NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3f7afc40e1
kumquat-buildroot/package/lighttpd/lighttpd.hash
Fabrice Fontaine e043719c97 package/lighttpd: security bump to version 1.4.64 
Fix CVE-2022-22707: In lighttpd 1.4.46 through 1.4.63, the
mod_extforward_Forwarded function of the mod_extforward plugin has a
stack-based buffer overflow (4 bytes representing -1), as demonstrated
by remote denial of service (daemon crash) in a non-default
configuration. The non-default configuration requires handling of the
Forwarded header in a somewhat unusual manner. Also, a 32-bit system is
much more likely to be affected than a 64-bit system.

gdbm, geoip and memcached options have been dropped with
86c2d30936

https://www.lighttpd.net/2022/1/19/1.4.64/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-22 23:26:16 +01:00

5 lines
351 B
Plaintext
Raw Blame History

# From https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.64.sha512sum
sha512 8e2ad0830ff80fcebf0c33600caafb5ab4e9ff6b5073c12572f88a44fdfe85f777fa8b22b2fc2964fecbeb556997ad660867dcee80efb224d63329c8b18ea936 lighttpd-1.4.64.tar.xz
# Locally calculated
sha256 5c98cad2fbaf5c5e2562bcbab401a7c557c1bb1bac9914ecc63730925052fb13 COPYING
Reference in New Issue View Git Blame Copy Permalink