lighttpd_1.4.35-4+deb8u1_amd64.deb


Advertisement

Description

lighttpd - fast webserver with minimal memory footprint

Distribution: Debian 8 (Jessie)
Repository: Debian Main amd64
Package name: lighttpd
Package version: 1.4.35
Package release: 4+deb8u1
Package architecture: amd64
Package type: deb
Installed size: 895 B
Download size: 239.31 KB
Official Mirror: ftp.br.debian.org
lighttpd is a small webserver and fast webserver developed with security in mind and a lot of features. It has support for * CGI, FastCGI and SSI * virtual hosts * URL rewriting * authentication (plain files, htpasswd, LDAP) * transparent content compression * conditional configuration * HTTP proxying and configuration is straight-forward and easy.

Alternatives

Provides

  • httpd
  • httpd-cgi

    Download

    Source package: lighttpd

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install lighttpd deb package:
      # sudo apt-get install lighttpd

    Files

    • /etc/cron.daily/lighttpd
    • /etc/init.d/lighttpd
    • /etc/lighttpd/lighttpd.conf
    • /etc/lighttpd/conf-available/05-auth.conf
    • /etc/lighttpd/conf-available/10-accesslog.conf
    • /etc/lighttpd/conf-available/10-cgi.conf
    • /etc/lighttpd/conf-available/10-dir-listing.conf
    • /etc/lighttpd/conf-available/10-evasive.conf
    • /etc/lighttpd/conf-available/10-evhost.conf
    • /etc/lighttpd/conf-available/10-expire.conf
    • /etc/lighttpd/conf-available/10-fastcgi.conf
    • /etc/lighttpd/conf-available/10-flv-streaming.conf
    • /etc/lighttpd/conf-available/10-no-www.conf
    • /etc/lighttpd/conf-available/10-proxy.conf
    • /etc/lighttpd/conf-available/10-rrdtool.conf
    • /etc/lighttpd/conf-available/10-simple-vhost.conf
    • /etc/lighttpd/conf-available/10-ssi.conf
    • /etc/lighttpd/conf-available/10-ssl.conf
    • /etc/lighttpd/conf-available/10-status.conf
    • /etc/lighttpd/conf-available/10-userdir.conf
    • /etc/lighttpd/conf-available/10-usertrack.conf
    • /etc/lighttpd/conf-available/11-extforward.conf
    • /etc/lighttpd/conf-available/15-fastcgi-php.conf
    • /etc/lighttpd/conf-available/90-debian-doc.conf
    • /etc/lighttpd/conf-available/README
    • /etc/logrotate.d/lighttpd
    • /lib/systemd/system/lighttpd.service
    • /usr/lib/lighttpd/mod_access.so
    • /usr/lib/lighttpd/mod_accesslog.so
    • /usr/lib/lighttpd/mod_alias.so
    • /usr/lib/lighttpd/mod_auth.so
    • /usr/lib/lighttpd/mod_cgi.so
    • /usr/lib/lighttpd/mod_compress.so
    • /usr/lib/lighttpd/mod_dirlisting.so
    • /usr/lib/lighttpd/mod_evasive.so
    • /usr/lib/lighttpd/mod_evhost.so
    • /usr/lib/lighttpd/mod_expire.so
    • /usr/lib/lighttpd/mod_extforward.so
    • /usr/lib/lighttpd/mod_fastcgi.so
    • /usr/lib/lighttpd/mod_flv_streaming.so
    • /usr/lib/lighttpd/mod_indexfile.so
    • /usr/lib/lighttpd/mod_proxy.so
    • /usr/lib/lighttpd/mod_redirect.so
    • /usr/lib/lighttpd/mod_rewrite.so
    • /usr/lib/lighttpd/mod_rrdtool.so
    • /usr/lib/lighttpd/mod_scgi.so
    • /usr/lib/lighttpd/mod_secdownload.so
    • /usr/lib/lighttpd/mod_setenv.so
    • /usr/lib/lighttpd/mod_simple_vhost.so
    • /usr/lib/lighttpd/mod_ssi.so
    • /usr/lib/lighttpd/mod_staticfile.so
    • /usr/lib/lighttpd/mod_status.so
    • /usr/lib/lighttpd/mod_userdir.so
    • /usr/lib/lighttpd/mod_usertrack.so
    • /usr/lib/tmpfiles.d/lighttpd.tmpfile.conf
    • /usr/sbin/lighttpd
    • /usr/sbin/lighttpd-angel
    • /usr/sbin/lighttpd-disable-mod
    • /usr/sbin/lighttpd-enable-mod
    • /usr/sbin/lighty-disable-mod
    • /usr/sbin/lighty-enable-mod
    • /usr/share/doc/lighttpd/NEWS.Debian.gz
    • /usr/share/doc/lighttpd/NEWS.gz
    • /usr/share/doc/lighttpd/README
    • /usr/share/doc/lighttpd/changelog.Debian.gz
    • /usr/share/doc/lighttpd/copyright
    • /usr/share/lighttpd/create-mime.assign.pl
    • /usr/share/lighttpd/include-conf-enabled.pl
    • /usr/share/lighttpd/index.html
    • /usr/share/lighttpd/use-ipv6.pl
    • /usr/share/lintian/overrides/lighttpd
    • /usr/share/man/man1/lighttpd-disable-mod.1.gz
    • /usr/share/man/man1/lighttpd-enable-mod.1.gz
    • /usr/share/man/man1/lighty-disable-mod.1.gz
    • /usr/share/man/man1/lighty-enable-mod.1.gz
    • /usr/share/man/man8/lighttpd.8.gz

    Changelog

    2016-07-31 - Santiago R.R. <santiagorr@riseup.net> lighttpd (1.4.35-4+deb8u1) jessie-security; urgency=medium * Non-maintainer upload. * Fix CVE-2016-1000212: Mitigate HTTPoxy vulnerability. * Add mitigate-httpoxy-779c133c16f9af168b004dce7a2a64f16c1cb3a4.patch

    2014-11-02 - Michael Gilbert <mgilbert@debian.org> lighttpd (1.4.35-4) unstable; urgency=medium * Disable SSLv3 by default (closes: #765702).

    2014-08-18 - Michael Gilbert <mgilbert@debian.org> lighttpd (1.4.35-3) unstable; urgency=medium * Support building with dpkg-buildpackage -g. * Drop libmemcache-dev build-dependency (closes: #748809).

    2014-04-05 - Michael Gilbert <mgilbert@debian.org> lighttpd (1.4.35-2) unstable; urgency=medium * Fix a spelling error. * Add a lintian override. * Make VCS field canonical. * Add myself to the uploaders. * Use dh-autoreconf (closes: #726394, #731104). * Disable indeterminant test on kfreebsd (closes: #731074).

    2014-03-22 - Arno Töll <arno@debian.org> lighttpd (1.4.35-1) unstable; urgency=low * New upstream version (fixes CVE-2014-2323, CVE-2014-2324) + Delete patches: cve-2013-4508.patch, cve-2013-4559.patch, cve-2013-4560.patch. Those are all cumulative included since lighttpd 1.4.34 * Acknowledge NMUs by the security team * Make the init script wait until lighttpd really terminates. * Change the default document root /var/www/html (Closes: #730379), add a Lintian override for it * Bump the debhelper dependency to >= 9.20130624 to ensure dh_installinit is recent enough for systemd (Closes: #713860) * Reorder LSB init dependencies, add $local_fs to it * Add hardening flags to lighttpd. Thanks to Michael Gilbert for providing a patch (Closes: #741497) * Remove W3C logo from index.html to avoid inclusion of images hosted elsewhere * Push standards version to 3.9.5 (no changes needed).

    2013-11-16 - Michael Gilbert <mgilbert@debian.org> lighttpd (1.4.33-1+nmu2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix regression caused by the fix for cve-2013-4508 (closes: #729480).

    2013-11-13 - Michael Gilbert <mgilbert@debian.org> lighttpd (1.4.33-1+nmu1) unstable; urgency=high * Non-maintainer upload by the Security Team (closes: #729453). * Fix cve-2013-4508: ssl cipher suites issue. * Fix cve-2013-4559: setuid privilege escalation issue. * Fix cve-2013-4560: use-after-free in fam.

    2013-10-15 - Arno Töll <arno@debian.org> lighttpd (1.4.33-1) unstable; urgency=low * Drop the connection-dos.patch - merged upstream. * Fix "mod_extforward missing configuration file": ship requested configuration file (Closes: #697304) * Remove access.conf, an obsolete conffiles as we should have done since 2010 (Closes: #703215) * Push debhelper's compat mode to 9, the use of maintscript helper requires 8.1 so we had to push the debhelper b-d anyway. * Fix "config.guess/config.sub out of date for arm64" by adding the patch provided by Colin Watson. Thanks (Closes: #726394). * Fix "[PATCH] use dh-systemd for proper systemd-related maintscripts" to add systemd support. Thanks to Michael Stapelberg (Closes: #713859)

    2013-03-14 - Arno Töll <arno@debian.org> lighttpd (1.4.31-4) unstable; urgency=high * CVE-2013-1427: Switch the socket path for PHP when using FastCGI. /tmp is world-writable which may cause security implications if an attacker manages to control /tmp/php.socket before the web server (re-)starts. * Switch VCS to git * Push standards version (no changes)

    2012-11-21 - Arno Töll <arno@debian.org> lighttpd (1.4.31-3) unstable; urgency=high * Fix "configuration files refer to wrong path for documentation" by merging a patch supplied by Denis Laxalde <denis@laxalde.org> (Closes: #676641) * CVE-2012-5533: Fix Denial Of Service attacks against Lighttpd by sending faulty Connection headers

    Advertisement
    Advertisement