-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 13 Mar 2014 00:29:44 +0000 Source: lighttpd Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-webdav Architecture: source amd64 all Version: 1.4.33-1+nmu3 Distribution: unstable Urgency: high Maintainer: Debian lighttpd maintainers <pkg-lighttpd-maintainers@lists.alioth.debian.org> Changed-By: Michael Gilbert <mgilbert@debian.org> Description: lighttpd - fast webserver with minimal memory footprint lighttpd-doc - documentation for lighttpd lighttpd-mod-cml - cache meta language module for lighttpd lighttpd-mod-magnet - control the request handling module for lighttpd lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd lighttpd-mod-trigger-b4-dl - anti-deep-linking module for lighttpd lighttpd-mod-webdav - WebDAV module for lighttpd Closes: 741493 Changes: lighttpd (1.4.33-1+nmu3) unstable; urgency=high . * Non-maintainer upload by the Security Team (closes: #741493). * Fix cve-2014-2323: mod_mysql_vhost SQL injection. * Fix cve-2014-2334: traversal through paths involving "[...]". Checksums-Sha1: 084de4dbf78a27f6b418ec7e85cddeab6e467414 3396 lighttpd_1.4.33-1+nmu3.dsc ad837e956d686e090c2e7d5a1ac0c05ce12a5942 29300 lighttpd_1.4.33-1+nmu3.debian.tar.xz ee94bdb1d9ceca25a3e5d1397e51fd37a21ccce6 234332 lighttpd_1.4.33-1+nmu3_amd64.deb e9b57f1bd2783a3c13f4da3c54ac3fbd29f2d15f 60658 lighttpd-doc_1.4.33-1+nmu3_all.deb cecafc4bea7f8dfeed6fd67b3638f2bc90f61ad7 19210 lighttpd-mod-mysql-vhost_1.4.33-1+nmu3_amd64.deb 6fd8072b7203238a784bf5487c25e18a394a8691 20456 lighttpd-mod-trigger-b4-dl_1.4.33-1+nmu3_amd64.deb cda85e6e819a5612cd2db77c4449eaa120b7ce20 22946 lighttpd-mod-cml_1.4.33-1+nmu3_amd64.deb a272acbe051789ca32226a5e7a224c1941130d2d 23784 lighttpd-mod-magnet_1.4.33-1+nmu3_amd64.deb ad0e8ecab87786658d148ce972f589e39f07ec12 29224 lighttpd-mod-webdav_1.4.33-1+nmu3_amd64.deb Checksums-Sha256: 697b630c7a00c4b6e7b5d0fa1085394c4c7f3a4e87a0e3d8d6fc918a606d0950 3396 lighttpd_1.4.33-1+nmu3.dsc 1ef0ba4d3ec31a14e956a7d759ed4414228aee317d337a44a932016fc4620b8f 29300 lighttpd_1.4.33-1+nmu3.debian.tar.xz b88921c0e7ac9f5557fd0cddd0c33a8c6f8e3eb99c8fa727ab5c1cd7eaf57dc0 234332 lighttpd_1.4.33-1+nmu3_amd64.deb 8e9ce06f76b7566ae5ca2923c589687e3b724bcfca0dd95c320df1525d009605 60658 lighttpd-doc_1.4.33-1+nmu3_all.deb a88435d687f072d566d0a59739cd547d5bf9743f13c4b55f9ffff1bc68d00cc1 19210 lighttpd-mod-mysql-vhost_1.4.33-1+nmu3_amd64.deb ce1bbc904b4b2fc2fd7e54a6dab990251b007d7e25c15270e9bd1a4b726b362a 20456 lighttpd-mod-trigger-b4-dl_1.4.33-1+nmu3_amd64.deb 9646b8a76e237b951dd46bd20eb00d8c160e1154870894931e47e3c56b61cc18 22946 lighttpd-mod-cml_1.4.33-1+nmu3_amd64.deb 5221e84df733d06450902dfa6d69d324eb87e296bffd57f432960851375914ed 23784 lighttpd-mod-magnet_1.4.33-1+nmu3_amd64.deb 42514fcf635e50eaf191341e1542d0fbcbc0db862d864bbadfa6dc55072d5b68 29224 lighttpd-mod-webdav_1.4.33-1+nmu3_amd64.deb Files: cbefa19c46a409cab59c65bfaf70853c 3396 httpd optional lighttpd_1.4.33-1+nmu3.dsc c8667e73921f7f4020decb548e857b4e 29300 httpd optional lighttpd_1.4.33-1+nmu3.debian.tar.xz ab33c4610ec884908886ee84ecae3d52 234332 httpd optional lighttpd_1.4.33-1+nmu3_amd64.deb 76536d345e7779200882531fabe77d9e 60658 doc optional lighttpd-doc_1.4.33-1+nmu3_all.deb da1ccf0ff80594ad85490242b21936f2 19210 httpd optional lighttpd-mod-mysql-vhost_1.4.33-1+nmu3_amd64.deb c199ada5a689bc7ec1d808632e4b5548 20456 httpd optional lighttpd-mod-trigger-b4-dl_1.4.33-1+nmu3_amd64.deb f69cf0d989947d058e1a94e5dd23d9a1 22946 httpd optional lighttpd-mod-cml_1.4.33-1+nmu3_amd64.deb 6f985981132541e163c6c6b1bc88c36c 23784 httpd optional lighttpd-mod-magnet_1.4.33-1+nmu3_amd64.deb 29d20e5174281b664c3db091bc2c8df9 29224 httpd optional lighttpd-mod-webdav_1.4.33-1+nmu3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQQcBAEBCgAGBQJTIQqIAAoJELjWss0C1vRzN38gAL30NFxSNf+wClZqDo5y7iDA GnM0UuCY9Xb9gRAna2krSnaSz/tjaldDRIaJnCWvRVWlaL9J0TAFVGnYqRWjduDT VTeHEvUnLP08orZaMgxAdkIb5pc3BoHQ+7cUaWC0NiV9SAI7L1mjePApzASU43b3 IDKGJMF4+uxsgj+1zaIBcatHCV7F3g87deRlWtyUEwDYLH/Qmg5/WGtOEtYqHVxK jFEszKJyznzivmwPiaLs0xcfpvFa7Kx7Rf+KD4aNxB/1RLYzM9KwE17Sz0F0cRHA 8nIwns69Xam/NhdGevBmDMsvoE16yD+UEAdHZ2//Y4WgwYJoI7hkVgrRMyCi3+10 Lp7+N60Q7BDfozLi/fkbpzk9z4Vxecy+WmRtQmm8Uf90qamO+7Tx/qxFDc18G3lg aXXr7qQv8kC49dLuD23hkQZjTlrTlkP7VUi95KvhxfpyfkQbT4Iz2uRB9qjY0ZeL oiS7Qo9P7CDwO/Z6TKz8w0IcsW7F+kAOcKbH9e/84tRcreodK6c7RrLn4wWmYov7 nJqLX4cU3ctzilrcrrcubu4lLTU47FyyT19N0/782NQrvypGtSPNnL13J+nkseq6 CW4ZPQQas4yl8uoi8/iyBj641GRvfPATt2NFh5eObQJ4lIEMyChNHESXTvzyQQ3i 3X6to2icw71WEirwY5QwLSlqPj2J5CGs+QEgykJemWqrb3xiN4xEg6A2wr0x0+dW X/ldyUrIlMzpofadyfNa1W1hIUyPBSB71qqWoSjqkJb1ypTqj4o9cw++vgmVBWCd YnJGd/ge68tQO/eFTL4QypfZBadGQDR21aKfm6KUHsVmKeETnYylYt9eoU04srWl RrNqfmAmpL/0UP1WNU22hbrEh3OwoIYwgQSoQW8F08HcByOkBzhCUDQ5qzdv0zKi kr5Q/Zvh/wGyf4Kl5j56mBrpJ0EwBWG+vBd8qUwUigLrauaQMb5+GG8ZYg23RjO7 TZeAnSOF//S63n5IAICsw4UJ4SBIaeurUMlpTI4yETaxMcagqXuY4gIHGseOmmkL YcwpcdM1lc9ZmqOsH0UGBHK73O3FUMuYH2kakEeOi5OSR8n5jIbOnSQjJG4ltJR/ XhCLc/+ib+4i+gPpvswjKC+04f/TO7Y3ThpTm5vaPvtPzwFto8NlsN5hdENDQRm4 bhQqErxyqBkPBilHaf1RnXVJjM3yNJAf98H+K75fPMMK8xwRnHl2T1Id3nFpvoeP SUVt3z6DjxQZRZVYsYgIyDVEpwbBJYzrJ9VrfOUku2brACOrmM0jR24q/DVNIfFT /yLG0rzJc9fnzb7SGEL4JJ4wGyiH4Sh+OKT0wHYCAlnAcRHuN1B/O9M0mcnBdX0= =Ze0i -----END PGP SIGNATURE-----
