Re: Wheezy and jessie updates of lighttpd
On Aug/01, Santiago R.R. wrote:
> Please, find attached debdiffs to mitigate this in wheezy (that I plan
> to upload) and jessie. I have tested it with a python cgi taken from
> httpoxy's PoCs, and it seems to work well. However, I am not familiar
> with lighttpd, so any review is welcome.
thanks for working on this. Could you please change your jessie debdiff
so it uses version 1.4.35-4+deb8u1 instead of 1.4.35-5 ? The rest looks
You'll also need to make sure you build with -sa, as lighttpd will be
new on security-master.