lighttpd crash on mixed EOL sequences in mod_cgi
Bug #138309 reported by
Jamie Strandboge
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lighttpd (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
DoS crash from improper EOL handling in mod_cgi.c fixed in upstream 1.4.17. No CVE entry at this time.
Changed in lighttpd: | |
assignee: | nobody → jamie-strandboge |
status: | New → In Progress |
description: | updated |
Changed in lighttpd: | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
lighttpd 1.4.17 and higher is not affected. Patch can be found in upstream SVN revisions 1969 and 1971