On Monday 10 January 2011, Philipp Kern wrote: > On Mon, Jan 10, 2011 at 10:50:37PM +0100, Arno Töll wrote: > > While this is likely no security issue I write to the security > > team as well, as you probably want to take care, because > > DSA-2141 caused that problem. The patch is rather simple and > > straightforward. Some more details are mentioned in the bug > > report. > > it's a security regression. As we don't have means to push urgent > changes to stable yet, I'd appreciate if the security team could > handle this issue in a timely manner. I will upload a fix. The i386 packages are available at http://www.sfritsch.de/~stf/lighttpd/ It would be nice if someone could test these. Cheers, Stefan
Attachment:
signature.asc
Description: This is a digitally signed message part.