please update cygwin lighttpd pkg to version 1.4.55

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

please update cygwin lighttpd pkg to version 1.4.55

gs-cygwin.com
Please update cygwin lighttpd pkg to version 1.4.55

lighttpd 1.4.55 was released 31 Jan 2020 (upstream).

Thank you.  Glenn
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple
Reply | Threaded
Open this post in threaded view
|

Re: please update cygwin lighttpd pkg to version 1.4.55

Cygwin list mailing list
Am 24.03.2020 um 06:50 schrieb [hidden email]:
> Please update cygwin lighttpd pkg to version 1.4.55
>
> lighttpd 1.4.55 was released 31 Jan 2020 (upstream).
>
> Thank you.  Glenn
> --

In this moment the package is without a maintainer.
Any specific reason why you need absolutely the last version ?


--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple
Reply | Threaded
Open this post in threaded view
|

Re: please update cygwin lighttpd pkg to version 1.4.55

gs-cygwin.com
On Tue, Mar 24, 2020 at 11:51:40AM +0100, Marco Atzeri via Cygwin wrote:

> Am 24.03.2020 um 06:50 schrieb [hidden email]:
> > Please update cygwin lighttpd pkg to version 1.4.55
> >
> > lighttpd 1.4.55 was released 31 Jan 2020 (upstream).
> >
> > Thank you.  Glenn
> > --
>
> In this moment the package is without a maintainer.
> Any specific reason why you need absolutely the last version ?

There are numerous bugs in lighttpd 1.4.54 (and fixed in lighttpd
1.4.55) which prevent usage of lighttpd if using one of the modules
with bugs, e.g. mod_webdav and mod_deflate.

bug: mod_deflate fix error choosing encoding parser (1.4.54 regression)
bug: mod_webdav startup crash in config conditional (1.4.54 regression)
bug: mod_webdav fix file upload limit
bug: mod_accesslog fails to parse multiple cookies
bug: preserve %2b and %2B in query string normalization

There are numerous security enhancements (hardenings) in lighttpd 1.4.55

security: HTTP Basic/Digest Auth security (attack mitigations)
security: HTTP request header parsing restrictions (attack mitigations)

Cheers, Glenn
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple