Olaf van der Spek <[EMAIL PROTECTED]> (11/06/2007): > 1.4.15 is vulnerable too.
Hi, I'm unable to reproduce this, but FWIW, it looks like upstream has fixed this problem, see [1]. The patch on src/request.c applies cleanly on 1.4.15-1. 1. http://trac.lighttpd.net/trac/ticket/1232 Cheers, -- Cyril Brulebois
pgpi32EIcEuho.pgp
Description: PGP signature
