Accepted lighttpd 1.4.13~r1370-1ubuntu1.3 (source)

Ubuntu Installer archive at ubuntu.com
Tue Sep 11 18:55:34 BST 2007 

Accepted:
 OK: lighttpd_1.4.13~r1370.orig.tar.gz
 OK: lighttpd_1.4.13~r1370-1ubuntu1.3.diff.gz
 OK: lighttpd_1.4.13~r1370-1ubuntu1.3.dsc
     -> Component: universe Section: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 10 Sep 2007 16:28:19 -0400
Source: lighttpd
Binary: lighttpd-mod-mysql-vhost lighttpd-mod-cml lighttpd-doc lighttpd-mod-trigger-b4-dl lighttpd lighttpd-mod-magnet
Architecture: source
Version: 1.4.13~r1370-1ubuntu1.3
Distribution: edgy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 lighttpd   - A fast webserver with minimal memory footprint
 lighttpd-doc - Documentation for lighttpd
 lighttpd-mod-cml - Cache meta language module for lighttpd
 lighttpd-mod-magnet - Control the request handling module for lighttpd
 lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd
 lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd
Changes: 
 lighttpd (1.4.13~r1370-1ubuntu1.3) edgy-security; urgency=low
 .
   * SECURITY UPDATE: fix DoS crash from improper EOL handling in mod_cgi.c
     (backported from upstream 1.4.17)
   * SECURITY UPDATE: fix potential DoS crash in etag.c. This patch also fixes
     possible dereferencing a NULL pointer in buffer.c (both backported from
     upstream 1.4.17)
   * SECURITY UPDATE: fix arbitrary code execution in mod_fastcgi.c due to
     improper handling of content length in HTTP headers.  Patch from upstream
   * References
     https://bugs.launchpad.net/ubuntu/+source/lighttpd/+bug/138309
     https://bugs.launchpad.net/ubuntu/+source/lighttpd/+bug/138310
     http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
     CVE-2007-4727
Files: 
 8586f08ad847102d04af11e17638641c 1139 web optional lighttpd_1.4.13~r1370-1ubuntu1.3.dsc
 bcefac96a01e2a0d254d254ef6bde541 25286 web optional lighttpd_1.4.13~r1370-1ubuntu1.3.diff.gz
Original-Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG5rrrH/9LqRcGPm0RAmpyAJ9hdkT3ISqjmJjHXkQVGhZCG/sPxQCfdm1c
z7GPvVwLt05M7zUFpXj89co=
=BOu8
-----END PGP SIGNATURE-----

More information about the edgy-changes mailing list