[pkgsrc/trunk]: pkgsrc/www/lighttpd Update to lighttpd 1.4.16. This fixes a n...

[joerg <joerg%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/4b73c904aba3
branches:  trunk
changeset: 531204:4b73c904aba3
user:      joerg <joerg%pkgsrc.org@localhost>
date:      Wed Jul 25 10:26:05 2007 +0000

description:
Update to lighttpd 1.4.16. This fixes a number of security issues:
- various possible NULL pointer references
- two cases were uninitialised memory is used or memory could be
corrupted. This might be exploitable to execute arbitrary code.
- possible mod_access by-pass by appending /
- a local DOS by broken FastCGI handlers

diffstat:

 www/lighttpd/Makefile |  4 ++--
 www/lighttpd/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (25 lines):

diff -r e2f85b18b1db -r 4b73c904aba3 www/lighttpd/Makefile
--- a/www/lighttpd/Makefile     Wed Jul 25 09:41:55 2007 +0000
+++ b/www/lighttpd/Makefile     Wed Jul 25 10:26:05 2007 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.14 2007/04/19 16:16:17 joerg Exp $
+# $NetBSD: Makefile,v 1.15 2007/07/25 10:26:05 joerg Exp $
 
-DISTNAME=      lighttpd-1.4.15
+DISTNAME=      lighttpd-1.4.16
 CATEGORIES=    www
 MASTER_SITES=  http://www.lighttpd.net/download/
 
diff -r e2f85b18b1db -r 4b73c904aba3 www/lighttpd/distinfo
--- a/www/lighttpd/distinfo     Wed Jul 25 09:41:55 2007 +0000
+++ b/www/lighttpd/distinfo     Wed Jul 25 10:26:05 2007 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.9 2007/04/19 16:16:17 joerg Exp $
+$NetBSD: distinfo,v 1.10 2007/07/25 10:26:05 joerg Exp $
 
-SHA1 (lighttpd-1.4.15.tar.gz) = 67ba1279a0eaeda728c1e1143d302beb364a034c
-RMD160 (lighttpd-1.4.15.tar.gz) = a38cb73797da1b8773b4c4a34f16be097667db57
-Size (lighttpd-1.4.15.tar.gz) = 794327 bytes
+SHA1 (lighttpd-1.4.16.tar.gz) = b160cece6c0dd15746d10957d28ba02b2e9e77ce
+RMD160 (lighttpd-1.4.16.tar.gz) = 71743363b9992ce726fffe40af0f75c66a2f6006
+Size (lighttpd-1.4.16.tar.gz) = 795818 bytes