lighttpd 1.4.9 - 2006-01-14 19:49
Dear lighties,
I'm proud to announce the availability of lighttpd 1.4.9, a prop-in replacement for lighttpd 1.4.8.
This release fixes several major bugs
- growing errorlog if fastcgi backend dies
- endless loop in mod_cgi
and most important:
- a CRITICAL bug in the handling of case-insensitive filesystems like NTFS and FAT on Windows or the default filesystem on MacOS X. Everyone on those platforms has to upgrade as soon as possible. A security announcement is following this mail.
On the good side:
- the power-magnet for mod_cml
- more statistics for mod_fastcgi (load, backend usage, ...)
- a first mod_evasive
- better handling of If-Range, duplocate If-Modified-Since and more compliance with webdav clients
Changes
- added server.core-files option (sandy <sandy@meebo.com>)
- added docs for mod_status
- added mod_evasive to limit the number of connections by IP (<w1zzard@techpowerup.com>)
- added the power-magnet to mod_cml
- added internal statistics to mod_fastcgi
- added server.statistics-url to get internal statistics from mod_status
- added support for conditional range-requests through If-Range
- added static building via scons
- fixed 100% cpu loops in mod_cgi ("sandy" <sjen@cs.stanford.edu>)
- fixed handling for secure-download.timeout (jamis@37signals.com)
- fixed IE bug in content-charset in the output of mod_dirlisting (sniper@php.net)
- fixed typos and language in the docs (ryan-2005@ryandesign.com)
- fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy@meebo.com>)
- fixed handling if equal but duplicate If-Modified-Since request headers
- fixed endless loops in mod_fastcgi if backend is dead
- fixed Depth: 1 handling in PROPFIND requests on empty dirs
- fixed encoding of UTF8 encoded dirlistings (Jani Taskinen <sniper@iki.fi>)
- fixed initial bind to a unix-domain socket through server.bind
- fixed handling of lowercase filesystems
- fixed duplicate request headers cause by mod_setenv
