Two problems were discovered with lighttpd, a fast webserver with minimal memory footprint, which could allow denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-1869 Remote attackers could cause denial of service by disconnecting partway through making a request. CVE-2007-1870 A NULL pointer dereference could cause a crash when serving files with a mtime of 0. For the stable distribution (etch) these problems have been fixed in version 1.4.13-4etch1. For the unstable distribution (sid) these problems have been fixed in version 1.4.14-1. We recommend that you upgrade your lighttpd package.
Two problems were discovered with lighttpd, a fast webserver with minimal memory footprint, which could allow denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:
Remote attackers could cause denial of service by disconnecting partway through making a request.
A NULL pointer dereference could cause a crash when serving files with a mtime of 0.
For the stable distribution (etch) these problems have been fixed in version 1.4.13-4etch4.
For the unstable distribution (sid) these problems have been fixed in version 1.4.14-1.
We recommend that you upgrade your lighttpd package.
MD5 checksums of the listed files are available in the original advisory.