Package: bogohttpd Version: 20111118-1 A new version of bogohttpd has been released on 2016-04-15 that fixes two vulnerabilities (from website):
*snip* please note that bozohttpd versions prior to 20160415 have a flaw in the handling of CGI in some cases, if the -C option has been used to setup a CGI handler. please update to 20160415 or newer as soon as possible. please note that bozohttpd versions prior to 20140708 have a flaw in the handling of basic HTTP authentication (aka ".htaccess") and it is possible to bypass the authentication. please update to 20140708 or newer as soon as possible. *snip* Please update the repositories to the new version. I'd like to test this out (first on an AMD64 setup, then on the ARM6-based Raspberry Pi Zero through your downstream offshoot Raspbian). -- Kelly "STrRedWolf" Price http://redwolf.ws
