[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] lighttpd 1.4.32 released, fixing CVE-2012-5533
From: Stefan =?UTF-8?B?QsO8aGxlcg==?= <stbuehler () lighttpd ! net>
Date: 2012-11-21 12:20:13
Message-ID: 20121121132013.350a82fb () chromobil ! local
[Download RAW message or body]
Hi,
we just released lighttpd 1.4.32, fixing a DoS reported by Jesse
Sipprell from McClatchy Interactive, Inc.
Sending "Connection: TE,,Keep-Alive" as header will trigger an endless
loop; as lighttpd is single threaded all request handling will stop
immediately.
Only lighttpd 1.4.31 is affected by this.
For more details and other changes see:
* http://www.lighttpd.net/2012/11/21/1-4-32/
* http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt
Regards,
Stefan
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic