- «
- 1
- 2
- ...
- 7
- »
1.4.32
November 21, 2012
Important changes
One important denial of service (in 1.4.31) fix: CVE-2012-5533.
Downloads
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.gz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.gz.asc
- SHA256:
0765e07dac432393dea3950639d5ba646ded95a9408ad002e54b3353ab6b9645
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.bz2
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.bz2.asc
- SHA256:
60691b2dcf3ad2472c06b23d75eb0c164bf48a08a630ed3f308f61319104701f
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.xz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.tar.xz.asc
- SHA256:
1368f80069ce71f5928cad59c8e60c0b95876942ca9e02c53853e54ae24aedc1
- SHA256 checksums: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.32.sha256sum
External references
- CVE-2012-5533
- lighttpd-SA-2012-01
- lighttpd-1.4.31_fix_connection_header_dos.patch
Read more ...
1.4.31 - Diablo servers are down again, back to work
May 31, 2012
Important changes
Many important changes – fixed a segfault (crash on first https request), disabled mmap due to possible crash if the file is truncated while reading and more.
If you still want to use mmap you can use ./configure --enable-mmap
, but check #2391 before.
Downloads
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz.asc
- SHA256: 848a15604bf358d9355bd7a48c01f448c286734dbb5f4dc1cd16acb8b05a9b52
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.bz2
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.bz2.asc
- SHA256: 5209e7a25d3044cb21b34d6a2bb3a6f6c216ba903ea486a803d070582e5e26ac
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.xz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.xz.asc
- SHA256: 8a0a4f1ab782c2a3554e031c7d8ad600aac9b4c0466710a6cc9aab10659fe3f2
- SHA256 checksums: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.sha256sum
Read more ...
1.4.30 - Faster than santa, your first present this year!
December 18, 2011
And lighttpd 1.4 is still alive :)
Especially for ssl users this release should be important: by setting
ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
you can mitigate BEAST attacks.
Also check your site with Qualys SSL Labs Server Test
Important changes
- [mod_auth] Fix signedness error in http_auth (CVE-2011-4362)
- ssl: disable client initiated renegotiations
- ssl: support mitigating BEAST attack
- fix connection stalls
Downloads
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.gz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.gz.asc
- SHA256: 59ae55b0ec427c328fa74d683e00eb1bc99bcc20cd184177875e9b6865de2b8b
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.bz2
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.bz2.asc
- SHA256: 0d795597e4666dbf6ffe44b4a42f388ddb44736ddfab0b1ac091e5bb35212c2d
- download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.xz
- GPG signature: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.tar.xz.asc
- SHA256: c237692366935b19ef8a6a600b2f3c9b259a9c3107271594c081a45902bd9c9b
- SHA256 checksums: download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.30.sha256sum
In the comments for 1.4.29 we were asked for a launchpad repository for ubuntu. This is not going to happen (launchpad sucks), but we have repositories for some dists on build.opensuse.org.
Checkout GetLighttpd, or server:http/lighttpd or home:stbuehler/lighttpd on build.opensuse.org.
Read more ...
- «
- 1
- 2
- ...
- 7
- »