Dominic Hargreaves uploaded a security update for the lighttpd in sarge backports which fixes the following issues: CVE-2007-1869 Remote attackers could cause denial of service by disconnecting partway through making a request. CVE-2007-1870 A NULL pointer dereference could cause a crash when serving files with a mtime of 0. These issues have been fixed in the 1.4.13-10~bpo.2 packages in sarge-backports. Alex P.S. If you do any security updates in one of your bpo packages please drop me a short mail with details so that I can create a mail and a News item on the website. -- Alexander Wirt, formorer@debian.org CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A
Attachment:
signature.asc
Description: Digital signature