pkgsrc-changes: CVS commit: [pkgsrc-2007Q2] pkgsrc/www/lighttpd

Subject: CVS commit: [pkgsrc-2007Q2] pkgsrc/www/lighttpd
To: None <pkgsrc-changes@NetBSD.org>
From: Geert Hendrickx <ghen@netbsd.org>
List: pkgsrc-changes
Date: 07/27/2007 22:47:15

Module Name:	pkgsrc
Committed By:	ghen
Date:		Fri Jul 27 22:47:15 UTC 2007

Modified Files:
	pkgsrc/www/lighttpd [pkgsrc-2007Q2]: Makefile distinfo

Log Message:
Pullup ticket 2151 - requested by joerg
security update for lighttpd

- pkgsrc/www/lighttpd/Makefile				1.15
- pkgsrc/www/lighttpd/distinfo				1.10

   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Wed Jul 25 10:26:05 UTC 2007

   Modified Files:
	   pkgsrc/www/lighttpd: Makefile distinfo

   Log Message:
   Update to lighttpd 1.4.16. This fixes a number of security issues:
   - various possible NULL pointer references
   - two cases were uninitialised memory is used or memory could be
   corrupted. This might be exploitable to execute arbitrary code.
   - possible mod_access by-pass by appending /
   - a local DOS by broken FastCGI handlers


To generate a diff of this commit:
cvs rdiff -r1.14 -r1.14.2.1 pkgsrc/www/lighttpd/Makefile
cvs rdiff -r1.9 -r1.9.2.1 pkgsrc/www/lighttpd/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.