Project

General

Profile

Bug #9725

lighttpd: update to 1.4.52

Added by Steffen Nurpmeso 5 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Urgent
Assignee:
-
Category:
-
Target version:
Start date:
12/03/2018
Due date:
% Done:

100%

Estimated time:
Affected versions:
Security IDs:

Description

I got noticed today that my server fails to become contacted by several new browsers (thanks, Kimura-san)!
This was an interesting walk which finally lead to [1] and [2].
It can be reproduced by simply trying to connect with TLSv1.3 enabled curl(1).
I have compiled and installed 1.4.52 locally, and everything works fine with it.

I vote for disabling ldap, gamin and bzip2, at least (i also have no lua now).

Note that the kerberos configure switch is false, it has to be --without-krb5 instead!

[1] https://redmine.lighttpd.net/issues/2912
[2] https://github.com/openssl/openssl/issues/5721

Associated revisions

Revision e0054773 (diff)
Added by Andy Postnikov 4 months ago

main/lighttpd: upgrade to 1.4.52

fixes #9725

(cherry picked from commit 76f4b25ec96a95a78534b761f30ecfa79cfe70cc)

History

#1 Updated by Andy Postnikov 5 months ago

PR exists https://github.com/alpinelinux/aports/pull/5740
probably needs backport

#2 Updated by Natanael Copa 4 months ago

does this really affect alpine 3.8? we use libressl for v3.8 and not openssl.

#3 Updated by Andy Postnikov 4 months ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#4 Updated by Natanael Copa 4 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF