head	1.2;
access;
symbols
	RELEASE_7_1_0:1.1
	RELEASE_6_4_0:1.1;
locks; strict;
comment	@# @;


1.2
date	2008.10.08.01.17.29;	author mnag;	state dead;
branches;
next	1.1;

1.1
date	2008.09.27.23.47.57;	author mnag;	state Exp;
branches;
next	;


desc
@@


1.2
log
@- Update to 1.4.20

PR:		127861
Submitted by:	Daniel Gerzo <danger___FreeBSD.org>
@
text
@#
# http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt
#
Index: src/request.c
===================================================================
--- src/request.c (revision 1947)
+++ src/request.c (revision 2305)
@@@@ -826,4 +826,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
@@@@ -875,4 +876,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
@@@@ -912,4 +914,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
@@@@ -937,4 +940,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
@@@@ -954,4 +958,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
@@@@ -977,4 +982,5 @@@@
 												con->request.request);
 									}
+									array_insert_unique(con->request.headers, (data_unset *)ds);
 									return 0;
 								}
Index: NEWS
===================================================================
--- NEWS (revision 2304)
+++ NEWS (revision 2305)
@@@@ -63,4 +63,5 @@@@
   * workaround ldap connection leak if a ldap connection failed (restarting ldap)
   * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie)
+  * fix memleak in request header parsing (#1774, thx qhy)
 
 - 1.4.19 - 2008-03-10
@


1.1
log
@- Multiple security fixes.
- Bump PORTREVISION

Notified by:	miwi
Security:	http://www.vuxml.org/freebsd/fb911e31-8ceb-11dd-bb29-000c6e274733.html
@
text
@@

