We did some important bug fixes (some of them new since 1.4.24, and some older bugs). Only 2 small new features: traceback for lua errors and the SSL_CLIENT_* vars export for ssl client cert validation.

Downloads

• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.25.tar.gz
  • SHA256: 0e71cd677a2282fff0ee0248a0e70a593a75e06f8a26411ca5314d0c01debbc3
  • SHA1: 53537f0b1da35e9974e278adc7e959bb77e8dd75
  • MD5: 87e936ec272ddaba8a2fdfecd8c6b704
• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.25.tar.bz2
  • SHA256: 7e803089f18b179097cb33b64b37d8a3b537ce9c196c88e3fb09881b471c88ce
  • SHA1: bc4592930292ae8d0990a94a584f49fe8f52445b
  • MD5: 2027c49fb46530e45338c5e2da13c02f
• SHA256 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.25.sha256sum
• SHA1 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.25.sha1sum
• MD5 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.25.md5sum

Update: There is a small regression in mod_magnet, see #1307

We finally added TLS SNI, and many other small improvements. We also fixed pipelining (that should fix problem with lighty as debian mirror) and some mod_fastcgi bugs – this should result in improved handling of overloaded and crashed backends (you know which one :D).

Important changes

• Connection state handling (pipelining should work now)
• FastCGI fixes: improved disabled-time handling, fixed bug in active-backends counter.
• TLS SNI support

Downloads

• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.tar.gz
  • SHA256: d7cb514e0953a8d8a9b88b0029e5a0380ca740ae385b465bd0592023ad75a0c7
  • SHA1: f925f07b40a50ac97a595542fa8bee80c37e4ed0
  • MD5: cb2155230f5738bf56d14131874c36fe
• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.tar.bz2
  • SHA256: 6e643dc4627d742510afee67654291a5190a316f5737dfb463b158a70f24750e
  • SHA1: 7a2f53d4af25d4b0b94cb7b3900c5600dcda1b00
  • MD5: e2324a24e4a5bce74663c21c58ddd200
• SHA256 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.sha256sum
• SHA1 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.sha1sum
• MD5 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.24.md5sum

Time for a new release: spawn-fcgi is now going its own ways in an independent project (hence the release slogan; see http://redmine.lighttpd.net/projects/spawn-fcgi), wsgi applications in / should work now (use the fastcgi/scgi option “fix-root-scriptname”) and many other fixes and improvements.
Please note that the “X-Sendfile-Range” header did not make it into 1.4.23, and we will try a more powerful approach for 1.4.24 (see #2008).

Important changes

• Fix workaround for incorrect path info/scriptname if fastcgi prefix is “/” (fixes #729)
• Finally removed spawn-fcgi
• Fix bug with FastCGI request id overflow under high load; just use always id 1 as we don’t use multiplexing. (thx jgray)
• Workaround broken operating systems: check for trailing ‘/’ in filenames (fixes #1989)

Downloads

• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.23.tar.gz
  • SHA256: 8555db22ed7d429160701555611d8cd5eff42fc7e6e3ad3b050279c9b2145469
  • SHA1: 37f8b4827d7a1f69812d8185fcecf72277020876
  • MD5: 41dfad5c366d34d83c3d2b46d4c08f5c
• http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.23.tar.bz2
  • SHA256: 72896e6677b12aee2371c12e6d3f8299cfbdb2f89ad4b519a96b3ba80852a5fa
  • SHA1: a07b7bfdbf882ebe645cc140f4a658c46725224e
  • MD5: 0ab6bb7b17bf0f515ce7dce68e5e215a
• SHA256 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.23.sha256sum
• SHA1 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.23.sha1sum
• MD5 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.23.md5sum