* Updated: lighttpd-1.4.76
@ 2024-04-13 1:55 Glenn Strauss
0 siblings, 0 replies; only message in thread
From: Glenn Strauss @ 2024-04-13 1:55 UTC (permalink / raw)
To: cygwin-announce
Version 1.4.76-1 of "lighttpd" has been uploaded.
lighttpd is a secure, fast, modular web server with low resource usage
lighttpd 1.4.76:
* detect VU#421644 HTTP/2 CONTINUATION Flood
* issue trace and send GO_AWAY
* (lighttpd not vulnerable to attack)
* avoid CVE-2024-3094 xz supply chain attack
* use 'git archive' to replace 'make dist' to create release tarballs
* remove excess complexity (m4 and autotools) from release process
* now more easily verifiable that sources come from signed git release tag
Note:
This cygwin lighttpd-1.4.76-1 release requires >= cygwin-3.5.0 to take
advantage of new support for posix_spawn_file_actions_addfchdir_np().
As this support is optional, please contact me if this is a hardship
for those unable to upgrade to cygwin-3.5.0 and I can create a package
of lighttpd without this feature, whose use merely provides a marginal
performance improvement for starting CGI programs.
Source: https://git.lighttpd.net/lighttpd/lighttpd1.4.git/
News: https://www.lighttpd.net/
License: BSD 3-clause
https://git.lighttpd.net/lighttpd/lighttpd1.4/src/branch/master/COPYING
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-04-13 1:55 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-13 1:55 Updated: lighttpd-1.4.76 Glenn Strauss
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).