lighttpd :: Security alert |
[ Thread Index |
Date Index
| More lists.tuxfamily.org/slitaz Archives
]
- To: slitaz@xxxxxxxxxxxxxxxxxxx
- Subject: lighttpd :: Security alert
- From: jacques <jacques@xxxxxxxxxxxxxx>
- Date: Wed, 16 Jul 2008 23:35:02 +0200
- Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEVmdYjh4uPq6uqYprjv 7+8rLC4DAgMBtArpAAAB50lEQVQ4jXWUzXLjIAzHRV1yhpDsuWDvHZvkAeLkAZzxkLNnOub9H6GS MHbd3eoE+s0ffSAA94vBumpc/3/gnNZ6owvArQ4AVXv8qbDGg4xxqPQeWAMgrs9zjONxB9APl/O7 ijFWJ0qEQeOsDx4uPqAizi1nkBWmQtAJRYpXPoxAbwOa756eQJSiLzFUR0eFUXr0j39YQuAWvPGV l5HtTcZuAaatzIeHypwCVlK//RVLcGUEKGiNPz1MfN7EdbQMbNBKSGECgocaZFXJI4GmBnE3owkM +sNkjWwZGCpahAwe6vMmk+CjFHYVTAG3KFMaGXjsU7WCxyGlNB0RWCAQVnDeAVFA7z4QzATqCCBD Ac7VLwTdv8DeCbQM4gDshyOOgzYMenCGOpcVnnM4bIoYOZ87y2CLsQFKcAWWwAX9fe1DAZhuw+Ad gbt7VpQ67AHBk0rLQJbKG7rSiSqoGVCvPrmJ1xmH6dIXgCHSM7c9zXMaH1iaX0Is92Fe8ytNndWq hMBs+c5JnAatlV8EUx4fe6XNTFOaI1CIPD6JyQA++7FTy8DxFh0xL6YyovmszcQ67UWSNkGe9p1k Ft+eWi03MG5vsOmdWg8bdo+zsV4uObenn+8c6F7WZ/7ty9A6BL1+DLu/ZGe/gi8oONbRVa3WUgAA AABJRU5ErkJggg==
Hi there,
%%%%
Debian Security Advisory DSA-1609-1 security@xxxxxxxxxx
http://www.debian.org/security/ Steve Kemp
July 15, 2008 http://www.debian.org/security/faq
-----------------------------------------------------------------------
Package : lighttpd
[...]
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not
properly calculate the size of a file descriptor array, which allows
remote attackers to cause a denial of service (crash) via a large number
of connections, which triggers an out-of-bounds access.
%%%%
Is slitaz affected ?
Regards,
Jacques
---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/