Only 2 weeks after .12 hit the servers we have a new release cleaning up the issues that were introduced by it.

Download:

• lighttpd-1.4.13.tar.gz

On the fix side we have:

• fixed a seg-fault in the HTTP-Request splitting
• fixed long-standing bug with Content-Length and HEAD requests
• fixed a possible abort of a upload if xattr is enabled

New are

• mod-magnet finally handles ‘require “lfs”’ without complaining
• mod-magnet got light.stat() which uses the stat-cache
• mod-webdav supports LOCK if compiled with –with-webdav-locks

Debian user have to compile their lua-support with:

$ configure --with-lua=lua5.1 ...

as their lua-5.1 package isn’t called ‘lua’.

Enjoy this release and watch out for 1.5.0 on the horizon. :)

lighttpd 1.4.13 - 2006-10-09 23:54

Changes

• added initgroups in spawn-fcgi (#871)
• added apr1 support htpasswd in mod-auth (#870)
• added lighty.stat() to mod_magnet
• fixed segfault in splitted CRLF CRLF sequences (introduced in 1.4.12) (#876)
• fixed compilation of LOCK support in mod-webdav
• fixed fragments in request-URLs (#869)
• fixed pkg-config check for lua5.1 on debian
• fixed Content-Length = 0 on HEAD requests without a known Content-Length (#119)
• fixed mkdir() forcing 0700 (#884)
• fixed writev() on FreeBSD 4.x and older (#875)
• removed warning about a 404-error-handler returned 404
• backported and fixed the buildsystem changes for webdav locks
• fixed plugin loading so we can finally load lua extensions in mod_magnet scripts
• fixed large uploads if xattr is enabled

Checksums

• lighttpd-1.4.13-1.i386.rpm [built on Fedora Core 4] MD5: 3d4a857e02e111d6955ccf76e416cb41
• lighttpd-1.4.13-1.src.rpm MD5: 6272d8310fae8bcc35e6ab4778e2016c
• lighttpd-1.4.13.tar.gz MD5: d775d6478391b95d841a1018c8db0b95