[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Wheezy and jessie updates of lighttpd

On Aug/01, Santiago R.R. wrote:
> Please, find attached debdiffs to mitigate this in wheezy (that I plan
> to upload) and jessie. I have tested it with a python cgi taken from
> httpoxy's PoCs, and it seems to work well. However, I am not familiar
> with lighttpd, so any review is welcome.

Hi Santiago,

thanks for working on this. Could you please change your jessie debdiff
so it uses version 1.4.35-4+deb8u1 instead of 1.4.35-5 ? The rest looks

You'll also need to make sure you build with -sa, as lighttpd will be
new on security-master.



Reply to: