← Back to branch summary

~ubuntu-branches/ubuntu/hardy/lighttpd/hardy-security

« back to all changes in this revision

Viewing changes to debian/changelog

  • Committer: Bazaar Package Importer
  • Author(s): Emanuele Gentili
  • Date: 2008-04-06 00:09:12 UTC
  • Revision ID: james.westby@ubuntu.com-20080406000912-8fch5qc1ahziv5zi
Tags: 1.4.19-0ubuntu3
https://launchpad.net/bugs/209627
* SECURITY UPDATE: (LP: #209627)
 + debian/patches/92_CVE-2008-1531.dpatch
  - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial 
    of service (active SSL connection loss) by triggering an SSL error, 
    such as disconnecting before a download has finished, which causes 
    all active SSL connections to be lost.
* References
 + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
 + http://trac.lighttpd.net/trac/changeset/2136
 + http://trac.lighttpd.net/trac/changeset/2139

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/changelog
 
1
lighttpd (1.4.19-0ubuntu3) hardy; urgency=low
 
2
 
 
3
  * SECURITY UPDATE: (LP: #209627)
 
4
   + debian/patches/92_CVE-2008-1531.dpatch
 
5
    - lighttpd 1.4.19 and earlier allows remote attackers to cause a denial 
 
6
      of service (active SSL connection loss) by triggering an SSL error, 
 
7
      such as disconnecting before a download has finished, which causes 
 
8
      all active SSL connections to be lost.
 
9
  * References
 
10
   + http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1531
 
11
   + http://trac.lighttpd.net/trac/changeset/2136
 
12
   + http://trac.lighttpd.net/trac/changeset/2139
 
13
 
 
14
 -- Emanuele Gentili <emgent@emanuele-gentili.com>  Sun, 06 Apr 2008 00:09:12 +0200
 
15
 
1
16
lighttpd (1.4.19-0ubuntu2) hardy; urgency=low
2
17
 
3
18
  * debian/rules: (LP: #174289)