darix, our brave maintainer of the 1.4.x branch, just uploaded lighttpd-1.4.×.r1745

Please give it a test as we want to push out .14 in the next days.

ChangeLog:

• fix crash if gethostbyaddr() failed on redirect ¹⁷¹⁸
• properly handle 206 responses generated by *cgi scripts. (#755) ¹⁷¹⁶
• added HTTPS=on to the environment of cgi scripts (#861) ¹⁶⁸⁴
• fix handling of 303 (#1045) ¹⁶⁷⁸
• made the configure check for lua more portable ¹⁶⁷⁷
• added mod_extforward module ¹⁶⁶⁵
• references to the fam stat cache engine should be conditional (#1039) ¹⁶⁶⁴
• fix http 500 errors (colin.stephen/at/o2.com) #1041 ¹⁶⁶³
• prevent wrong pidfile unlinking on graceful restart (Chris Webb) ¹⁶⁵⁶
• ignore empty packets from STDERR stream. #998
• fix a crash for files with an mtime of 0 reported by cubiq on irc ¹⁵¹⁹
• allow empty passwords with ldap (Jörg Sonnenberger) ¹⁵¹⁶
• mod_scgi.c segfault fix #964 ¹⁵⁰¹
• Added round-robin support to mod_fastcgi ¹⁵⁰⁰
• Handle DragonFlyBSD the same way as Freebsd (Jörg Sonnenberger) [1492,1676]
• added now and weeks support to mod_expire. #943
• fix cpu hog in certain requests ¹⁴⁷³
• fix for handling hostnames with trailing dot ¹⁴⁰⁶
• fixed header-injection via server.tag (#1106)
• disabled caching of files without a content-type to solve the
  aggressive caching of FF
• remove trailing white-spaces from HTTP-requests before parsing (#1098)
• fixed accesslog.use-syslog in a conditional and the caching of the
  accesslog for files (fixes #1064)
• fixed various crashes at startup on broken accesslog.format strings (#1000)
• fixed handling of %% in accesslog.format
• fixed conditional dir-listing.exclude (#930)
• reduced default PATH_MAX to 255 (#826)
• ECONNABORTED is not known on cygwin (#863)
• fixed crash on url.redirect and url.rewrite if %0 is used in a global context
  (#800)
• fixed possible crash in debug-message in mod_extforward
• fixed compilation of mod_extforward on glibc < 2.3.4