lighttpd?
Reinhard Tartler
siretart at gmail.com
Sun Sep 18 13:46:08 CDT 2005
On 9/8/05, Lorenzo Villani <arbitermc at gmail.com> wrote:
> Hm.. these are debs for the 1.3.16 version, I've packaged the 1.4.3
> version (latest) which includes some improvements and is more secure
> than lighttpd 1.3.16 (you can see a dangerous bug here:
> http://lighttpd.net/news/ -- "In lighttpd 1.3.7 and below it is possible
> to fetch the source files which should be handled by CGI or FastCGI
> applications." -- so the packaged version maybe affected by this
> security bug, if not patched)
Please talk to Jan Kneschke <jan at kneschke.de> about this, perhaps you
can work together on a newer package. Upload to revu again, if
necessary.
--
regards,
Reinhard
More information about the ubuntu-devel
mailing list