# 1.4.54

2019-05-27



* Feature #1818: add RFC-compliant LOCK support to mod_webdav
* Bug #2932: [regression] %0 pattern does not match hostnames without the domain part
* Bug #2938: Lighttpd crashes on wrong return type in lua script
* Feature #2939: OPTIONS should return 2xx status for non-existent resources if Allow is set
* Bug #2940: mod_authn_ldap/mod_cgi race condition, "Can't contact LDAP server"
* Bug #2941: failed assertion on incoming bad request when server.error-handler option is used
* Bug #2944: [patch] wstunnel.ping-interval ineffective
* Bug #2945: Security - SIGABRT during GET request handling with url-path-2f-decode enabled
* Feature #2946: modules.conf order unhelpful (setenv vs. redirect)
* Bug #2948:  [regression][Bisected] lighttpd uses way more memory with POST since 1.4.52