BSD Commit Log Search

lighttpd: Update to 1.4.78

lighttpd: Update to 1.4.78

Update to 1.4.62. From the changelog:

- support pcre2; HTTP Digest auth userhash; bugfixes

pkgsrc changes:

- switch to pcre2

Fix VARBASE subst in lighttpd.conf.

Update to 1.4.56. From the changelog:

# Highlights

- HTTP/2 support
  - must be enabled in lighttpd.conf in lighttpd 1.4.56;
    may be enabled by default in a future release
  - `server.feature-flags += ("server.h2proto" => "enable", "server.h2c" => "enable")`
- TLS library options: OpenSSL, mbedTLS, wolfSSL, GnuTLS, NSS
  - mod_openssl (existing)
  - mod_mbedtls (experimental)
  - mod_wolfssl (experimental)
  - mod_gnutls (experimental)
  - mod_nss (experimental)
- TLS OCSP stapling
  (except mbedTLS; not currently supported by mbedTLS)
- TLS session ticket key rotation control
  (except NSS; API limitation in NSS)
- mod_deflate brotli support

    [62 lines not shown]

lighttpd: Update to 1.4.54.

pkgsrc changes:

Replace use of legacy GeoIP library with libmaxminddb.
Uses a different module.

Changes:

Highlights
behavior change: strict URL parsing and normalization (configurable)
behavior change: mod_webdav now rejects partial PUT (configurable)
mod_auth: HTTP Auth Digest algorithm=SHA-256
mod_webdav: major rewrite: robustness, performance, RFC compliance
mod_maxminddb: new; obsoletes discontinued mod_geoip

Changes from 1.4.53
[mod_evhost] handle IPv6 literal addr; add tests
[core] separate server_main_loop() func, mark hot

    [145 lines not shown]

Replace hardcoded paths with variables

Update to 1.4.37
----------------
- 1.4.37
  * [mod_proxy] remove debug log line from error log (fixes #2659)
  * [mod_dirlisting] fix dir-listing.set-footer not showing
  * fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
  * increase upload temporary chunk file size from 1MB to 16MB
  * fix undefined integer shift
  * rewrite network sendfile/mmap/writev/write backends
  * fix some unchecked return value warnings
  * [kqueue] fix kevent call
  * [autoconf] define HAVE_CRYPT when crypt() is present
  * [bsd xattr] fix compile break with BSD extended attributes in stat_cache
  * [mod_cgi] rewrite mmap and generic (post body) send error handling
  * [mmap] fix mmap alignment
  * [plugins] when modules are linked statically still only load the modules given in the config
  * [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
  * fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)

Changes 1.4.34:
* [mod_auth] explicitly link ssl for SHA1 (fixes 2517)
* [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes 2515, thx mm)
* [ssl] fix SNI handling; only use key+cert from SNI specific config (fixes 2525, CVE-2013-4508)
* [doc] update ssl.cipher-list recommendation
* [stat-cache] FAM: fix use after free (CVE-2013-4560)
* [stat-cache] fix FAM cleanup/fdevent handling
* [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
* [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
* maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
* [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes 2526)
* [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes 2533)
* [mod_mysql_vhost] fix memory leak on config init (2530)
* [mod_webdav] fix fd leak found with parfait (fixes 2530, thx kukackajiri)

Update www/lighttpd to 1.4.31.

Changes from 1.4.30
- [ssl] fix segfault in counting renegotiations for openssl versions
  without TLSEXT/SNI (thx carpii for reporting)
- Move fdevent subsystem includes to implementation files to reduce
  conflicts (fixes #2373)
- [mod_compress] fix handling if etags are disabled but cache-dir
  is set - may lead to double response
- disable mmap by default (fixes #2391)
- buffer_caseless_compare: always convert letters to lowercase to get
  transitive results, fixing array lookups (fixes #2405)
- Fix handling of empty header list entries in http_request_split_value,
  fixing invalid read in valgrind (fixes #2413)
- Fix access log escaping of " and \\ (fixes #1551)
- [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649,
  RFC 2617) (fixes #2410)
- [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific
  workaround, add fastcgi test case (fixes #889)

    [25 lines not shown]