Bug 949254

Summary: apache2-2.4.6-6.50.1 security update breaks suexec
Product: [openSUSE] openSUSE 13.1 Reporter: Markus Kolb <novell>
Component: ApacheAssignee: E-mail List <apache-bugs>
Status: RESOLVED DUPLICATE QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None CC: jsegitz, meissner
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: Yes
Marketing QA Status: --- IT Deployment: ---

Description Markus Kolb 2015-10-07 13:36:06 UTC 
Hi,

web applications using suexec or based on suexec like suphp are showing strange behaviour after updating to apache2-2.4.6-6.50.1

Snippet from https://build.opensuse.org/request/show/333916:

After updating to this patch release, more complex php-pages are mostly empty in response or sometime a bunch of the first response lines are not transmitted (the page doesn't start with DOCTYPE...html tag, but somewhere in the body). In few requests the page is transmitted not as text/html but another content-type so that the browser shows download dialogue. Very strange and different behaviour, but reproducible and after downgrading to the release from June everything works again. I've tried a recompilation of the modsuphp module, but the result has no changes to the older build and build.opensuse.org throws away the build. So this shouldn't be the root of the problem. I've also no clue what might be the problem, because there is no error or warning in any log file about the requests.

Maybe a relation to https://bugzilla.opensuse.org/show_bug.cgi?id=949218
Comment 1 Markus Kolb 2015-10-07 13:41:44 UTC 
I've same strange behaviour with perl cgi application using suexec (suphp is also based on suexec).
Comment 2 Markus Kolb 2015-10-08 10:21:05 UTC 
You are in #949218 on the right way ;-)

*** This bug has been marked as a duplicate of bug 949218 ***