Ubuntu
lighttpd package

New upstream release 1.4.20 fixes security issues

Bug #277907 reported by Rodrigo Campos
This bug report is a duplicate of:  Bug #209627: lighttpd (security) ssl fix. Edit Remove
256
Affects Status Importance Assigned to Milestone
lighttpd (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: lighttpd

There's a new upstream release (1.4.20) that fixes security issues as you can see here:

http://www.lighttpd.net/2008/9/30/1-4-20-Otherwise-the-terrorists-win

There you can see the affected versions, but 1.4.19 is always affected :)

Please consider updating to 1.4.20 or backporting the fixes. If you want to backport the fixes,
perhaps you could check how Debian backported them.

Thanks a lot,

Rodrigo

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.