Viewing all changes in revision 25.
- Committer: Bazaar Package Importer
- Date: 2008-03-05 14:53:26 UTC
- Revision ID: james.westby@ubuntu.com-20080305145326-i0xdwyi211zfa0en
* SECURITY UPDATE:
+ debian/patches/91_CVE-2008-1111.dpatch:
- Fixes CVE-2008-1111
"mod_cgi in lighttpd 1.4.18, when a fork failure occurs, sends the
source code of CGI scripts instead of a 500 error, which might allow
remote attackers to obtain sensitive information." (LP: #198731)
* References
+ http://trac.lighttpd.net/trac/changeset/2107
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1111
+ debian/patches/91_CVE-2008-1111.dpatch:
- Fixes CVE-2008-1111
"mod_cgi in lighttpd 1.4.18, when a fork failure occurs, sends the
source code of CGI scripts instead of a 500 error, which might allow
remote attackers to obtain sensitive information." (LP: #198731)
* References
+ http://trac.lighttpd.net/trac/changeset/2107
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1111
- files added:
- debian/patches/91_CVE-2008-1111.dpatch
- files modified:
- debian/changelog
expand all
collapse all
added
removed
