6 matches found
openSUSE Security Update : lighttpd (openSUSE-SU-2014:0072-1)
added cve-2013-4508.patch and cve-2013-4508-regression-bug729480.patch: bnc849059 When defining an ssl.cipher-list, it works for the 'default' HTTPS setup $SERVER'socket' 443 block, but when you utilize SNI $HTTP'host' blocks within the $SERVER'socket' block the ssl.cipher-list seems to not...
Medium: lighttpd
Issue Overview: Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures. lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, whi...
Fedora 20 : lighttpd-1.4.34-3.fc20 (2014-2495)
Enable building with PIE Latest upstream, multiple security fixes. http://www.lighttpd.net/2014/1/20/1-4-34/ Latest upstream, multiple security fixes. http://www.lighttpd.net/2014/1/20/1-4-34/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedor...
CVE-2013-4560
Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...
[SECURITY] [DSA 2795-1] lighttpd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2795-1] lighttpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2795-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 13, 2013 http://www.debian.org/security/faq -...