lighttpd stalls when reading fragmented ssl requests

Bug #874076 reported by Aron Cederholm on 2011-10-14
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
lighttpd (Ubuntu)
Undecided
Unassigned

Bug Description

lighttpd 1.4.26 has a bug with fragmented SSL requests (see lighttpd issue at http://redmine.lighttpd.net/issues/2197 -- "lighttpd stalls when reading fragmented ssl requests") that was fixed in rev 2729. Please patch lighttpd 1.4.26 or update package version to 1.4.29.

Description: Ubuntu 10.04.2 LTS
Release: 10.04

  Installed: 1.4.26-1.1ubuntu3
  Candidate: 1.4.26-1.1ubuntu3
  Version table:
 *** 1.4.26-1.1ubuntu3 0
        500 http://se.archive.ubuntu.com/ubuntu/ lucid/universe Packages
        100 /var/lib/dpkg/status

This [resolved] bug causes certain web browsers to stall when posting forms via SSL, which we heavily utilizes on our servers. On our experimental servers, we have confirmed that 1.4.29 does not have this bug anymore, while 1.4.26 indeed does have it.

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: lighttpd 1.4.26-1.1ubuntu3
ProcVersionSignature: Ubuntu 2.6.32-33.70-server 2.6.32.41+drm33.18
Uname: Linux 2.6.32-33-server x86_64
Architecture: amd64
Date: Fri Oct 14 12:41:30 2011
InstallationMedia: Ubuntu-Server 10.04 LTS "Lucid Lynx" - Release amd64 (20100427)
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: lighttpd

Aron Cederholm (aron-v) wrote :
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in lighttpd (Ubuntu):
status: New → Confirmed
volinthius (volinthius) wrote :

I'm experiencing this bug also in Ubuntu 10.04. However it only exists with Chromium. After patching the lighttpd the problem seemed to go away.

Chromium is of version 16.0.912.77 (Developer Build 118311 Linux) and lighttpd of version 1.4.26-1.1ubuntu3.1.

The patch (Fix-stalls-while-reading-from-ssl-sockets-fixes-2197.patch) is available from http://redmine.lighttpd.net/issues/2197.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers