Dominic Hargreaves uploaded a security update for the lighttpd in sarge
backports which fixes the following issues:
CVE-2007-1869
Remote attackers could cause denial of service by disconnecting
partway through making a request.
CVE-2007-1870
A NULL pointer dereference could cause a crash when serving files
with a mtime of 0.
These issues have been fixed in the 1.4.13-10~bpo.2 packages in
sarge-backports.
Alex
P.S. If you do any security updates in one of your bpo packages please
drop me a short mail with details so that I can create a mail and a News item
on the website.
--
Alexander Wirt, formorer@debian.org
CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A
Attachment:
signature.asc
Description: Digital signature