# 1.4.42

2016-10-16



* Bug #321: mod_fastcgi authorizers cannot protect fastcgi responders
* Feature #322: FastCGI Authorizer support for Variable-name variable passing
* Feature #613: client-selectable directory list sorting, patch included
* Feature #752: mySQL auth
* Bug #1118: Cannot run CGI/SuEXEC scripts for which lighty has no read permissions.
* Feature #1697: mod_deflate patch for 1.4.19
* Feature #1743: [PATCH] Add support for CRYPT-MD5-NTLM
* Feature #1824: Adding mod_deflate to 1.4.xx 
* Feature #1845: MySQL Digest Authentication
* Feature #1899: Kerberos/GSSAPI Delegation Support
* Bug #1938: lighttpd 1.4 crashes on FreeBSD 7.0 AMD64 when mod_geoip is compiled in
* Bug #1962: mod_geoip
* Bug #2025: mod_geoip crashes lighttpd 1.5.x on FreeBSD 7.2 AMD64
* Bug #2092: unsafe sprintfs mod_geoip
* Bug #2101: lighttpd-1.4.24 fails to compile with mod_geoip.c
* Feature #2130: limits the size of HTTP request header
* Feature #2163: Multiple use of '?' in mysql-vhost.sql
* Feature #2268: Set serial number of the client certificate into environment
* Feature #2315: dir-listing.external-js
* Bug #2374: lighttpd-1.4.29 cannot execute unreadable CGIs
* Feature #2511: pass protocol and cipher details to fcgi env
* Feature #2652: [patch] Add additional SSL env variables for strict client certificate authentication and authorization
* Bug #2705: broken module API since 1.4.38
* Bug #2743: 1.4.40/41 mod_proxy, mod_scgi may trigger POLLHUP on *BSD,Darwin
* Bug #2744: 1.4.40/41 writev failed: Socket is not connected (fastcgi,scgi,proxy)
* Bug #2745: HTTP digest + rewrite fails with: digest: auth failed: uri mismatch (1.4.41)
* Bug #2746: [PATCH] better DragonFlyBSD support; fix crash
* Bug #2748: 1.4.40/1.4.41 uploads to CGI may cause crash (SIGABRT)
* Bug #2752: vector_realloc missing when linking test_configfile
* Bug #2753: mod_deflate backport compile error if ENABLE_MMAP not defined
* Bug #2754: Debian Packaging: mod_auth broken