lighttpd: bump 1.4.34 -> 1.4.35 (security fixes)

From http://www.lighttpd.net/: Important changes ----------------- This release contains a lot of bug fixes, many detected by scan.coverity.com (and more to come). The main reason for the release is a fix for an SQL injection (and path traversal) bug triggered by specially crafted (and invalid) Host: headers. Security fixes -------------- http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt (no CVE yet) NOTE: We (nixpkgs) currently don't build the mod_mysql_vhost module mentioned above.
2014-03-12 22:49:20 +01:00 · 2014-03-12 22:49:20 +01:00 · 37ad2a7d28
commit 37ad2a7d28
parent 059e8e179b
1 changed files with 2 additions and 2 deletions
--- a/pkgs/servers/http/lighttpd/default.nix
+++ b/pkgs/servers/http/lighttpd/default.nix
@ -5,11 +5,11 @@
 assert enableMagnet -> lua5 != null;

 stdenv.mkDerivation rec {
-  name = "lighttpd-1.4.34";
+  name = "lighttpd-1.4.35";

  src = fetchurl {
    url = "http://download.lighttpd.net/lighttpd/releases-1.4.x/${name}.tar.xz";
-    sha256 = "1dzgz3gkfyn97s4dm896yjanlhqzzsz38dhjdgla06xgynca1hdl";
+    sha256 = "18rh7xyx69xbwl20znnjma1dq5fay0ygjjvpn3gaa7dxrir9nghi";
  };

  buildInputs = [ pkgconfig pcre libxml2 zlib attr bzip2 which file openssl ]