# 1.4.16

2007-07-24

[http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it Security fixes]

* Bug #825: url.access-deny ( ".ext" ) still serves "/file.ext/"
* Bug #830: patch to mod_fastcgi.c is applied with a bug
* Bug #1129: 403 Forbidden
* Bug #1174: There are 8 threads in lighttpd
* Bug #1181: PHP session.cookie_domain setting does not work for multiple subdomains
* Bug #1216: lighty 1.4.13 crashes with accessing out of bound fd array index
* Bug #1236: Last-Modified header suppressed in 1.4.15
* Bug #1245: Repeatable 100% CPU usage due to remote FastCGI app misbehaviour
* Bug #1263: Segmentation fault in mod_scgi