Package: thttpd Version: 2.25b-11 Severity: grave Justification: causes non-serious data loss
thttpd 2.25b-11 introduces new behavior from 2.25b-9 that breaks http logging. The variable REMOTE_ADDR is now set to 127.0.0.1 for many hosts rather than correctly showing the real external IP address. This means that requests are written to the access log coming from "127.0.0.1" which is incorrect and misleading. This new behavior might be the result of the following patch: http://patch-tracker.debian.org/patch/series/view/thttpd/2.25b-11/10-x-forwarded-for-header.dpatch -- however, this patch is not a bug fix, it introduces completely new behavior over thttpd 2.25b-9 which is a mistake. If you wish to introduce new behavior like this that breaks our configurations, it should at least come as an option, not as the default. I'm now forced to compile thttpd from source if I wish the correct behavior (yes, thttpd compiled from source shows REMOTE_ADDR: external_ip, not localhost). -- System Information: Debian Release: wheezy/sid APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.37-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages thttpd depends on: ii libc6 2.11.2-11 Embedded GNU C Library: Shared lib Versions of packages thttpd recommends: ii logrotate 3.7.8-6 Log rotation utility Versions of packages thttpd suggests: ii thttpd-util 2.25b-11 tiny/turbo/throttling HTTP server -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
