Please merge lighttpd (1.4.33-1) from Debian testing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lighttpd (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Debian changelog since last merge:
lighttpd (1.4.33-1) unstable; urgency=low
* Drop the connection-
* Fix "mod_extforward missing configuration file": ship requested
configuration file (Closes: #697304)
* Remove access.conf, an obsolete conffiles as we should have done since
2010 (Closes: #703215)
* Push debhelper's compat mode to 9, the use of maintscript helper requires
8.1 so we had to push the debhelper b-d anyway.
* Fix "config.
provided by Colin Watson. Thanks (Closes: #726394).
* Fix "[PATCH] use dh-systemd for proper systemd-related maintscripts" to
add systemd support. Thanks to Michael Stapelberg (Closes: #713859)
-- Arno Töll <email address hidden> Tue, 15 Oct 2013 21:24:49 +0200
lighttpd (1.4.31-4) unstable; urgency=high
* CVE-2013-1427: Switch the socket path for PHP when using FastCGI. /tmp is
world-writable which may cause security implications if an attacker
manages to control /tmp/php.socket before the web server (re-)starts.
* Switch VCS to git
* Push standards version (no changes)
-- Arno Töll <email address hidden> Thu, 14 Mar 2013 02:20:07 +0100
Related branches
CVE References
Changed in lighttpd (Ubuntu): | |
assignee: | nobody → Mattia Rizzolo (mapreri) |
Changed in lighttpd (Ubuntu): | |
status: | New → In Progress |
This debdiff should merge lighttpd correctly.