DoS-vulnerability in lighttpd
Bug #107628 reported by
Fridtjof Busse
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lighttpd (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Dapper |
Fix Released
|
Undecided
|
Kees Cook | ||
Edgy |
Fix Released
|
Undecided
|
Kees Cook | ||
Feisty |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: lighttpd
I know it's universe, but it deserves to be fixed:
http://
http://
Both problems are fixed in 1.4.14, but since that version contains a regression, 1.4.15 is the best version to go with (or a backport).
Patches are here:
http://
http://
Changed in lighttpd: | |
status: | Confirmed → Fix Released |
Changed in lighttpd: | |
status: | Fix Released → Confirmed |
Changed in lighttpd: | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Thanks for taking the time to report this bug and helping to make Ubuntu better. If someone can prepare (and test) the fixes and attach debdiffs that follow the [https:/ /wiki.ubuntu. com/SecurityUpd ateProcedures], I'd be more than happy to get them uploaded.