Project

General

Profile

1.4.67

closed

2022-09-17

100%

2 issues   (2 closed — 0 open)

Release Info

  • Version: 1.4.67
  • Previous version: 1.4.66
  • Branch: 1.4
  • Status: stable
  • Release Purpose: bug fixes
  • Release manager: gstrauss
  • Released date: 2022-09-17

Important changes from 1.4.66

bugfixes

Future Scheduled Behavior Changes

  • TLS modules will default to using stronger, modern ciphers and
    will default to allow client preference in selecting ciphers.
    Allowing client preference in selecting ciphers is safe to do along
    with restrictions to use modern ciphers supporting PFS, and is
    better for mobile users without AES hardware acceleration.
    Legacy ciphers can still be configured in lighttpd.conf using
    `ssl.openssl.ssl-conf-cmd`, as long as the ciphers are supported by
    the underlying TLS libraries. https://wiki.lighttpd.net/Docs_SSL
    new defaults:
    "CipherString" => "EECDH+AESGCM:AES256+EECDH:CHACHA20:!SHA1:!SHA256:!SHA384",
    "Options" => "-ServerPreference"
    old defaults:
    "CipherString" => "HIGH",
    "Options" => "ServerPreference"
  • Deprecated TLS options will be removed.
    - ssl.honor-cipher-order
    - ssl.dh-file
    - ssl.ec-curve
    - ssl.disable-client-renegotiation
    - ssl.use-sslv2
    - ssl.use-sslv3
    See https://wiki.lighttpd.net/Docs_SSL for replacements with
    `ssl.openssl.ssl-conf-cmd`, but prefer lighttpd defaults instead.
  • Continue gradual deprecation of "mini-application" lighttpd modules
    for which mod_magnet lua implementations are better and more flexible.
    Please post on lighttpd forums to share feedback if you use these modules.
    Forums: https://redmine.lighttpd.net/projects/lighttpd/boards

Downloads

Changes from 1.4.66

  • Update comment about TCP_INFO on OpenBSD
  • [mod_ajp13] fix crash with bad response headers (fixes #3170)
  • [core] handle RDHUP when collecting chunked body
  • [core] tweak streaming request body to backends
  • [core] handle ENOSPC with pwritev() (#3171)
  • [core] manually calculate off_t max (fixes #3171)
  • [autoconf] force large file support (#3171)
  • [multiple] quiet coverity warnings using casts
  • [meson] add license keyword to project declaration

External references

Issues by
Bug

2/2

Also available in: TXT