pkgsrc

History

fhajny e482b20664 Update www/lighttpd to 1.4.31. Changes from 1.4.30 - [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI (thx carpii for reporting) - Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373) - [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response - disable mmap by default (fixes #2391) - buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405) - Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413) - Fix access log escaping of " and \\ (fixes #1551) - [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) - [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889) - [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu) - Detect multiple -f options: show error message instead of assert (fixes #2416) - [mod_extforward] Support ipv6 addresses (fixes #1889) - [mod_redirect] Support url.redirect-code option (fixes #2247) - Fix --enable-mmap handling in configure.ac Changes from 1.4.29 - Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) - Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems. - [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled - Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file - Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341) - Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351) - [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) - [ssl] count renegotiations to prevent client renegotiations - [ssl] add option to honor server cipher order (fixes #2364, BEAST attack) - [core] accept dots in ipv6 addresses in host header (fixes #2359) - [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb) - [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)	2012-08-01 11:25:22 +00:00
..
patch-doc_config_lighttpd.conf	Update www/lighttpd to 1.4.31.	2012-08-01 11:25:22 +00:00

fhajny e482b20664 Update www/lighttpd to 1.4.31.

Changes from 1.4.30
- [ssl] fix segfault in counting renegotiations for openssl versions
  without TLSEXT/SNI (thx carpii for reporting)
- Move fdevent subsystem includes to implementation files to reduce
  conflicts (fixes #2373)
- [mod_compress] fix handling if etags are disabled but cache-dir
  is set - may lead to double response
- disable mmap by default (fixes #2391)
- buffer_caseless_compare: always convert letters to lowercase to get
  transitive results, fixing array lookups (fixes #2405)
- Fix handling of empty header list entries in http_request_split_value,
  fixing invalid read in valgrind (fixes #2413)
- Fix access log escaping of " and \\ (fixes #1551)
- [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649,
  RFC 2617) (fixes #2410)
- [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific
  workaround, add fastcgi test case (fixes #889)
- [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333,
  thx simoncpu)
- Detect multiple -f options: show error message instead of assert
  (fixes #2416)
- [mod_extforward] Support ipv6 addresses (fixes #1889)
- [mod_redirect] Support url.redirect-code option (fixes #2247)
- Fix --enable-mmap handling in configure.ac

Changes from 1.4.29
- Always use our 'own' md5 implementation, fixes linking issues on MacOS
  (fixes #2331)
- Limit amount of bytes we send in one go; fixes stalling in one connection
  and timeouts on slow systems.
- [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
- Add static-file.disable-pathinfo option to prevent handling of urls like
  .../secret.php/image.jpg as static file
- Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
- Fix mod_status bug: always showed "0/0" in the "Read" column for uploads
  (fixes #2351)
- [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
- [ssl] count renegotiations to prevent client renegotiations
- [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
- [core] accept dots in ipv6 addresses in host header (fixes #2359)
- [ssl] fix ssl connection aborts if files are larger than
  the MAX_WRITE_LIMIT (256kb)
- [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)

2012-08-01 11:25:22 +00:00

patch-doc_config_lighttpd.conf

Update www/lighttpd to 1.4.31.

2012-08-01 11:25:22 +00:00