Branches for Dapper

Name Status Last Modified Last Commit
lp:ubuntu/dapper/lighttpd 2 Mature 2009-12-18 13:13:00 UTC 2009-12-18
10. * debian/control + Added depends on...

Author: Chuck Short
Revision Date: 2006-05-10 18:11:24 UTC

* debian/control
  + Added depends on libterm-readline-perl-perl. (Closes: Malone #43895)

lp:ubuntu/dapper-proposed/lighttpd 2 Mature 2009-08-15 03:18:09 UTC 2009-08-15
12. * Added relevant security fix from 1....

Author: Scott Kitterman
Revision Date: 2007-04-24 12:04:01 UTC

* Added relevant security fix from 1.4.14 (Closes LP: #107628)
  - DOS with files with mtime 0 (CVE-2007-1870)
     security_zero_mtime_crash

lp:ubuntu/dapper-security/lighttpd bug 2 Mature 2009-08-15 03:19:29 UTC 2009-08-15
16. * SECURITY UPDATE: (LP: #200987) + d...

Author: Emanuele Gentili
Revision Date: 2008-03-11 15:03:17 UTC

* SECURITY UPDATE: (LP: #200987)
 + debian/patches/91_CVE-2008-1270.dpatch
  - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
    uses a default of $HOME, which might allow remote attackers to read arbitrary
    files, as demonstrated by accessing the ~nobody directory.
* References
 + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
 + http://trac.lighttpd.net/trac/ticket/1587
 + http://trac.lighttpd.net/trac/changeset/2120

lp:ubuntu/dapper-updates/lighttpd 2 Mature 2009-08-15 03:18:29 UTC 2009-08-15
16. * SECURITY UPDATE: (LP: #200987) + d...

Author: Emanuele Gentili
Revision Date: 2008-03-11 15:03:17 UTC

* SECURITY UPDATE: (LP: #200987)
 + debian/patches/91_CVE-2008-1270.dpatch
  - mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set,
    uses a default of $HOME, which might allow remote attackers to read arbitrary
    files, as demonstrated by accessing the ~nobody directory.
* References
 + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1270
 + http://trac.lighttpd.net/trac/ticket/1587
 + http://trac.lighttpd.net/trac/changeset/2120

14 of 4 results