1.4.64
January 19, 2022
Important changes
- remove deprecated modules, bugfixes, CVE-2022-22707 (rare configs)
Downloads
- lighttpd-1.4.64.tar.gz (GPG signature)
- SHA256:
71e46403fb28371a06b23ef1cceffd75285140c6f62a879c777ee5af0d248801
- SHA256:
- lighttpd-1.4.64.tar.xz (GPG signature)
- SHA256:
e1489d9fa7496fbf2e071c338b593b2300d38c23f1e5967e52c9ef482e1b0e26
- SHA256:
- SHA256 checksums
- SHA512 checksums
Behavior Changes
(previously announced and scheduled)
- graceful restart/shutdown timeout changed from 0 (disabled) to 8 seconds
configure an alternative with:
server.feature-flags += (“server.graceful-shutdown-timeout” => 8) - build: lighttpd defaults to —with-pcre2 instead of —with-pcre
pcre2 is current. pcre is no longer maintained.
Explicitly specify —with-pcre in build to use pcre instead of pcre2. - deprecated modules (previously announced) have been removed
- mod_authn_mysql
- mod_mysql_vhost
- mod_cml
- mod_flv_streaming
- mod_geoip
- mod_trigger_b4_dl
https://wiki.lighttpd.net/Docs_ConfigurationOptions#Deprecated
suggests migration steps for replacements, if needed