Ticket #325 (assigned security)

Opened 1 year ago

Last modified 1 year ago

lighttpd vulnerable

Reported by: tha Assigned to: tha (accepted)
Priority: fixed in svn Milestone: 1.0.x
Component: packages Version: 1.0
Keywords: Cc:

Description

New upstream release, fixing the following security issues:

  • CVE-2007-1869 Remote attackers could cause denial of service by disconnecting partway through making a request.
  • CVE-2007-1870   A NULL pointer dereference could cause a crash when serving files

  with a mtime of 0.

already fixed in trunk

Attachments

Change History

06/11/07 01:24:13 changed by tha

  • priority changed from major to fixed in svn.
  • status changed from new to assigned.

fixed in 1.0 in svn revision #2758

Add/Change #325 (lighttpd vulnerable)