Bug#1055131: marked as done (RFS: lighttpd/1.4.73-1 -- light, fast, functional web server)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Wed, 1 Nov 2023 15:34:57 +0100
with message-id <602e751f-2f18-4ed6-a3ea-5691cdd39a26@debian.org>
and subject line Re: RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
has caused the Debian Bug report #1055131,
regarding RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1055131: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055131
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
• From: gs-bugs.debian.org@gluelogic.com
• Date: Tue, 31 Oct 2023 20:01:42 -0400
• Message-id: <[🔎] ZUGVZsnitE0xaMzW@xps13>

Package: sponsorship-requests
Severity: normal
X-Debbugs-Cc: gs-bugs.debian.org@gluelogic.com

Dear mentors,

I am looking for a DD sponsor for my package "lighttpd":

https://salsa.debian.org/debian/lighttpd/

I am an upstream lighttpd developer and have participated in
maintaining lighttpd on Debian for a number of years.

I am listed as an uploader on https://tracker.debian.org/pkg/lighttpd

lighttpd-1.4.73-1 passes autopkgtests and expected CI tests,
and is tagged.  (This is a non-DD maintainer upload.)

 * Package name     : lighttpd
   Version          : 1.4.73-1
   Upstream contact : team+lighttpd@tracker.debian.org
 * URL              : https://lighttpd.net/
 * License          : BSD-3-Clause
 * Vcs              : https://git.lighttpd.net/lighttpd/lighttpd1.4

Important changes in lighttpd 1.4.73:
* HTTP/2 detect and log rapid reset attack
While lighttpd is not affected by HTTP/2 rapid reset attacks any more
than by other DoS attacks, changes have been made to lighttpd to detect
and log when a rapid reset attack occurs, and to close the HTTP/2
connection.  Log watchers might subsequently use the trace to block IPs.

The goal is to make lightpd 1.4.73 available in unstable, testing,
and then backports (or sloppy-backports) to maintained Debian versions.

Please advise next steps.
Thank you.  Glenn

P.S. The version of lighttpd in Debian Experimental is 1.4.71-1+exp1
     and can be retired.

--- End Message ---

--- Begin Message ---

• To: 1055131-done@bugs.debian.org
• Subject: Re: RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
• From: Bastian Germann <bage@debian.org>
• Date: Wed, 1 Nov 2023 15:34:57 +0100
• Message-id: <602e751f-2f18-4ed6-a3ea-5691cdd39a26@debian.org>
• In-reply-to: <[🔎] ZUGVZsnitE0xaMzW@xps13>
• References: <[🔎] ZUGVZsnitE0xaMzW@xps13> <[🔎] ZUGVZsnitE0xaMzW@xps13>

Thanks for the upload.

--- End Message ---