Debian
lighttpd package

lp:debian/lenny/lighttpd

Lenny (5.0)
lenny

Created by James Westby on 2009-12-18 and last modified on 2011-12-18

Get this branch:: bzr branch lp:debian/lenny/lighttpd

Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Mature

Recent revisions

10. By Arno Töll <email address hidden> on 2011-12-18: * Backport security issues from 1.4.30:
  + Fix integer overflow (CVE-2011-4362)
  + Fix attack vector as disclosed by the SSL BEAST attack (related:
    CVE-2011-3389). Note: If you are upgrading from an older version you need
    to change your configuration to mitigate effects of the attack. See the
    corresponding NEWS file for details.
9. By Stefan Fritsch on 2011-01-11: * Non-maintainer upload by the Security Team.
* Fix bug that made lighttpd fail to start with the upgraded openssl
from DSA-2141-1. Closes: #609124
8. By Nico Golde <email address hidden> on 2010-01-31: * Non-maintainer upload by the Security Team.
* Fix denial of service through slow short requests leading to
memory exhaustion due to bad memory handling (CVE-2010-0295).
7. By Pierre Habouzit on 2008-09-27: * Remove the alias.url stanza from 10-cgi.conf (Closes: #499334).
* Add patches for lighttpd security 2008-05 to 2008-07 (no CVE yet):
  + patches/lighttpd-1.4.x_request_header_memleak.patch
  + patches/lighttpd-1.4.x_rewrite_redirect_decode_url.patch
  + patches/lighttpd-1.4.x_userdir_lowercase.patch
* Urgency set to high for security fix.
6. By Krzysztof Krzyżaniak (eloy) on 2006-01-16: * New upstream release
* Closing bug from not uploaded release 1.4.8-5, (closes: #347737)
5. By Krzysztof Krzyżaniak (eloy) on 2006-01-11: fixed permissions and directories (closes: #347565)
4. By Krzysztof Krzyżaniak (eloy) on 2006-01-09: * New configuration layout (closes: #345554) (closes: #344959),
  read /etc/lighttpd/conf-available/README
  - conf-available directory for all templates
  - conf-enabled directory for enabled modules
3. By Krzysztof Krzyżaniak (eloy) on 2005-12-28: [ Krzysztof Krzyzaniak (eloy) ]
* debian/control: lsb-base dependency narrowed to (>= 3.0-3)
* create-mime.assign.pl set as executable (closes: #344938)
2. By Torsten Marek <email address hidden> on 2005-11-26: * New upstream version (closes: #304271)
* Does not rely on $SHELL to execute external commands
1. By Torsten Marek <email address hidden> on 2005-11-26: Import upstream version 1.4.8

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:debian/squeeze/lighttpd

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Debianlighttpd package