bozohttpd 20111118-1+deb7u1build0.14.04.1 source package in Ubuntu
Changelog
bozohttpd (20111118-1+deb7u1build0.14.04.1) trusty-security; urgency=medium
* fake sync from Debian
bozohttpd (20111118-1+deb7u1) wheezy-security; urgency=high
* Non-maintainer upload by the LTS team.
* Fix CVE-2014-5015:
bozotic HTTP server (aka bozohttpd) before 201407081 truncates paths when
checking .htpasswd restrictions, which allows remote attackers to bypass
the HTTP authentication scheme and access restrictions via a long path.
(Closes: #755197)
* CVE-2015-8212:
Fix a security issue in CGI suffix handler support which would allow remote
code execution.
-- Steve Beattie <email address hidden> Fri, 24 Jun 2016 14:35:34 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Trusty
- Original maintainer:
- Mattias Nordstrom
- Architectures:
- any
- Section:
- httpd
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Trusty | updates | universe | net | |
| Trusty | security | universe | net |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| bozohttpd_20111118.orig.tar.gz | 54.9 KiB | 6cb6ab6fb3b127af452ffd4ddbdd5e9c1676934bd19b8b5edc12c33e0fe4278d |
| bozohttpd_20111118-1+deb7u1build0.14.04.1.diff.gz | 5.8 KiB | dcd4860ac41e8c2f36ff2d72886843bbbeae56c1fd38a5977ff76aa0b28c936a |
| bozohttpd_20111118-1+deb7u1build0.14.04.1.dsc | 1.7 KiB | 2b569efdf444ec9aaf82026b765be51f3c9cae0f09883c11943b0db21dc8bf64 |
Available diffs
Binary packages built by this source
- bozohttpd: Bozotic HTTP server
A small and secure HTTP server. Its main feature is the
lack of features, reducing code size and improving verifiability. It
has no configuration file by design.
.
It supports CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
virtual hosting support, as well as multiple IP-based servers on a
single machine, and is able to serve pages via the IPv6 protocol.
