* SECURITY UPDATE: (LP: #209627) + debian/patches/92_CVE-2008-1531.dpatch - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost. * References + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531 + http://trac.lighttpd.net/trac/changeset/2136 + http://trac.lighttpd.net/trac/changeset/2139