Bug 845532

Summary: mod_cache regression in httpd 2.2.3-65: non-cacheable 304 responses serve bad data
Product: Red Hat Enterprise Linux 5 Reporter: Roy Badami <roy>
Component: httpdAssignee: Joe Orton <jorton>
Status: CLOSED ERRATA QA Contact: Aleš Mareček <amarecek>
Severity: high Docs Contact:
Priority: urgent    
Version: 5.8CC: amarecek, james, jpallich, ksrot, msvoboda, plyons, roy
Target Milestone: rcKeywords: Regression, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: httpd-2.2.3-69.el5 Doc Type: Bug Fix
Doc Text:
Due to a bug in the "mod_cache" module, the "304 Not Modified" response from an origin server was not properly handled when a cached entity was being refreshed. Consequently, the entity could be returned to the HTTP client with incorrect headers. With this update, the "mod_cache" module has been modified to correctly handle headers in the "304 Not Modified" response. The cached entity is now returned with correct headers in this scenario.
 Story Points: ---
Clone Of:
: 868283 (view as bug list) Environment:
Last Closed: 2013-01-08 05:04:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 868283, 873730    

Description Roy Badami 2012-08-03 11:01:11 UTC 
Description of problem:

When mod_cache receives a non-cacheable 304 response, the headers are served incorrectly.  In particular, entity header fields such as Content-Type and Content-Encoding, which are not included in a 304 response, are not retrieved from the cache.  Then can result, for example, in compressed data being served without being marked as compressed (due to a missing Content-Encoding header) in the response headers that mod_cache returns to the client.

This is a regression in httpd-2.2.3-65.el5_8 as a result of applying patch httpd-2.2.3-r1068313.patch (which is changeset r1068313 from the Apache 2.2.x branch, which in turn is a merge of r1001884 from the Apache trunk).  This regression is also present in official Apache 2.2.18+ releases on the 2.2.x branch.  

Specifically, the upstream changeset r1001884 fixes Apache PR45341, but the fix has a flaw (PR52120) which was fixed in trunk in upstream changeset r1201331 and backported to 2.4.x in r1201332.  The fix has not currently been backported to upstream 2.2.x.

See also https://issues.apache.org/bugzilla/show_bug.cgi?id=52120
Comment 1 Joe Orton 2012-08-15 13:30:47 UTC 
Hi, thanks for the report & investigation, I'm very sorry about the regression.
Comment 2 Joe Orton 2012-08-15 15:04:53 UTC 
If you'd like a test package with the applicable fix for this bug please mail me or contact Red Hat Support.
Comment 4 RHEL Program Management 2012-08-15 15:17:41 UTC 
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release.  Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products.  This request is not yet committed for inclusion in
a release.
Comment 15 errata-xmlrpc 2013-01-08 05:04:30 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0130.html