pkgsrc-changes: CVS commit: pkgsrc/www/lighttpd

Subject: CVS commit: pkgsrc/www/lighttpd
To: None <pkgsrc-changes@NetBSD.org>
From: Joerg Sonnenberger <joerg@netbsd.org>
List: pkgsrc-changes
Date: 07/25/2007 10:26:05

Module Name:	pkgsrc
Committed By:	joerg
Date:		Wed Jul 25 10:26:05 UTC 2007

Modified Files:
	pkgsrc/www/lighttpd: Makefile distinfo

Log Message:
Update to lighttpd 1.4.16. This fixes a number of security issues:
- various possible NULL pointer references
- two cases were uninitialised memory is used or memory could be
corrupted. This might be exploitable to execute arbitrary code.
- possible mod_access by-pass by appending /
- a local DOS by broken FastCGI handlers


To generate a diff of this commit:
cvs rdiff -r1.14 -r1.15 pkgsrc/www/lighttpd/Makefile
cvs rdiff -r1.9 -r1.10 pkgsrc/www/lighttpd/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.