Debian
lighttpd package

lp:debian/squeeze/lighttpd

  1. Squeeze (6.0)
  2. squeeze
Created by James Westby and last modified
Get this branch:
bzr branch lp:debian/squeeze/lighttpd
Members of Ubuntu branches can upload to this branch. Log in for directions.

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

23. By Michael Gilbert <email address hidden>

* Non-maintainer upload by the Security Team.
* Fix cve-2014-2323: mod_mysql_vhost SQL injection.
* Fix cve-2014-2324: traversal through paths involving "[...]".

22. By Stefan Fritsch

* Non-maintainer upload by the Security Team.
* Fix regression introduced by fix for cve-2013-4508, related to client
  certificates and SNI. Closes: #729555, #729480

21. By Arno Töll <email address hidden>

CVE-2013-1427: Switch the socket path for PHP when using FastCGI. /tmp is
world-writable which may cause security implications if an attacker
manages to control /tmp/php.socket before the web server (re-)starts.

20. By Thijs Kinkhorst

Fix numbering issue with the newly added configuration option.
Thanks Wessel Dankers.

19. By Arno Töll <email address hidden>

* Backport security issues from 1.4.30:
  + Fix integer overflow (CVE-2011-4362)
  + Fix attack vector as disclosed by the SSL BEAST attack (related:
    CVE-2011-3389). Note: If you are upgrading from an older version you need
    to change your configuration to mitigate effects of the attack. See the
    corresponding NEWS file for details.

18. By Krzysztof Krzyżaniak (eloy)

[ Olaf van der Spek ]
* Use relative instead of absolute links for conf-enabled (closes: #541645)
* Fix /doc/ for IPv6 (closes: #512583)

[ Krzysztof Krzyżaniak (eloy) ]
* Added patch patches/silence-errors.diff (closes: #601177)

17. By Thijs Kinkhorst

[ Olaf van der Spek ]
* New upstream release (closes: 521235, 572031, 564556)
* Add check_syntax() from Ubuntu (closes: 589200)

16. By Krzysztof Krzyżaniak (eloy)

Ack for NMU, fix for SSL incompatibility (closes: #572031)

15. By Krzysztof Krzyżaniak (eloy)

[ Krzysztof Krzyżaniak (eloy) ]
* Switch to dpkg-source 3.0 (quilt) format
* debian/control:
 + removed Franz Pletz from Uploaders, he's MIA (closes: #579366)
 + change dependency from libmysqlclient15-dev to more general
   libmysqlclient-dev

[ Olaf van der Spek ]
* take conf dir as an optional parameter (closes: 489854)
* don't try to make /var/run/lighttpd when invoked with status
  (closes: 538662)
* split FastCGI PHP conf from FastCGI conf (closes: 515699)
* reduce max-procs from 2 to 1 (closes: 456200)
* move debian doc handling into it's own file
* set default vhost dir to /srv/<host>/htdocs (closes: 471054)
* use delaycompress instead of copytruncate for logrotate (closes: 563626)
* don't wait for old process to stop before starting new one for reload
  (closes: 504315)
* use reopen-logs for logrotate (closes: 504319)
* add no-www.conf (for use with evhost and simple-vhost, closes: 471055)
* move evhost conf into it's own file

14. By John Ham <email address hidden>

* Non-maintainer upload.
* Apply upstream patch to fix openssl (closes: #572031)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers