Accepted lighttpd 1.4.13-9ubuntu4.2 (source)

Ubuntu Installer archive at ubuntu.com
Tue Sep 11 18:55:24 BST 2007 

Accepted:
 OK: lighttpd_1.4.13.orig.tar.gz
 OK: lighttpd_1.4.13-9ubuntu4.2.diff.gz
 OK: lighttpd_1.4.13-9ubuntu4.2.dsc
     -> Component: universe Section: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 10 Sep 2007 14:57:39 -0400
Source: lighttpd
Binary: lighttpd-mod-mysql-vhost lighttpd-mod-cml lighttpd-doc lighttpd-mod-trigger-b4-dl lighttpd lighttpd-mod-webdav lighttpd-mod-magnet
Architecture: source
Version: 1.4.13-9ubuntu4.2
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 lighttpd   - A fast webserver with minimal memory footprint
 lighttpd-doc - Documentation for lighttpd
 lighttpd-mod-cml - Cache meta language module for lighttpd
 lighttpd-mod-magnet - Control the request handling module for lighttpd
 lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd
 lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd
 lighttpd-mod-webdav - WebDAV module for lighttpd
Changes: 
 lighttpd (1.4.13-9ubuntu4.2) feisty-security; urgency=low
 .
   * SECURITY UPDATE: fix DoS crash from improper EOL handling in mod_cgi.c
     (backported from upstream 1.4.17)
   * SECURITY UPDATE: fix potential DoS crash in etag.c. This patch also fixes
     possible dereferencing a NULL pointer in buffer.c (both backported from
     upstream 1.4.17)
   * SECURITY UPDATE: fix arbitrary code execution in mod_fastcgi.c due to
     improper handling of content length in HTTP headers.  Patch from upstream
   * References
     https://bugs.launchpad.net/ubuntu/+source/lighttpd/+bug/138309
     https://bugs.launchpad.net/ubuntu/+source/lighttpd/+bug/138310
     http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt
     CVE-2007-4727
Files: 
 9a5f87bea8b0bf08f43965c4acb5458f 1239 web optional lighttpd_1.4.13-9ubuntu4.2.dsc
 92c5e1850764a2a4256375b66894c78f 44320 web optional lighttpd_1.4.13-9ubuntu4.2.diff.gz
Original-Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFG5rrrH/9LqRcGPm0RAn3kAJ9ndz6DlEOECJxQ1P0Zd3BAiy3b5gCfTLXY
VILwEDDj+7Hjsr79yMk+nw0=
=n92s
-----END PGP SIGNATURE-----

More information about the feisty-changes mailing list