While debugging some odd and probably extforward related logging issue on one of my machines I stumbled upon CVE-2022-22707 which affects the lighttpd version in jammy (and focal; bionic is fine).
Since the version in kinetic is fixed it should probably just be backported to jammy.
While debugging some odd and probably extforward related logging issue on one of my machines I stumbled upon CVE-2022-22707 which affects the lighttpd version in jammy (and focal; bionic is fine).
Since the version in kinetic is fixed it should probably just be backported to jammy.
There is also a simple patch attached to https:/ /redmine. lighttpd. net/issues/ 3134 which I attached here.