Projects / lighttpd / Releases

All releases of lighttpd

  •  12 Mar 2014 12:13
Avatar

    Release Notes: This release fixes hostname validation (SQL injection, path traversals) and other bugs.

    •  20 Jan 2014 14:14
    Avatar

      Release Notes: This release fixes some security bugs (CVE-2013-4508, CVE-2013-4559, CVE-2013-4560) and contains other small fixes.

      •  27 Sep 2013 20:17
      Avatar

        Release Notes: 1.4.33 contains small bugfixes and some minor new features.

        •  21 Nov 2012 12:27
        Avatar

          Release Notes: This release fixes a DoS bug (CVE-2012-5533) and contains other small fixes.

          •  31 May 2012 15:48
          Avatar

            Release Notes: Many important changes. This release fixes a segfault (a crash on the first HTTPS request), disables mmap due to a possible crash if the file is truncated while reading, and more.

            •  18 Dec 2011 16:29
            Avatar

              Release Notes: This version fixes a signedness error in http_auth (CVE-2011-4362), disables client initiated renegotiations, supports mitigating BEAST attacks (both SSL), and fixes connection stalls.

              •  03 Jul 2011 16:28
              Avatar

                Release Notes: This release fixes a name conflict with OpenSSL, some cgi* bugs, should improve SSL support, and adds the "solaris-eventports" fdevent handler.

                •  22 Aug 2010 15:30
                Avatar

                  Release Notes: 1.4.27 introduced some serious bugs in the fdevent system; one resulted in segfaults with FreeBSD. This should be fixed now.

                  •  13 Aug 2010 11:00
                  Avatar

                    Release Notes: This release fixes SSL (SNI handling and SSL_CTX_set_options) and mod_cgi and mod_proxy (response handling). There is a new fdevent handler "libev" ("linux-rtsig" was removed). IPv6 sockets are now bound to IPv6 only in almost all cases ("dual-stack" is disabled).

                    •  07 Feb 2010 21:01
                    Avatar

                      Release Notes: There have been some important bugfixes (request parser handling for split header data, an fd leak in mod_cgi, a segfault with broken configs in mod_rewrite/mod_redirect, HUP detection, and an OOM/DoS vulnerability).

                      Screenshot

                      Project Spotlight

                      episoder

                      A tool to tell you about new episodes of your favourite TV shows.

                      Screenshot

                      Project Spotlight

                      BalanceNG

                      A modern software IP load balancer.