lighttpd 1.4.13

January 30, 2007

Only 2 weeks after .12 hit the servers we have a new release cleaning up the issues that were introduced by it.

Download: - lighttpd-1.4.13.tar.gz

On the fix side we have: - fixed a seg-fault in the HTTP-Request splitting - fixed long-standing bug with Content-Length and HEAD requests - fixed a possible abort of a upload if xattr is enabled

New are - mod-magnet finally handles ‘require “lfs”’ without complaining - mod-magnet got light.stat() which uses the stat-cache - mod-webdav supports LOCK if compiled with –with-webdav-locks

Debian user have to compile their lua-support with:

$ configure --with-lua=lua5.1 ...

as their lua-5.1 package isn’t called ‘lua’.

Enjoy this release and watch out for 1.5.0 on the horizon. :)

lighttpd 1.4.13 - 2006-10-09 23:54


  • added initgroups in spawn-fcgi (#871)
  • added apr1 support htpasswd in mod-auth (#870)
  • added lighty.stat() to mod_magnet
  • fixed segfault in splitted CRLF CRLF sequences (introduced in 1.4.12) (#876)
  • fixed compilation of LOCK support in mod-webdav
  • fixed fragments in request-URLs (#869)
  • fixed pkg-config check for lua5.1 on debian
  • fixed Content-Length = 0 on HEAD requests without a known Content-Length (#119)
  • fixed mkdir() forcing 0700 (#884)
  • fixed writev() on FreeBSD 4.x and older (#875)
  • removed warning about a 404-error-handler returned 404
  • backported and fixed the buildsystem changes for webdav locks
  • fixed plugin loading so we can finally load lua extensions in mod_magnet scripts
  • fixed large uploads if xattr is enabled

Checksums - lighttpd-1.4.13-1.i386.rpm [built on Fedora Core 4] MD5: 3d4a857e02e111d6955ccf76e416cb41 - lighttpd-1.4.13-1.src.rpm MD5: 6272d8310fae8bcc35e6ab4778e2016c - lighttpd-1.4.13.tar.gz MD5: d775d6478391b95d841a1018c8db0b95