lighttpd 1.4.26 正式版发布 - 中国龙

来源: OSCHINA
编辑: 红薯
2010-02-08

该版本包含一些重要的bug修复,包括用于处理请求header数据的分割问题、mod_cgi 模块的文件描述符泄露问题、mod_redirect和mod_rewrite模块配置的段错误问题、HUP检测和OOM/DoS漏洞等。

下载

Changes from 1.4.25

  • Fix request parser to handle packets with splitted \r\n\r\n (fixes #2105)
  • Remove dependency on automake >= 1.11 with m4_ifdef check
  • mod_accesslog: support %e (fixes #2113, thx presbrey)
  • Fix mod_cgi cgi.execute-x-only option in global block
  • mod_fastcgi: x-sendfile2 parse error debugging
  • Fix mod_proxy dead host detection if connect() fails
  • Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures, found by Rodrigo, fixes #2158, #2159)
  • Fix segfault with broken rewrite/redirect patterns (fixes #2140, found by crypt)
  • Append to previous buffer in con read, fix DoS/OOM vulnerability (fixes #2147, found by liming, CVE-2010-0295)
  • Fix HUP detection in close-state if event-backend doesn’t support FDEVENT_HUP (like select or poll on FreeBSD)

原文请看:http://www.lighttpd.net/2010/2/7/1-4-26-chinese-dragon

展开阅读全文
0 收藏
分享
加载中
更多评论
0 评论
0 收藏
分享
返回顶部
顶部