (mykr0t) wrote :

Sorry for the late reply.

I checked it today in fresh install of precise with latest updates and proposed repos enabled and cant reproduce the bug.

I wil try to check it in quantal soon...

Revision history for this message
Brian Murray (brian-murray) wrote :

While the verification for Precise has been completed we need the verification done for Quantal as the Precise version number is greater than the one currently in Quantal.

Revision history for this message
Digitek (mykr0t) wrote :

Hi, All.

I checked it in fresh install of Quantal with proposed updates enabled.

$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=12.10
DISTRIB_CODENAME=quantal
DISTRIB_DESCRIPTION="Ubuntu 12.10"

Package: libapache2-mod-nss
State: installed
Automatically installed: yes
Version: 1.0.8-2~ubuntu3.12.10.1

Package 389-console in quantal - broken.
Depends: libidm-console-framework-java, openjdk-6-jre | java6-runtime

With installed openjdk-6-jre, when i try to open admin server or directory server 389-console crushed with exceptions:

Exception in thread "AWT-EventQueue-0" java.lang.UnsupportedClassVersionError: com/netscape/admin/dirserv/DSAdmin : Unsupported major.minor version 51.0
 at java.lang.ClassLoader.defineClass1(Native Method)
 at java.lang.ClassLoader.defineClass(ClassLoader.java:634)
 at java.lang.ClassLoader.defineClass(ClassLoader.java:480)

Exception in thread "AWT-EventQueue-0" java.lang.UnsupportedClassVersionError: com/netscape/management/admserv/AdminServer : Unsupported major.minor version 51.0
 at java.lang.ClassLoader.defineClass1(Native Method)
 at java.lang.ClassLoader.defineClass(ClassLoader.java:634)
 at java.lang.ClassLoader.defineClass(ClassLoader.java:480)

With installed openjdk-7-jdk and updated alternatives for java 389-console worked like a charm. I cant reproduce the bug #1093974. Please forward backtrace with broken 389-console dependencies for appropriate persons. Thanks.

Revision history for this message
Brian Murray (brian-murray) wrote :

While there is an error with the dependencies for 389-console that should prevent the release of the libapache2-mod-nss SRU.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libapache2-mod-nss - 1.0.8-2~ubuntu3.1

---------------
libapache2-mod-nss (1.0.8-2~ubuntu3.1) precise; urgency=low

  * mod_nss-overlapping_memcpy.patch: Patch from Fedora to use memmove
    instead of memcpy. (LP: #1093974)
 -- Timo Aaltonen <email address hidden> Fri, 08 Feb 2013 23:41:33 +0200

Changed in libapache2-mod-nss (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libapache2-mod-nss - 1.0.8-2~ubuntu3.12.10.1

---------------
libapache2-mod-nss (1.0.8-2~ubuntu3.12.10.1) quantal; urgency=low

  * mod_nss-overlapping_memcpy.patch: Patch from Fedora to use memmove
    instead of memcpy. (LP: #1093974)
 -- Timo Aaltonen <email address hidden> Fri, 08 Feb 2013 23:41:33 +0200

Changed in libapache2-mod-nss (Ubuntu Quantal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.