[SECURITY] Fedora 23 Update: lighttpd-1.4.41-1.fc23

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-9de7253cc7 2016-08-10 04:58:42.386337 -------------------------------------------------------------------------------- Name : lighttpd Product : Fedora 23 Version : 1.4.41 Release : 1.fc23 URL : http://www.lighttpd.net/ Summary : Lightning fast webserver with light system requirements Description : Secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make it the perfect webserver-software for every server that is suffering load problems. -------------------------------------------------------------------------------- Update Information: 1.4.41 ---- Patch for CVE-2016-1000212. ---- Connection state patch. ---- Patch for ipv6 blocking bug. ---- 1.4.40 https://www.lighttpd.net/2016/7/16/1.4.40/ -------------------------------------------------------------------------------- References: [ 1 ] Bug #1361926 - lighttpd-1.4.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=1361926 [ 2 ] Bug #1360641 - CVE-2016-1000212 lighttpd: sets environmental variable based on user supplied Proxy request header [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1360641 [ 3 ] Bug #1360640 - CVE-2016-1000212 lighttpd: sets environmental variable based on user supplied Proxy request header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1360640 [ 4 ] Bug #1357238 - lighttpd-1.4.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1357238 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update lighttpd' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------