Package: lighttpd / 1.4.59-1~bpo10+1
Metadata
Package | Version | Patches format |
---|---|---|
lighttpd | 1.4.59-1~bpo10+1 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
core 101 upgrade fails if Content Length.patch | (download) |
src/http-header-glue.c |
1 1 + 0 - 0 ! |
[patch] [core] 101 upgrade fails if content-length incl (fixes #3063) (thx daimh) commit 903024d7 in lighttpd 1.4.57 fixed issue #3046 but in the process broke HTTP/1.1 101 Switching Protocols which included Content-Length: 0 in the response headers. Content-Length response header is permitted by the RFCs, but not necessary with HTTP status 101 Switching Protocols. x-ref: "websocket proxy fails if 101 Switching Protocols from backend includes Content-Length" https://redmine.lighttpd.net/issues/3063 |
mod_auth close HTTP 2 connection after bad pass.patch | (download) |
src/connections.c |
22 21 + 1 - 0 ! |
[patch] [mod_auth] close http/2 connection after bad pass mitigation slows down brute force password attacks x-ref: "Possible feature: authentication brute force hardening" https://redmine.lighttpd.net/boards/3/topics/8885 |
1