NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c4d08c196a
kumquat-buildroot/package/lighttpd/lighttpd.hash
Peter Korsgaard 15793bc19f lighttpd: security bump to version 1.14.51 
Fixes the following security issues:

1.4.50:
[mod_alias] security: potential path traversal with specific configs
[core] security: use-after-free invalid Range req
[mod_alias] security: path traversal in mod_alias (in some use cases) (fixes #2898)
[core] security: use-after-free after invalid Range request (fixes #2899)

1.4.51:
[core,security] process headers after combining folded headers
[mod_userdir] security: skip username “.” and “..”

1.4.51 brings optional pam and wolfssl support.  Explicitly disable these
options for now.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-10-30 21:05:13 +01:00

5 lines
285 B
Plaintext
Raw Blame History

# From https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.51.sha256sum
sha256 2af9fdb265d1f025bfa634e13770239712ecbd585e4975b8226edf1df74e9c82 lighttpd-1.4.51.tar.xz
# Locally calculated
sha256 5c98cad2fbaf5c5e2562bcbab401a7c557c1bb1bac9914ecc63730925052fb13 COPYING
Reference in New Issue View Git Blame Copy Permalink