This project is archived. Its data is read-only.

Commit d5d48254 authored Feb 09, 2010 by Gustavo Zacarias Committed by Peter Korsgaard Feb 09, 2010

Bump lighttpd to 1.4.26



Closes #1063.

lighttpd 1.4.26 fixes:

* Request parser handling for splitted header data
* FD leak in mod_cgi
* Segfault with broken configs in mod_rewrite/mod_redirect
* An OOM/DoS vulnerability (CVE-2010-0295)

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>

parent 640c7403

CHANGES

+1 −0

Original line number	Diff line number	Diff line
		@@ -50,6 +50,7 @@
		#1009: [SECURITY] Bump php to 5.2.12
		#1015: [SECURITY] Bump bind to 9.5.1-P2
		#1027: Busybox flash commands conflict with those from mtd-utils
		#1063: [SECURITY] Update lighttpd to 1.4.26

		2009.11, Released December 1st, 2009:

package/lighttpd/lighttpd.mk

+1 −2

Original line number	Diff line number	Diff line
		@@ -4,10 +4,9 @@
		#
		#############################################################

		LIGHTTPD_VERSION = 1.4.25
		LIGHTTPD_VERSION = 1.4.26
		LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
		LIGHTTPD_LIBTOOL_PATCH = NO
		LIGHTTPD_DEPENDENCIES =

		ifneq ($(BR2_LARGEFILE),y)
		LIGHTTPD_LFS:=$(DISABLE_LARGEFILE) --disable-lfs