{"update": {"autokarma": true, "autotime": false, "stable_karma": 3, "stable_days": 0, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "http://www.lighttpd.net/2015/12/5/1.4.38/", "type": "bugfix", "status": "stable", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2015-12-07 17:40:22", "date_modified": null, "date_approved": null, "date_testing": "2015-12-08 07:00:21", "date_stable": "2015-12-26 21:27:03", "alias": "FEDORA-EPEL-2015-c282d19aa1", "test_gating_status": null, "from_tag": null, "date_pushed": "2015-12-26 21:27:03", "meets_testing_requirements": false, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-EPEL-2015-c282d19aa1", "title": "lighttpd-1.4.38-1.el7", "version_hash": "601d13846f6696ec9ea690f00fbdefabdfc13b47", "release": {"name": "EPEL-7", "long_name": "Fedora EPEL 7", "version": "7", "id_prefix": "FEDORA-EPEL", "branch": "epel7", "dist_tag": "epel7", "stable_tag": "epel7", "testing_tag": "epel7-testing", "candidate_tag": "epel7-testing-candidate", "pending_signing_tag": "epel7-signing-pending", "pending_testing_tag": "epel7-testing-pending", "pending_stable_tag": "epel7-pending", "override_tag": "epel7-override", "mail_template": "fedora_epel_legacy_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "unspecified", "testing_repository": null, "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "limb", "email": "gwync@protonmail.com", "id": 134, "avatar": "https://seccdn.libravatar.org/avatar/620da77fd218195ab689baa12f7235abc3b46837d32e695752381cc8df44c568?s=24&d=retro", "openid": "limb.id.stg.fedoraproject.org", "groups": [{"name": "releng-team"}, {"name": "provenpackager"}, {"name": "packager"}, {"name": "sysadmin-devel"}, {"name": "packaging-committee"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sysadmin-releng"}, {"name": "fedora-contributor"}, {"name": "ipausers"}, {"name": "sysadmin-cvs"}, {"name": "sysadmin"}, {"name": "cvsadmin"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by limb. ", "timestamp": "2015-12-07 17:40:22", "update_id": 46307, "user_id": 91, "id": 362638, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2015-12-08 07:22:39", "update_id": 46307, "user_id": 91, "id": 362993, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "I updated lighttpd to this version less than 24 hours ago, and it has already crashed three times, seemingly in mod_fastcgi. The previous version worked fine. Running this in CentOS 7.2.1511, to which I updated some 15 days ago. I'm still investigating the exact reason for the crashes.", "timestamp": "2015-12-12 19:32:13", "update_id": 46307, "user_id": 362, "id": 365166, "bug_feedback": [{"karma": 0, "comment_id": 365166, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "https://redmine.lighttpd.net/issues/2700 is related, although not filed by me.", "timestamp": "2015-12-14 21:00:46", "update_id": 46307, "user_id": 362, "id": 365967, "bug_feedback": [{"karma": 0, "comment_id": 365967, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "The EPEL package ships with mod_geoip, which is not included in stock lighttpd. I believe lighttpd-mod_geoip.c would need to be updated for 1.4.38, because the current config_insert_values_global function call takes four arguments instead of three. All the modules included in stock lighttpd were modified because of this change. I'm not using mod_geoip myself.", "timestamp": "2015-12-17 23:21:15", "update_id": 46307, "user_id": 362, "id": 367682, "bug_feedback": [{"karma": 0, "comment_id": 367682, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "Oh, scratch my previous comment re mod_geoip, this seems to be taken care of already.", "timestamp": "2015-12-18 07:25:33", "update_id": 46307, "user_id": 362, "id": 367792, "bug_feedback": [{"karma": 0, "comment_id": 367792, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}, {"karma": -1, "karma_critpath": 0, "text": "I'm going to give this a -1 on the grounds that 1.4.38 crashed a dozen times. For the first two crashes I had to restart lighttpd manually, causing some 2.5 hours of downtime before I managed to restart lighttpd. For the latter crashes I had scripted lighttpd to be restarted automatically. I and others provided some debugging data, which ended up with a patch as mentioned in https://redmine.lighttpd.net/issues/2700#note-6 \n\nI have been running the patched version for two days now with zero crashes, so looks like the patch works. I would recommend applying the patch for all the EPEL and Fedora builds of lighttpd. Reproducing this bug on quiet development servers seems to be difficult, I only ran into these problems on a production web server. I also have two web servers running the non-patched EPEL6 1.4.38 version, but those don't seem to have enough traffic to trigger this bug. My EL7 webserver serves 1000x more requests.", "timestamp": "2015-12-20 21:43:23", "update_id": 46307, "user_id": 362, "id": 368775, "bug_feedback": [{"karma": 1, "comment_id": 368775, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes", "timestamp": "2015-12-22 12:00:16", "update_id": 46307, "user_id": 91, "id": 369128, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by limb. ", "timestamp": "2015-12-23 09:51:44", "update_id": 46307, "user_id": 91, "id": 369516, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2015-12-26 23:25:13", "update_id": 46307, "user_id": 91, "id": 370352, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "IMHO sending the update with -1 karma to stable without further communication is not a good idea. This update broke lighttpd on EPEL5 as well.", "timestamp": "2016-01-04 17:19:50", "update_id": 46307, "user_id": 464, "id": 372934, "bug_feedback": [{"karma": 0, "comment_id": 372934, "bug_id": 1288708, "bug": {"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "till", "email": "opensource@till.name", "id": 464, "avatar": "https://seccdn.libravatar.org/avatar/da821a519b125e2a1d5f187109ad48639d0c1948a41347db6670e44133f4ec53?s=24&d=retro", "openid": "till.id.stg.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "sysadmin-cvs"}, {"name": "cvsl10n"}, {"name": "l10n"}, {"name": "fedorabugs"}, {"name": "sysadmin-releng"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "sysadmin"}, {"name": "signers"}, {"name": "fedora-contributor"}, {"name": "cvsadmin"}, {"name": "ambassadors"}, {"name": "bzrpackagedb"}]}}], "builds": [{"nvr": "lighttpd-1.4.38-1.el7", "signed": true, "release_id": 8, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1288708, "title": "lighttpd-1.4.38 is available", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 365166, "bug_id": 1288708, "comment": {"karma": 0, "karma_critpath": 0, "text": "I updated lighttpd to this version less than 24 hours ago, and it has already crashed three times, seemingly in mod_fastcgi. The previous version worked fine. Running this in CentOS 7.2.1511, to which I updated some 15 days ago. I'm still investigating the exact reason for the crashes.", "timestamp": "2015-12-12 19:32:13", "update_id": 46307, "user_id": 362, "id": 365166, "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 365967, "bug_id": 1288708, "comment": {"karma": 0, "karma_critpath": 0, "text": "https://redmine.lighttpd.net/issues/2700 is related, although not filed by me.", "timestamp": "2015-12-14 21:00:46", "update_id": 46307, "user_id": 362, "id": 365967, "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 367682, "bug_id": 1288708, "comment": {"karma": 0, "karma_critpath": 0, "text": "The EPEL package ships with mod_geoip, which is not included in stock lighttpd. I believe lighttpd-mod_geoip.c would need to be updated for 1.4.38, because the current config_insert_values_global function call takes four arguments instead of three. All the modules included in stock lighttpd were modified because of this change. I'm not using mod_geoip myself.", "timestamp": "2015-12-17 23:21:15", "update_id": 46307, "user_id": 362, "id": 367682, "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 367792, "bug_id": 1288708, "comment": {"karma": 0, "karma_critpath": 0, "text": "Oh, scratch my previous comment re mod_geoip, this seems to be taken care of already.", "timestamp": "2015-12-18 07:25:33", "update_id": 46307, "user_id": 362, "id": 367792, "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 1, "comment_id": 368775, "bug_id": 1288708, "comment": {"karma": -1, "karma_critpath": 0, "text": "I'm going to give this a -1 on the grounds that 1.4.38 crashed a dozen times. For the first two crashes I had to restart lighttpd manually, causing some 2.5 hours of downtime before I managed to restart lighttpd. For the latter crashes I had scripted lighttpd to be restarted automatically. I and others provided some debugging data, which ended up with a patch as mentioned in https://redmine.lighttpd.net/issues/2700#note-6 \n\nI have been running the patched version for two days now with zero crashes, so looks like the patch works. I would recommend applying the patch for all the EPEL and Fedora builds of lighttpd. Reproducing this bug on quiet development servers seems to be difficult, I only ran into these problems on a production web server. I also have two web servers running the non-patched EPEL6 1.4.38 version, but those don't seem to have enough traffic to trigger this bug. My EL7 webserver serves 1000x more requests.", "timestamp": "2015-12-20 21:43:23", "update_id": 46307, "user_id": 362, "id": 368775, "testcase_feedback": [], "user": {"name": "avij", "email": "rhbugs@miuku.net", "id": 362, "avatar": "https://seccdn.libravatar.org/avatar/074523ceead6e81c550613e6e97dcf90da56f4b8d3395a1841fc4e708f66319e?s=24&d=retro", "openid": "avij.id.stg.fedoraproject.org", "groups": []}}}, {"karma": 0, "comment_id": 372934, "bug_id": 1288708, "comment": {"karma": 0, "karma_critpath": 0, "text": "IMHO sending the update with -1 karma to stable without further communication is not a good idea. This update broke lighttpd on EPEL5 as well.", "timestamp": "2016-01-04 17:19:50", "update_id": 46307, "user_id": 464, "id": 372934, "testcase_feedback": [], "user": {"name": "till", "email": "opensource@till.name", "id": 464, "avatar": "https://seccdn.libravatar.org/avatar/da821a519b125e2a1d5f187109ad48639d0c1948a41347db6670e44133f4ec53?s=24&d=retro", "openid": "till.id.stg.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "sysadmin-cvs"}, {"name": "cvsl10n"}, {"name": "l10n"}, {"name": "fedorabugs"}, {"name": "sysadmin-releng"}, {"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "summer-coding"}, {"name": "sysadmin"}, {"name": "signers"}, {"name": "fedora-contributor"}, {"name": "cvsadmin"}, {"name": "ambassadors"}, {"name": "bzrpackagedb"}]}}}]}], "updateid": "FEDORA-EPEL-2015-c282d19aa1", "karma": -1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}