lighttpd :: Security alert

[ Thread Index | Date Index ]


Hi there,


 %%%%
Debian Security Advisory DSA-1609-1                  security@xxxxxxxxxx
http://www.debian.org/security/                               Steve Kemp
July 15, 2008                         http://www.debian.org/security/faq

-----------------------------------------------------------------------

Package        : lighttpd

[...]
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not
properly calculate the size of a file descriptor array, which allows
remote attackers to cause a denial of service (crash) via a large number
of connections, which triggers an out-of-bounds access.

 %%%%

Is slitaz affected ?

Regards,
             Jacques



---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/


Mail converted by MHonArc 2.6.18 http://listengine.tuxfamily.org/