-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 18 Dec 2011 20:37:18 +0100 Source: lighttpd Binary: lighttpd lighttpd-doc lighttpd-mod-mysql-vhost lighttpd-mod-trigger-b4-dl lighttpd-mod-cml lighttpd-mod-magnet lighttpd-mod-webdav Architecture: sparc Version: 1.4.28-2+squeeze1 Distribution: squeeze-security Urgency: high Maintainer: sparc Build Daemon (spontini) Changed-By: Arno Töll Description: lighttpd - A fast webserver with minimal memory footprint lighttpd-doc - Documentation for lighttpd lighttpd-mod-cml - Cache meta language module for lighttpd lighttpd-mod-magnet - Control the request handling module for lighttpd lighttpd-mod-mysql-vhost - MySQL-based virtual host configuration for lighttpd lighttpd-mod-trigger-b4-dl - Anti-deep-linking module for lighttpd lighttpd-mod-webdav - WebDAV module for lighttpd Changes: lighttpd (1.4.28-2+squeeze1) stable-security; urgency=high . * Backport security issues from 1.4.30: + Fix integer overflow (CVE-2011-4362) + Fix attack vector as disclosed by the SSL BEAST attack (related: CVE-2011-3389). Note: If you are upgrading from an older version you need to change your configuration to mitigate effects of the attack. See the corresponding NEWS file for details. Checksums-Sha1: 66efaf891a3af39a3389a6557040086e1b9f2568 282432 lighttpd_1.4.28-2+squeeze1_sparc.deb 6ba96c81c2b7ea9a9889d9f26adf40a09c62527e 17946 lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_sparc.deb e3c791bcf7f94638fa3ff83b52999a7391cc43bb 19652 lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_sparc.deb 61719cb7077122f942890abf6bbba1875153b20d 22502 lighttpd-mod-cml_1.4.28-2+squeeze1_sparc.deb 324e4dc4f353ad68cc4f6538c1641d9e12129bea 23428 lighttpd-mod-magnet_1.4.28-2+squeeze1_sparc.deb ead49299238214f29c452f76e86b75b6eff9a46b 30454 lighttpd-mod-webdav_1.4.28-2+squeeze1_sparc.deb Checksums-Sha256: a7b72395a905cb56b06d206c88713aab967910d0d1ac9d0bc69dcf2906bfe99a 282432 lighttpd_1.4.28-2+squeeze1_sparc.deb 1f308779cc8ac634c17a8985be952cf7bc8555ad192d36cc6d2aad9d47bb2b4b 17946 lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_sparc.deb 86b8fd8bef53d17a427736d2c4ae26764cc6d6beb05ad25a7e6bf9192e947555 19652 lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_sparc.deb b105df5938a3e8e73c17e751339ceed6fb4b8722b285cf88400a274ed0885cff 22502 lighttpd-mod-cml_1.4.28-2+squeeze1_sparc.deb 73def32a00f78d3bda8e47693870741a96b15506c781a635f69b37288fd57dfd 23428 lighttpd-mod-magnet_1.4.28-2+squeeze1_sparc.deb 09d50e2b971125a163a45292f69bc7cfe82dc1ce0c8145a6ac930638b4252c56 30454 lighttpd-mod-webdav_1.4.28-2+squeeze1_sparc.deb Files: c18c0f5e023891c899e2717ca8b3e149 282432 httpd optional lighttpd_1.4.28-2+squeeze1_sparc.deb 7a6ec7d727ae0739daf29f1568e4400c 17946 httpd optional lighttpd-mod-mysql-vhost_1.4.28-2+squeeze1_sparc.deb 8687c3a0247b9e87baa5406ca4dd0dbb 19652 httpd optional lighttpd-mod-trigger-b4-dl_1.4.28-2+squeeze1_sparc.deb e5c69ac04c1c1bf1cbbc0623ef34ae31 22502 httpd optional lighttpd-mod-cml_1.4.28-2+squeeze1_sparc.deb 53fad86cc6f7a2ec1e38d1866fac0ceb 23428 httpd optional lighttpd-mod-magnet_1.4.28-2+squeeze1_sparc.deb 816d3b6c4596e6524ba4fabf26e29fd6 30454 httpd optional lighttpd-mod-webdav_1.4.28-2+squeeze1_sparc.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJO8QIsAAoJEErIoNUNTAQMKxEP/i+9r+bkC7oa3lil53R7dRVK n2+6tBwSP5//lt8T8Tun6Iz/VXgLYrsAcjoZg/F0xhS1iyfORDvxaH4n99ARSqv7 Q9u2y/t0MBtiDsxzX+/PtVBAPfF8+g3BlEOIdziTAAyFrfY0cf482cFH4KbAuTol hE0NoZC7oE9hHmTznLEGcCKQn6M37To7dT87IV3uGW5yZ/uLisLo5FToyof52klj qhUxMR6QVsYdWuAMMif0Aq4jE71XfKzq0rK9ilSyIX2a1juEV47MY4ET05rXg2OX isBiSJVLHyxRRa08IOGW9a1qwuxjw0PzvF2Fs3hOt60n0zk2lPq/IXvw204M7l26 tU2BJJFxefuY5yMiUmw2+i+TWfcWs3/16Ebzq4fUrf3qFTqBRjtE4vGbKsAKirvd 7cahcO2FhpOb8e2gwOLDJ6bqLzB5HByXzDv8mFapBVjRW1K67dnzdwnrs/qZqo8g gfd4J4xP664eWt4dTJu/KfejHLYKn5lwjgY23wwOShfSfyp9I0doZxEU1QsTg8ee q2nZTGnT0hc/4qsy6IK1XTRUKzJQtqzBN+j1Vn0+9a53CUZbxIXW0y1XtXAYaGQ+ RCqkAn7m0Ftob7v3zXEFJP2sFF+SG1YU5l67yORjKyzm4s7Vk0Os8kEu+set0nnj 3O+foj0RYPX4mHG82j9V =rXkX -----END PGP SIGNATURE-----