[pkg-lighttpd] Bug#434546: lighttpd: 1.4.16 has been released and contains security fixes

Krzysztof Krzyżaniak eloy at kofeina.net
Fri Jul 27 10:26:19 UTC 2007 

I am preparing upload:

lighttpd (1.4.16-1) unstable; urgency=low

   * New upstream release (closes: #434546)
   * Acknowledge NMU by Pierre Habouzit for CVE-2007-2841 (closes: #428368)
   * Added static-file.exclude-extensions section to lighttpd.conf 
(closes: #408374)
   * Fixed description of conf-available/10-fastcgi.conf (closes: #430469)
   * Added mod_extforward to debian/lighttpd.install (closes: #434717)
   * config.guess taken from upstream (closes: #419664)
   * turn on compression (closes: #397514)

  -- Krzysztof Krzyzaniak (eloy) <eloy at debian.org>  Fri, 27 Jul 2007 
10:32:51 +0200

sources are in subversion, not tagged yet.

Olaf van der Spek wrote:
> Package: lighttpd
> Version: 1.4.15-1
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Hi,
> 
> Lighttpd 1.4.16 has been released and contains security fixes, see http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it
> 
> -- System Information:
> Debian Release: 4.0
>   APT prefers stable
>   APT policy: (500, 'stable'), (1, 'testing')
> Architecture: i386 (i686)
> Shell:  /bin/sh linked to /bin/bash
> Kernel: Linux 2.6.18-4-686
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> 
> Versions of packages lighttpd depends on:
> ii  libattr1                    2.4.32-1     Extended attribute shared library
> ii  libbz2-1.0                  1.0.3-6      high-quality block-sorting file co
> ii  libc6                       2.3.6.ds1-13 GNU C Library: Shared libraries
> ii  libldap2                    2.1.30-13.3  OpenLDAP libraries
> ii  libpcre3                    6.7-1        Perl 5 Compatible Regular Expressi
> ii  libssl0.9.8                 0.9.8c-4     SSL shared libraries
> ii  lsb-base                    3.1-23.1     Linux Standard Base 3.1 init scrip
> ii  mime-support                3.39-1       MIME files 'mime.types' & 'mailcap
> ii  perl                        5.8.8-7      Larry Wall's Practical Extraction 
> ii  zlib1g                      1:1.2.3-13   compression library - runtime
> 
> Versions of packages lighttpd recommends:
> ii  php5-cgi                   5.2.0-8+etch7 server-side, HTML-embedded scripti
> 
> -- no debconf information
> 
> 
> _______________________________________________
> pkg-lighttpd-maintainers mailing list
> pkg-lighttpd-maintainers at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-lighttpd-maintainers


-- 
-------e-l-o-y----------------------------e-l-o-y- at -k-o-f-e-i-n-a-.-n-e-t------

        jak to dobrze, że są oceany - bez nich byłoby jeszcze smutniej

More information about the pkg-lighttpd-maintainers mailing list