Activity
From 2025-10-30 to 2025-11-05
2025-11-04
- 07:49 Lighttpd Revision 6840488a: [h2] add comment about zero-length payloads in padded frames
- Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>
Co-authored-by: Glenn Strauss <gstrauss@gluelogic.... - 05:30 Lighttpd Revision fcf0f67d: [core] add continuation framework for response prep
- add continuation framework for response prep to enable future changes
whereby modules schedule potentially blocking o... - 05:30 Lighttpd Revision 2777bba1: [core] http_response_prepare() smaller funcs
- reorganize http_response_prepare() into smaller funcs
- 05:30 Lighttpd Revision 3309ac20: [mod_magnet] http_response_reset() before HANDLER_COMEBACK
- always fully restart request for lua lighty.RESTART_REQUEST
Among other things, http_response_reset()
clears r->phys... - 05:30 Lighttpd Revision 7704f86e: [core] http_status_set_fin() handler_module = NULL
- http_status_set_fin() set r->handler_module = NULL
- 02:58 Lighttpd Revision 05d5a7e1: [tests] t/test_http_status.c stub
- 02:58 Lighttpd Revision 8a0a25ce: [core] remove request_st member async_callback (unused)
2025-11-02
- 19:14 Lighttpd Bug #3293 (Invalid): Double-free vulnerability - Dangling pointer from gnutls_x509_crt_list_import2 failure
- > During the second DER format import attempt, if gnutls_x509_crt_list_import2 allocates memory (modifying d->data an...
- 15:47 Lighttpd Bug #3293 (Invalid): Double-free vulnerability - Dangling pointer from gnutls_x509_crt_list_import2 failure
- Hi,
It looks like there may be a potential issue in the path of gnutls_x509_crt_list_import2().
*Description*
When...
2025-10-31
- 17:28 Lighttpd Revision 135dc991: [core] minor code tighten
Also available in: Atom