[Pkg-sympa-devel] Bug#516164: sympa: 2 Insecure errors when running setuid in apache error log
Giorgio Volpe
giorgio at movi.fvg.it
Sat Jan 7 16:30:55 UTC 2012
Same problem!?
Upgraded from sympa 5.4 to sympa_6.1.7~dfsg-2
Now wwsympa doesn't work any more.
I got a lot of " Insecure errors when running setuid" in the logs, repeated many times. This are only the first and last
lines ...
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stder
r: Insecure dependency in sprintf while running setuid at /usr/lib/perl/5.14/Sys/Syslog.pm line 368.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stder
r: Use of uninitialized value $_[0] in sprintf at /usr/lib/perl/5.14/Sys/Syslog.pm line 368.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stder
r: Use of uninitialized value $_[1] in sprintf at /usr/lib/perl/5.14/Sys/Syslog.pm line 368.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stder
r: Insecure dependency in open while running setuid at /usr/share/sympa/lib/Lock.pm line 255.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in open while running setuid at /usr/share/sympa/lib/Lock.pm line 255.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in open while running setuid at /usr/share/sympa/lib/Lock.pm line 255.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in open while running setuid at /usr/share/sympa/lib/Lock.pm line 255.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in open while running setuid at /usr/share/sympa/lib/Lock.pm line 255.
---- many others ---
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in require while running setuid at /usr/lib/perl5/Template/Plugins.pm line 29.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: server "/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
stderr: Insecure dependency in require while running setuid at /usr/lib/perl5/Template/Filters.pm line 22.
[Sat Jan 07 17:05:18 2012] [error] [client 151.49.48.182] FastCGI: incomplete headers (0 bytes) received from server
"/usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi"
My configs:
/etc/apache2/conf.d/sympa
# Apache configuration file for Sympa
Alias /static-sympa /var/lib/sympa/static_content
ScriptAlias /wws /usr/lib/cgi-bin/sympa/wwsympa-wrapper.fc
/etc/apache2/mods-available/fastcgi.conf
<IfModule mod_fastcgi.c>
AddHandler fastcgi-script .fcgi
FastCgiConfig -idle-timeout 120
FastCgiIpcDir /var/lib/apache2/fastcgi
</IfModule>
in virtual host apache config ...
<Location /wws >
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Location>
any help would be very appreciated!
Thanks
Giorgio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-sympa-devel/attachments/20120107/609e459a/attachment.html>
More information about the Pkg-sympa-devel
mailing list