[pkg-lighttpd] Bug#474951: Bug#474951: Is a fix for etch planned?
Pierre Habouzit
madcoder at debian.org
Tue Apr 15 06:39:03 UTC 2008
On Tue, Apr 15, 2008 at 02:40:07AM +0000, Shane McChesney wrote:
> Glad I found this thread, it explains the 239GB error log I just blew
> away and the new one growing on the server now.
>
> On 1.4.13-4etch7, running:
>
> apt-get update
> apt-get install lighttpd
>
> ....says "lighttpd is already the newest version."
>
> Is a fix for etch planned? If so, is there any timeline yet?
>
> This has got to be affecting a lot more users than just those of us
> who tracked it here...
Dear security team, you broke lighttpd badly with your last upload,
because you use a broken patch to fix the last CVE on it. Please update
the patch, using e.g. the one in the unstable version instead. You've
broken lighttpd for almost 10 days, it's quite unacceptable to have a
lighttpd in _stable_ in that state.
Dear SRM team: would an upload to s-p-u be accepted if the security
team still doesn't react ?
--
·O· Pierre Habouzit
··O madcoder at debian.org
OOO http://www.madism.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-lighttpd-maintainers/attachments/20080415/894e9ef8/attachment.pgp
More information about the pkg-lighttpd-maintainers
mailing list