package: src:lighttpd severity: serious version: 1.4.28-2 tag: security lighttpd just released a security announcement: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt
This was assigned the following CVEs: SQL injection - use CVE-2014-2323. path traversal - use CVE-2014-2324. Best wishes, Mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
