Package: lighttpd / 1.4.59-1
Patch seriesview the series file
|core 101 upgrade fails if Content Length.patch | (download)||
1 1 + 0 - 0 !
[patch] [core] 101 upgrade fails if content-length incl (fixes #3063) (thx daimh) commit 903024d7 in lighttpd 1.4.57 fixed issue #3046 but in the process broke HTTP/1.1 101 Switching Protocols which included Content-Length: 0 in the response headers. Content-Length response header is permitted by the RFCs, but not necessary with HTTP status 101 Switching Protocols. x-ref: "websocket proxy fails if 101 Switching Protocols from backend includes Content-Length" https://redmine.lighttpd.net/issues/3063
|mod_auth close HTTP 2 connection after bad pass.patch | (download)||
22 21 + 1 - 0 !
[patch] [mod_auth] close http/2 connection after bad pass mitigation slows down brute force password attacks x-ref: "Possible feature: authentication brute force hardening" https://redmine.lighttpd.net/boards/3/topics/8885