-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 18 Dec 2011 20:37:18 +0100 Source: lighttpd Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-webdav Architecture: kfreebsd-i386 Version: 1.4.28-2+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: kfreebsd-i386 Build Daemon (field) Changed-By: Arno Töll Description: lighttpd - A fast webserver with minimal memory footprint lighttpd-doc - Documentation for lighttpd lighttpd-mod-cml - Cache meta language module for lighttpd lighttpd-mod-magnet - Control the request handling module for lighttpd lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd lighttpd-mod-webdav - WebDAV module for lighttpd Changes: lighttpd (1.4.28-2+squeeze1) stable-security; urgency=high . * Backport security issues from 1.4.30: + Fix integer overflow (CVE-2011-4362) + Fix attack vector as disclosed by the SSL BEAST attack (related: CVE-2011-3389). Note: If you are upgrading from an older version you need to change your configuration to mitigate effects of the attack. See the corresponding NEWS file for details. Checksums-Sha1: 300fcbaf81da2ec65ab5687e2f0d39de7370ab24 272648 lighttpd_1.4.28-2+squeeze1_kfreebsd-i386.deb 00b46b5f56cb48fae7f5e834339aa5c4f5ff6b44 18022 lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_kfreebsd-i386.deb 047784d206e340880f010a855d08e3fa6cfbb37b 19090 lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_kfreebsd-i386.deb fc5031590d373813546b5ea6f5a4e0c1409b8ab0 21808 lighttpd-mod-cml_1.4.28-2+squeeze1_kfreebsd-i386.deb 297a3ef3636ab21f1ff3331ce2e8a1ba3c7f0948 23598 lighttpd-mod-magnet_1.4.28-2+squeeze1_kfreebsd-i386.deb 48bb1623f5bfa083030a39e1c169dd2239a3c2b2 30152 lighttpd-mod-webdav_1.4.28-2+squeeze1_kfreebsd-i386.deb Checksums-Sha256: afe541b49e9e19d33a1187d761b1e3f858d9ca49cb0f036a01f59bc2001363ca 272648 lighttpd_1.4.28-2+squeeze1_kfreebsd-i386.deb b7f77b08c70d8834ca643700ed9cad400405b4b23ce114b56766dd2d5f746c0a 18022 lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_kfreebsd-i386.deb 878bf980683b859391b5c59bf78b2f3e4ceff8bfa75030069b46c7711c14beb9 19090 lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_kfreebsd-i386.deb 60336aef5e647afbc3549406c8e83924b9a838a114a7869761fc7554b3faaa8e 21808 lighttpd-mod-cml_1.4.28-2+squeeze1_kfreebsd-i386.deb 2145f08006df4e331d915b68492dc3859c4ad6dd2d50a978c59d63f833785ca2 23598 lighttpd-mod-magnet_1.4.28-2+squeeze1_kfreebsd-i386.deb 215e6d8b46a7fcdb7d18cdc1716d426805031e1f3afd8efdff67e8821475c9eb 30152 lighttpd-mod-webdav_1.4.28-2+squeeze1_kfreebsd-i386.deb Files: 0dfa38db2593dee88151d7a16f112cbf 272648 httpd optional lighttpd_1.4.28-2+squeeze1_kfreebsd-i386.deb 0c9dd0cd009853ec30867ded9eade0d6 18022 httpd optional lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_kfreebsd-i386.deb 4225571a83ce6ca7f121bedbaa6f233b 19090 httpd optional lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_kfreebsd-i386.deb 64852e1c1102094419465d972abdc598 21808 httpd optional lighttpd-mod-cml_1.4.28-2+squeeze1_kfreebsd-i386.deb 7dd6558c1bcc19075ce246e4d1e84327 23598 httpd optional lighttpd-mod-magnet_1.4.28-2+squeeze1_kfreebsd-i386.deb a673a03643f9d5c8f617752ec17ce024 30152 httpd optional lighttpd-mod-webdav_1.4.28-2+squeeze1_kfreebsd-i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/kFreeBSD) iQIcBAEBAgAGBQJO8XMsAAoJEEzv3ERlujMcTC8P/RmLhQioMefufSmZajjj1WuF Z8RwwX7rKAKE4B/bdZLhvF6iwe6QWMBd2T3uizA51C9dwYLSiw3VLM7BCOJ4yrM5 bCY13cNpu9M6QjFV0Tnt6/a2Y30D0/vbKw7TSiPS2/Js5yB9n466Rf6WJUMJdA3m PcvaTav8ZYxY7kzxVehVDu1oXe+Mti7Phuro5ujZ4N6XgMce5vEFAq5VBCxTB9p1 JxxHNwKSYYG6/rdivSrcs6OHIDTwJVMbKOq0jGyKzBSAir/Cf8pFa/sPWByuqxCO YOGu7nTw4ZZFzmwcHbJD3krtKkhJcjD/1uq3vB86RcTCgyhxTSXbQNLC+ZQotdBg EWqeS0wSyrZh754ENBhGh70Y4wt+D8EJNrX5wWEgxEnNJJFfM0Rf6hWslAt8Rdne 5Z+3B/xtsMu6HbyUuU0UenO795lp8tT7QBZXzABu+CsIljTRyALz7ARLqbJOOKfy hT8Ps3nNvMQl1gCXkEBuKxgWXWo2Jb3wdla1uLabTxknWwUVD8IAw8+Sh5dwSqud F8Tr3VosQflvfr/uig/E2ZvWwWhZ+z95UwAkcHfHlh1zfj1dKcU1m8+DNtfiCir6 8RqdWUajLDZVCApongDLuavY2v/s5K1ywcSdDMACaXYK/fiBKXcakddHOWKapDEv TQY8kz/poZ/4gJMc5udE =mL0h -----END PGP SIGNATURE-----