[pkg-lighttpd] Bug#834625: lighttpd: Add autopkgtests test to check mitigation against HTTPoxy
Santiago Ruano Rincón
santiagorr at riseup.net
Wed Aug 17 16:08:52 UTC 2016
Source: lighttpd
Version: 1.4.39-1
Severity: wishlist
Tags: patch
Dear lighttpd maintainers,
Please, find attached the patches to include a DEP-8 test to check if
lighttpd correctly avoids passing http proxy variables to CGIs.
Hope this helps,
Santiago
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.6.0-1-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_CO.UTF-8, LC_CTYPE=es_CO.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-debian-tests-do-not-emit-http-proxy-to-cgi.patch
Type: text/x-diff
Size: 3470 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-lighttpd-maintainers/attachments/20160817/94eeed2d/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-debian-control-add-Testsuite-autopkgtest-stanza.patch
Type: text/x-diff
Size: 744 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-lighttpd-maintainers/attachments/20160817/94eeed2d/attachment-0001.patch>
More information about the pkg-lighttpd-maintainers
mailing list