Nico Golde wrote:
Hi,
I can confirm this the lighttpd developers are right.
The vulnerable code is still present in -etch3.
Kind regards
Nico
Minimal patch included, I'll test it.
I wonder if we can just use mod_fastcgi.c from unstable, additional
changes (after this minimal patch) are very sm
Hi,
I can confirm this the lighttpd developers are right.
The vulnerable code is still present in -etch3.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpAgq5viceIk.pgp
Description
I talked to the lighttpd developers on #lighttpd and they say it doesn't
look fixed in -etch3.
The other bug only lists a fix for unstable.
So the fix for stable is still todo.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
3 matches
Mail list logo
