Release Info¶

• Version: 1.4.79
• Previous version: 1.4.78
• Branch: 1.4
• Status: stable
• Release Purpose: bug fixes
• Release manager: gstrauss
• Released date: 2025-04-04

Important changes from 1.4.78¶

• hardened systemd lighttpd.service
• bug fix for mod_openssl using both ECDSA and RSA certs

BEHAVIOR CHANGES¶

• lighttpd-provided hardened systemd lighttpd.service may need admin-overrides
  on non-typical systems (less popular distros) using lighttpd-provided systemd
  lighttpd.service and which also run lighttpd as root, or run CGI scripts
  as root, to manage the system. To create overrides, `systemctl edit lighttpd`
  and edit /etc/systemd/system/lighttpd.service.d/override.conf
  .
  In contrast, many popular distros configure lighttpd to drop privileges from
  root and to run as an unprivileged user, e.g. 'lighttpd' or 'www-data'.
  These systems are unlikely to be affected by the hardened and more secure
  systemd lighttpd.service configuration.

Downloads¶

• https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.tar.gz
  • GPG signature: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.tar.gz.asc
  • SHA256: 72a625243de607802b74bd6ae243716cb65757aba8e74a40321cbd74cf12c9c8
• https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.tar.xz
  • GPG signature: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.tar.xz.asc
  • SHA256: 3b29a625b3ad88702d1fea4f5f42bb7d87488f2e4efc977d7f185329ca6084bd
• SHA256 checksums: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.sha256sum
• SHA512 checksums: https://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.79.sha512sum

Changes from 1.4.78¶

• [ci] update deps pkg names for lighttpd on Cygwin
• [ci] MSYS detection kludge in tests/LightyTest.pm
• [autotools] spelling Couldn't => Could not
• [mod_openssl] revert SSL_CTX default cert assign
• [mod_openssl] spelling in comment
• [TLS] issue trace if unable to check/refresh cert
• [ci] Cygwin Invoke-WebRequest -MaximumRetryCount 3
• [ci] Cygwin prefer D:\ drive
• [ci] Cygwin remove redundant call to setup.exe
• [core] set server.max-fds = 4096 if not specified
• [core] clear Linux ambient capabilities, if any
• [core] rename remove_pid_file() -> server_pid_file_remove()
• [core] retry pidfile open on Linux
• [doc] systemd lighttpd.service hardening
• [doc] move TLS config to separate file tls.conf
• [doc] systemd lighttpd.service hardening addition
• [doc] systemd lighttpd*.socket activation examples
• [core] default listen() backlog to SOMAXCONN
• [ci] fix meson build execution selection

External references¶

• https://www.lighttpd.net/2025/4/4/1.4.79