Hide Forgot
Description of problem: When setting AuthzForceUsernameCase to lower in the /etc/httpd/conf.d/subversion.conf, when a user tries to authenticate it causes HTTPD to segfault. This issue was also discovered in RHEL 6 (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.3_Technical_Notes/subversion_and_neon.html), but was not back-ported to the RHEL 5 subversion packages. Version-Release number of selected component (if applicable): subversion-1.6.11-12.el5_10 How reproducible: Very easy to reproduce Steps to Reproduce: 1. Set AuthzForceUsernameCase to lower in /etc/httpd/conf.d/subversion.conf (or a Subversion VirtualHost configuration). 2. Restart/reload HTTPD which will be successful. 3. Attempt to authentication to Subversion, which will cause HTTPD to Segfault. 4. Comment out or remove the setting from the configuration, start HTTPD, and then authentication will work without issue. Actual results: In the HTTPD error logs, the following errors will be logged and HTTPD will crash. [Wed Jan 20 12:57:07 2016] [notice] child pid 24667 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24668 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24669 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24670 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24671 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24672 exit signal Segmentation fault (11) [Wed Jan 20 12:57:07 2016] [notice] child pid 24673 exit signal Segmentation fault (11) [Wed Jan 20 12:57:08 2016] [notice] child pid 24784 exit signal Segmentation fault (11) [Wed Jan 20 12:57:09 2016] [notice] child pid 24785 exit signal Segmentation fault (11) Expected results: An user is able to authenticate to the subversion server successfully.
Thanks for the report. If you need this fixed in RHEL5 please open a support case so we can prioritise it.
Please close this Bugzilla report.
Red Hat Enterprise Linux 5 shipped it's last minor release, 5.11, on September 14th, 2014. On March 31st, 2017 RHEL 5 exited Production Phase 3 and entered Extended Life Phase. For RHEL releases in the Extended Life Phase, Red Hat will provide limited ongoing technical support. No bug fixes, security fixes, hardware enablement or root-cause analysis will be available during this phase, and support will be provided on existing installations only. If the customer purchases the Extended Life-cycle Support (ELS), certain critical-impact security fixes and selected urgent priority bug fixes for the last minor release will be provided. For more details please consult the Red Hat Enterprise Linux Life Cycle Page: https://access.redhat.com/support/policy/updates/errata This BZ does not appear to meet ELS criteria so is being closed WONTFIX. If this BZ is critical for your environment and you have an Extended Life-cycle Support Add-on entitlement, please open a case in the Red Hat Customer Portal, https://access.redhat.com ,provide a thorough business justification and ask that the BZ be re-opened for consideration of an errata. Please note, only certain critical-impact security fixes and selected urgent priority bug fixes for the last minor release can be considered.