JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

lighttpd: bump 1.4.34 -> 1.4.35 (security fixes)

Browse Source 
From http://www.lighttpd.net/:

  Important changes
  -----------------
  This release contains a lot of bug fixes, many detected by scan.coverity.com
  (and more to come). The main reason for the release is a fix for an SQL
  injection (and path traversal) bug triggered by specially crafted (and
  invalid) Host: headers.

  Security fixes
  --------------
  http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt (no CVE yet)

NOTE: We (nixpkgs) currently don't build the mod_mysql_vhost module mentioned
above.
This commit is contained in:
Bjørn Forsman 2014-03-12 22:49:20 +01:00
parent 059e8e179b
commit 37ad2a7d28
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkgs/servers/http/lighttpd/default.nix
View File

@ -5,11 +5,11 @@
assert enableMagnet -> lua5 != null; assert enableMagnet -> lua5 != null;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "lighttpd-1.4.34"; name = "lighttpd-1.4.35";
src = fetchurl { src = fetchurl {
url = "http://download.lighttpd.net/lighttpd/releases-1.4.x/${name}.tar.xz"; url = "http://download.lighttpd.net/lighttpd/releases-1.4.x/${name}.tar.xz";
sha256 = "1dzgz3gkfyn97s4dm896yjanlhqzzsz38dhjdgla06xgynca1hdl"; sha256 = "18rh7xyx69xbwl20znnjma1dq5fay0ygjjvpn3gaa7dxrir9nghi";
}; };
buildInputs = [ pkgconfig pcre libxml2 zlib attr bzip2 which file openssl ] buildInputs = [ pkgconfig pcre libxml2 zlib attr bzip2 which file openssl ]