Skip to content

lighttpd-release

ANNOUNCE: lighttpd 1.4.16

darix released a bug-fix release for 1.4.x

https://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it/

It contains fixes for crashing bugs discovered by over the last weeks and we encourage to upgrade from earlier releases to 1.4.16. Especially lighttpd-SA2007-03 should convince you to upgrade. It can crash all lighttpd 1.4.x releases. In 1.5.0 this is fixed as we replace the parser by a generated one and replacing the hand-crafted one in 1.4.x.

Please head over there for more information and comments.

RELEASE: lighttpd 1.4.13

Only 2 weeks after .12 hit the servers we have a new release cleaning up the issues that were introduced by it.

On the fix side we have:

  • fixed a seg-fault in the HTTP-Request splitting
  • fixed long-standing bug with Content-Length and HEAD requests
  • fixed a possible abort of a upload if xattr is enabled

New are

  • mod-magnet finally handles ‘require “lfs”’ without complaining
  • mod-magnet got light.stat() which uses the stat-cache
  • mod-webdav supports LOCK if compiled with --with-webdav-locks

Debian user have to compile their lua-support with:

  $ configure --with-lua=lua5.1 ...

as their lua-5.1 package isn’t called ‘lua’.

Enjoy this release and watch out for 1.5.0 on the horizon. :)

Download

RELEASE: lighttpd 1.4.12

I’m very proud to announce the release of 1.4.12.

After 8 pre-releases and several cross-compiles and test-runs no new bugs were found and you should have a solid and stable release in your hands.

Over the 1.4.11 was available for download (03/2006 - now) the number of lighty installations raised from 27 103 to 120 442 according to netcraft.com. That’s amazing. It was important for us to create a release is good enough to replace 1.4.11.

This release fixes several long-standing bugs like

  • SSL hangs with Opera (we added work-around for a bug in Opera)
  • a long list of fixes for SSL in general
  • added ssl.use-sslv2 and ssl.cipher-list for all who have to comply with PCI

and only added a 2 really new features:

  • (experimental) LOCK support for webdav
  • mod_magnet as long-term replacement for mod_cml

On mod_cml:

  • mod_cml is deprecated from now on
  • it will be removed in 1.5.0
  • mod_magnet provides the same functionality and more with a cleaner syntax and in a more generic form

Download:

  • lighttpd-1.4.12.tar.gz

https://download.lighttpd.net/lighttpd/releases-1.4.x/

MD5: 8f6756452138f5da384251f849b329f2

lighttpd 1.4.10 released

lighttpd 1.4.10 has been release and fixes the fastcgi and cgi problems of .9.

  • CGI should work again
  • fastcgi should not result in a crash under high load
  • load balancing in fastcgi should work as expected
  • broken digest request shouldn’t crash mod_auth

New is

fastcgi.map-extensions = ( ".php3" => ".php" )
fastcgi.server = ( ".php" => ... )

Links

lighttpd 1.4.1

Just a few minutes ago lighttpd 1.4.1 has been released, shortly after lighttpd 1.4.0 which had some user-visible problems.

1.4.1 fixes those bugs, stabilizes the SSL support on OpenBSD and finishes the WebDAV support in mod_webdav to Class 1 (all options except LOCK/UNLOCK).