Accepted: lighttpd 1.4.19-0ubuntu3 (source)

Emanuele Gentili emgent at emanuele-gentili.com
Sun Apr 6 01:35:25 BST 2008 

Accepted:
 OK: lighttpd_1.4.19.orig.tar.gz
 OK: lighttpd_1.4.19-0ubuntu3.diff.gz
 OK: lighttpd_1.4.19-0ubuntu3.dsc
     -> Component: universe Section: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 06 Apr 2008 00:09:12 +0200
Source: lighttpd
Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-webdav
Architecture: source
Version: 1.4.19-0ubuntu3
Distribution: hardy
Urgency: low
Maintainer: Ubuntu MOTU Developers <ubuntu-motu at lists.ubuntu.com>
Changed-By: Emanuele Gentili <emgent at emanuele-gentili.com>
Description: 
 lighttpd   - A fast webserver with minimal memory footprint
 lighttpd-doc - Documentation for lighttpd
 lighttpd-mod-cml - Cache meta language module for lighttpd
 lighttpd-mod-magnet - Control the request handling module for lighttpd
 lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd
 lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd
 lighttpd-mod-webdav - WebDAV module for lighttpd
Launchpad-Bugs-Fixed: 209627
Changes: 
 lighttpd (1.4.19-0ubuntu3) hardy; urgency=low
 .
   * SECURITY UPDATE: (LP: #209627)
    + debian/patches/92_CVE-2008-1531.dpatch
     - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial
       of service (active SSL connection loss) by triggering an SSL error,
       such as disconnecting before a download has finished, which causes
       all active SSL connections to be lost.
   * References
    + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
    + http://trac.lighttpd.net/trac/changeset/2136
    + http://trac.lighttpd.net/trac/changeset/2139
Files: 
 24bd1421d6e8fa7df91eb0e8a6a3dc90 1343 web optional lighttpd_1.4.19-0ubuntu3.dsc
 06b242025432f4d207959f9a8a0cdde9 24354 web optional lighttpd_1.4.19-0ubuntu3.diff.gz
Original-Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFH+BhgAc+S8KckfcURAqg7AJ9XixuvMbHZp17hc3Zln5wSXDVI4QCeNKxv
H8PLYFrzcg+6P9x4WhFHnQ8=
=wkBp
-----END PGP SIGNATURE-----

More information about the Hardy-changes mailing list