AnNyung Official Homepage Home > Update [ 1.3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



lighttpd 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1224593996
업데이트 : 2008.10.21


상세내용

업데이트 사항

- update 1.4.20
  security fix

  lighttpd_sa_2008_04.txt (CVE-2008-1531)
  lighttpd_sa_2008_05.txt
  lighttpd_sa_2008_06.txt
  lighttpd_sa_2008_07.txt

- 1.4.20 official bug fixed
  bug #1066: Now really fix mod auth ldap
  bug #1757: Fix base64 decoding in mod_auth
  bug #653: Fix mod_cgi segfault when bound to unix domain socket
  bug #1777: Fix leaving zombie process with include_shell
  bug #1159: Try to convert string options to shorts for numeric options
             in config file; allows to use env-vars for numeric options
  bug #709: Do not cache default vhost in mod_simple_vhost
  bug #963: Fix fastcgi authorization in subdirectories with
            check-local=disabled; don't split pathinfo for authorizer
  bug #960: Fix duplicate connection keep-alive/transfer-encoding headers
  bug #1715: fix for round-robin in mod_proxy (forgot to increment the index)
  bug #1793: fix for WebDAV MOVE doesn’t work when Destination contains
             login information
  bug #1320: check return value of calloc in mod_simple_vhost.c
  bug #1552: should match for complete mime-type and the part before ';'
  bug #1713: mod_ssi PRINTENV does not print environment variables

- changed NIS authorization to mod_auth_nis from based mod_auth
  server.modules = ( ..., "mod_auth_nis" )
  nis.domain = "NIS-DOMAIN"
  nis.usermap = "passswd.byname" (default value)
  nis.require = (
      "" => (
          "realm" => "NIS auth",
          "require" => "valid-user"
      )
  )
 
  nis.require 의 realm/require 옵션은 mod_auth 의 동작/설정이 동일 합니다. 단,
  method 는 nis 에서 지원하지 않으며, 무조건 basic 으로 동작 합니다.

- update mod_url 1.5 reviesion
  bug #305141: wrong declear return variable of iconv return
  bug #305132: fixed memory leak

- dir-listing.urlencode 옵션 추가
  기본적으로 lighttpd의 dir-listing 모듈이 ASCII 의 문자 이외에는 무조건 urlencoding
  하는 문제를 이 옵션으로 하지 않도록 할 수 있음. 기본값은 기본 동작과 동일하게 enable
  이며, urlencoding 을 하지 않게 하려면 disable 로 값을 설정 하면 됩니다.

Autoupdates 지원 : Pakcages System 이용
  pkgadd -F lighttpd


update 패키지

  RPMS :

    . lighttpd-1.4.20-1.i686.rpm

  SRPMS :

    . lighttpd-1.4.20-1.src.rpm


참고 :
http://www.lighttpd.net/security/lighttpd_sa_2008_04.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531
http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt
http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt
http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt


    

 Home > Update [ 1.3 ]
Copyright 2013 OOPS Development Organization 
LAST MODIFIED: 2013/02/16