1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL.MENTOR

  • Bug#1055131: RFS: lighttpd/1.4.73-1 -- light, fast, functional web serv

    From [email protected]@21:1/5 to All on Wed Nov 1 01:10:01 2023
    Package: sponsorship-requests
    Severity: normal
    X-Debbugs-Cc: [email protected]

    Dear mentors,

    I am looking for a DD sponsor for my package "lighttpd":

    https://salsa.debian.org/debian/lighttpd/

    I am an upstream lighttpd developer and have participated in
    maintaining lighttpd on Debian for a number of years.

    I am listed as an uploader on https://tracker.debian.org/pkg/lighttpd

    lighttpd-1.4.73-1 passes autopkgtests and expected CI tests,
    and is tagged. (This is a non-DD maintainer upload.)

    * Package name : lighttpd
    Version : 1.4.73-1
    Upstream contact : [email protected]
    * URL : https://lighttpd.net/
    * License : BSD-3-Clause
    * Vcs : https://git.lighttpd.net/lighttpd/lighttpd1.4

    Important changes in lighttpd 1.4.73:
    * HTTP/2 detect and log rapid reset attack
    While lighttpd is not affected by HTTP/2 rapid reset attacks any more
    than by other DoS attacks, changes have been made to lighttpd to detect
    and log when a rapid reset attack occurs, and to close the HTTP/2
    connection. Log watchers might subsequently use the trace to block IPs.

    The goal is to make lightpd 1.4.73 available in unstable, testing,
    and then backports (or sloppy-backports) to maintained Debian versions.

    Please advise next steps.
    Thank you. Glenn

    P.S. The version of lighttpd in Debian Experimental is 1.4.71-1+exp1
    and can be retired.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Debian Bug Tracking System@21:1/5 to All on Wed Nov 1 15:40:01 2023
    This is a multi-part message in MIME format...

    Your message dated Wed, 1 Nov 2023 15:34:57 +0100
    with message-id <[email protected]>
    and subject line Re: RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
    has caused the Debian Bug report #1055131,
    regarding RFS: lighttpd/1.4.73-1 -- light, fast, functional web server
    to be marked as done.

    This means that you claim that the problem has been dealt with.
    If this is not the case it is now your responsibility to reopen the
    Bug report if necessary, and/or fix the problem forthwith.

    (NB: If you are a system administrator and have no idea what this
    message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected]
    immediately.)


    --
    1055131: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055131
    Debian Bug Tracking System
    Contact [email protected] with problems

    Received: (at submit) by bugs.debian.org; 1 Nov 2023 00:07:01 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
    (2021-04-09) on buxtehude.debian.org
    X-Spam-Level:
    X-Spam-Status: No, score=-11.8 required=4.0 tests=BAYES_00,
    BODY_INCLUDES_PACKAGE,FOURLA,HAS_PACKAGE,RCVD_IN_DNSWL_MED,
    SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham
    autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 11; hammy, 149; neutral, 61; spammy,
    1. spammytokens:0.945-+--H*r:bugs.debian.org
    hammytokens:0.000-+--X-Debbugs-Cc, 0.000-+--XDebbugsCc,
    0.000-+--D*tracker.debian.org, 0.000-+--exp1, 0.000-+--autopkgtests Return-path: <[email protected]>
    Received: from smtp1.atof.net ([52.86.233.228]:53926)
    by buxtehude.debian.org with esmtps (TLS1.2:ECDHE_SECP256R1__RSA_SHA512__AES_25