---
- branch: MAIN
  date: Wed Aug  1 11:25:22 UTC 2012
  files:
  - new: '1.33'
    old: '1.32'
    path: pkgsrc/www/lighttpd/Makefile
    pathrev: pkgsrc/www/lighttpd/Makefile@1.33
    type: modified
  - new: '1.22'
    old: '1.21'
    path: pkgsrc/www/lighttpd/distinfo
    pathrev: pkgsrc/www/lighttpd/distinfo@1.22
    type: modified
  - new: '0'
    old: '1.11'
    path: pkgsrc/www/lighttpd/patches/patch-aa
    pathrev: pkgsrc/www/lighttpd/patches/patch-aa@0
    type: deleted
  - new: '1.1'
    old: '0'
    path: pkgsrc/www/lighttpd/patches/patch-doc_config_lighttpd.conf
    pathrev: pkgsrc/www/lighttpd/patches/patch-doc_config_lighttpd.conf@1.1
    type: added
  id: 20120801T112522Z.065aca6738898848b9538b685cf2b30942f7ead7
  log: |
    Update www/lighttpd to 1.4.31.

    Changes from 1.4.30
    - [ssl] fix segfault in counting renegotiations for openssl versions
      without TLSEXT/SNI (thx carpii for reporting)
    - Move fdevent subsystem includes to implementation files to reduce
      conflicts (fixes #2373)
    - [mod_compress] fix handling if etags are disabled but cache-dir
      is set - may lead to double response
    - disable mmap by default (fixes #2391)
    - buffer_caseless_compare: always convert letters to lowercase to get
      transitive results, fixing array lookups (fixes #2405)
    - Fix handling of empty header list entries in http_request_split_value,
      fixing invalid read in valgrind (fixes #2413)
    - Fix access log escaping of " and \\ (fixes #1551)
    - [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649,
      RFC 2617) (fixes #2410)
    - [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific
      workaround, add fastcgi test case (fixes #889)
    - [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333,
      thx simoncpu)
    - Detect multiple -f options: show error message instead of assert
      (fixes #2416)
    - [mod_extforward] Support ipv6 addresses (fixes #1889)
    - [mod_redirect] Support url.redirect-code option (fixes #2247)
    - Fix --enable-mmap handling in configure.ac

    Changes from 1.4.29
    - Always use our 'own' md5 implementation, fixes linking issues on MacOS
      (fixes #2331)
    - Limit amount of bytes we send in one go; fixes stalling in one connection
      and timeouts on slow systems.
    - [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
    - Add static-file.disable-pathinfo option to prevent handling of urls like
      .../secret.php/image.jpg as static file
    - Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
    - Fix mod_status bug: always showed "0/0" in the "Read" column for uploads
      (fixes #2351)
    - [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
    - [ssl] count renegotiations to prevent client renegotiations
    - [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
    - [core] accept dots in ipv6 addresses in host header (fixes #2359)
    - [ssl] fix ssl connection aborts if files are larger than
      the MAX_WRITE_LIMIT (256kb)
    - [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/lighttpd'
  unixtime: '1343820322'
  user: fhajny