Hide Forgot
+++ This bug was initially created as a clone of Bug #624609 +++ Description of problem: Lately, I've started getting a lot of “Request header field is missing ':' separator.” when accessing my fedora-hosted webmail It seems a bug has been introduced apache-side or squirrelmail-side I had some problem occurrences using various versions of firefox (linux and windows), and even a few times when using Links Version-Release number of selected component (if applicable): httpd-2.2.16-1.fc14 --- Additional comment from nicolas.mailhot on 2010-08-17 04:38:58 EDT --- Created attachment 439071 [details] Exemple of problem exchange captured by live http headers extension client-side The error generated in the right pane was: Bad Request Your browser sent a request that this server could not understand. Request header field is missing ':' separator. pEyPnEsB%2B4 Apache Server at myserver.com Port 443 --- Additional comment from jorton on 2010-08-17 05:23:53 EDT --- This is seen over SSL? --- Additional comment from nicolas.mailhot on 2010-08-17 08:31:28 EDT --- Yes, this is an https access --- Additional comment from nicolas.mailhot on 2010-08-17 08:32:16 EDT --- (you have all the traces and URLs used in the attached capture) --- Additional comment from jorton on 2010-08-17 08:59:26 EDT --- Can you try this build: http://koji.fedoraproject.org/koji/taskinfo?taskID=2406801 it pulls in one bug fix from upstream. --- Additional comment from nicolas.mailhot on 2010-08-17 13:32:40 EDT --- I'll test this one now. --- Additional comment from nicolas.mailhot on 2010-08-19 12:41:27 EDT --- Seems fixed, many thanks --- Additional comment from sandro.bonazzola on 2010-10-08 10:14:24 EDT --- The package is still not in Fedora 14: latest httpd available is built 26/07/2010. The fix according to http://koji.fedoraproject.org/koji/taskinfo?taskID=2406801 is dated Tue, 17 Aug 2010. It isn't in fedora repo or in updates-testing repo. Can anybody push this to the repository? --- Additional comment from bugzilla_redhat on 2010-10-26 16:26:58 EDT --- Could you please push this fix in bodhi, so we can get it in F14 as a 0-day update? Many thanks. --- Additional comment from jorton on 2010-10-27 06:06:40 EDT --- Sorry, yes, this bug shouldn't have been closed out. I'm building 2.2.17 for f14 updates which has this fix. --- Additional comment from jorton on 2010-10-27 06:07:15 EDT --- *** Bug 646704 has been marked as a duplicate of this bug. *** --- Additional comment from updates on 2010-10-27 06:15:36 EDT --- httpd-2.2.17-1.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/httpd-2.2.17-1.fc14 --- Additional comment from updates on 2010-10-28 01:58:45 EDT --- httpd-2.2.17-1.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update httpd'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/httpd-2.2.17-1.fc14 --- Additional comment from jorton on 2010-10-29 06:34:40 EDT --- *** Bug 640959 has been marked as a duplicate of this bug. *** --- Additional comment from updates on 2010-11-08 17:35:26 EST --- httpd-2.2.17-1.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. ==================================================== This bug also occurs on RHEL6 (httpd-2.2.15)
The Fedora bug to which this corresponds is caused by an overlapping memcpy() in mod_ssl. This issue was triggered by a change in glibc which meant an overlapping memcpy now causes data corruption - see bug 638477 for background. The particular change in the glibc memcpy is not present in the RHEL 6 glibc, and this issue is not known to be reproducible in the RHEL 6 httpd. Please: a) describe exactly the symptoms you are seeing, and describe how you can reproduce them. b) confirm the version of glibc you are using. Please note that bugzilla is not a support tool and customers should contact Red Hat Technical Support in the first instance with any questions or issues you are having with the software; see: http://www.redhat.com/support/process/ for more information.
Symptoms : When accessing pages through SSL, I receive sometimes : Bad Request Your browser sent a request that this server could not understand. Request header field is missing ':' separator. olhuaqv3o1t29flvr0 It happens not often at the beginning, but it becomes worst if the server stays running for some time. A simple 'refresh' of the page often succeed. Disabling "mod_rewrite" (found on forums) seems to remove the problem, but it's hard to be sure as the problem does not always occur... Currently, I solved the problem by compiling the httpd-2.2.17 source rpm for FC13, which seems to work normally without this issue, with the exact same configuration... GLIBC : glibc-2.12-1.7.el6_0.3.i686
Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux.
Is this still reproducible with 2.2.15-9?
If you have a reproduction case with the latest updates, please re-open.