Bump lighttpd to 1.4.26

Closes #1063. lighttpd 1.4.26 fixes: * Request parser handling for splitted header data * FD leak in mod_cgi * Segfault with broken configs in mod_rewrite/mod_redirect * An OOM/DoS vulnerability (CVE-2010-0295) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-02-09 11:30:06 -03:00 · 2010-02-09 11:30:06 -03:00 · d5d48254dc
commit d5d48254dc
parent 640c740378
2 changed files with 2 additions and 2 deletions
--- a/1
+++ b/1
@ -50,6 +50,7 @@
 	#1009: [SECURITY] Bump php to 5.2.12
 	#1015: [SECURITY] Bump bind to 9.5.1-P2
 	#1027: Busybox flash commands conflict with those from mtd-utils
+	#1063: [SECURITY] Update lighttpd to 1.4.26

 2009.11, Released December 1st, 2009:

--- a/package/lighttpd/lighttpd.mk
+++ b/package/lighttpd/lighttpd.mk
@ -4,10 +4,9 @@
 #
 #############################################################

-LIGHTTPD_VERSION = 1.4.25
+LIGHTTPD_VERSION = 1.4.26
 LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
 LIGHTTPD_LIBTOOL_PATCH = NO
-LIGHTTPD_DEPENDENCIES =

 ifneq ($(BR2_LARGEFILE),y)
 LIGHTTPD_LFS:=$(DISABLE_LARGEFILE) --disable-lfs