Format: 1.7 Date: Mon, 07 Apr 2008 19:45:59 +0200 Source: lighttpd Binary: lighttpd lighttpd-doc lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl Architecture: amd64 i386 all powerpc source sparc Version: 1.4.13~r1370-1ubuntu1.7 Distribution: edgy-security Urgency: low Maintainer: Ubuntu MOTU Developers Changed-By: Emanuele Gentili Description: lighttpd - A fast webserver with minimal memory footprint lighttpd-mod-cml - Cache meta language module for lighttpd lighttpd-mod-magnet - Control the request handling module for lighttpd lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd lighttpd-doc - Documentation for lighttpd Changes: lighttpd (1.4.13~r1370-1ubuntu1.7) edgy-security; urgency=low . * SECURITY UPDATE: (LP: #209627) + debian/patches/91_CVE-2008-1531.dpatch - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost. * References + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531 + http://trac.lighttpd.net/trac/changeset/2136 + http://trac.lighttpd.net/trac/changeset/2139 Files: 442a59ea15326e12496c6babeb62f9f9 309244 web optional lighttpd_1.4.13~r1370-1ubuntu1.7_amd64.deb 00e0c5b5dd8edd7880bdc8f8f58691a3 61012 web optional lighttpd-mod-mysql-vhost_1.4.13~r1370-1ubuntu1.7_amd64.deb a9a71aea94e94b68a6eb8fc149cfbb0b 62712 web optional lighttpd-mod-trigger-b4-dl_1.4.13~r1370-1ubuntu1.7_amd64.deb 147eb3ef015cdd66ba34ae230ef6d900 66070 web optional lighttpd-mod-cml_1.4.13~r1370-1ubuntu1.7_amd64.deb 1dddd425c8600fc812aa5beb8204700a 64946 web optional lighttpd-mod-magnet_1.4.13~r1370-1ubuntu1.7_amd64.deb 6fbf0a2fa4f745715c1e714423208693 97142 doc optional lighttpd-doc_1.4.13~r1370-1ubuntu1.7_all.deb df95c9b5379e6b4306a1c8f5e846a475 297792 web optional lighttpd_1.4.13~r1370-1ubuntu1.7_i386.deb 7a89d8b021b58e318dbf47846d4fa113 60822 web optional lighttpd-mod-mysql-vhost_1.4.13~r1370-1ubuntu1.7_i386.deb c1a80962620ff1238f9495d1c19d815f 62462 web optional lighttpd-mod-trigger-b4-dl_1.4.13~r1370-1ubuntu1.7_i386.deb f79fb697e69890afb65a6e2ff86afb7f 65440 web optional lighttpd-mod-cml_1.4.13~r1370-1ubuntu1.7_i386.deb 59a9c17fef87a8ce00812d8403dbe6a1 64348 web optional lighttpd-mod-magnet_1.4.13~r1370-1ubuntu1.7_i386.deb 991a21552411259cec53caccf91476ab 337658 web optional lighttpd_1.4.13~r1370-1ubuntu1.7_powerpc.deb ed9c3eb7c0cf52adc47ec70f1680396d 62456 web optional lighttpd-mod-mysql-vhost_1.4.13~r1370-1ubuntu1.7_powerpc.deb 72203d5e1e28d18c501800da251f5f18 64200 web optional lighttpd-mod-trigger-b4-dl_1.4.13~r1370-1ubuntu1.7_powerpc.deb 5ba20479e218b945c0986837f92bfb7f 67178 web optional lighttpd-mod-cml_1.4.13~r1370-1ubuntu1.7_powerpc.deb 81112dd100fd75ca7c7605fb691482d6 66132 web optional lighttpd-mod-magnet_1.4.13~r1370-1ubuntu1.7_powerpc.deb f44e10bc8811e75930e6bc2b590ea6bb 1139 web optional lighttpd_1.4.13~r1370-1ubuntu1.7.dsc efbe3781bd33235119faf95714fc2841 27324 web optional lighttpd_1.4.13~r1370-1ubuntu1.7.diff.gz a588ecc6a3e737255f2cdae126755d1b 297584 web optional lighttpd_1.4.13~r1370-1ubuntu1.7_sparc.deb 5e6d26ad1735c99a709ec8684d760658 60566 web optional lighttpd-mod-mysql-vhost_1.4.13~r1370-1ubuntu1.7_sparc.deb 24e58ff10fd1d5febb8d53a1b54e4d92 62296 web optional lighttpd-mod-trigger-b4-dl_1.4.13~r1370-1ubuntu1.7_sparc.deb ccec4aef7470c9ad3dae9a44292d8344 65230 web optional lighttpd-mod-cml_1.4.13~r1370-1ubuntu1.7_sparc.deb 44562f72d24782811477bc66b3994d39 64380 web optional lighttpd-mod-magnet_1.4.13~r1370-1ubuntu1.7_sparc.deb Original-Maintainer: Debian lighttpd maintainers