This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
SECURITY: lighttpd
- From: "Yaakov (Cygwin Ports)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 07 May 2007 23:01:36 -0500
- Subject: SECURITY: lighttpd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Two vulnerabilities have been discovered in Lighttpd, each allowing for
a Denial of Service.
Solution: upgrade to >= 1.4.14 (current is 1.4.9)
More information:
http://security.gentoo.org/glsa/glsa-200705-07.xml
http://bugs.gentoo.org/show_bug.cgi?id=174043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1870
Yaakov
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGP/YgpiWmPGlmQSMRCOI3AKCOjsZ0fLtQ1GnqAB+G4r+fUrt0swCfQmS0
5I5vf8ZmoC5s+ufh8pKEi5o=
=e02T
-----END PGP SIGNATURE-----