[pkg-lighttpd] Bug#419131: Patch for 1.4.13-4 in Etch
Jon Vaughan
jonathan-debianpackages at turnip.org.uk
Fri Apr 27 19:53:49 UTC 2007
Hi,
The version in etch is still vulnerable. I have patched it for local
use. Hope the diff below helps. I used the two patches from
http://secunia.com/advisories/24886/ :
http://www.lighttpd.net/assets/2007/4/13/lighttpd-1.4.x_crlf_parsing_dos.patch
http://www.lighttpd.net/assets/2007/4/13/lighttpd-1.4.x_zero_mtime_crash.patch
Jon.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lighttpd_1.4.13.patchjvaughan
Type: application/octet-stream
Size: 773 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-lighttpd-maintainers/attachments/20070427/c7b772b8/lighttpd_1.4.13.obj
More information about the pkg-lighttpd-maintainers
mailing list