1.4.21 - "Yes we can... do another release"
February 16, 2009
Four and a half months after the release of 1.4.20 comes a new version in the stable branch of lighty: 1.4.21 is here.
It is a bugfix release but also contains 3 small new features.
We would like to thank everybody who reported bugs, especially the ones who provided patches.
spawn-fcgi warning
We decided to remove spawn-fcgi after this release from the lighttpd source, there is now a separate project for it:
http://redmine.lighttpd.net/projects/spawn-fcgi
Important changes
- Reverted fix for CVE-2008-4359 (too many regressions – see #1720 and r2362): do NOT use rewrite/redirect to protect specific urls!
- Fixed a bug when server.max-connections was hit
- SSLv2 disabled by default
- New setting to disable returning of a 417 if “Expect: 100-continue” header is given:
server.reject-expect-100-with-417 = “disable”
- Settings that require numbers can now be strings too which get converted. Useful in conjunction wth env vars (thx andrewb)
- mod_compress now supports caching through etags and last-modified
- The annoying log entries about timeouted connections are now disabled by default and can be enabled with a new setting:
debug.log-timeouts = “enable”
- New
$HTTP["language"]
conditional (thx to petar) which allows interesting new configs like:
$HTTP[“language”] =~ “(de|it|hr)” {
url.redirect = ( “^/$” => “http://www.site.net/%1/” )
}
Downloads
- http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.21.tar.gz
- MD5:
5ff4e7075652f6cc200fa278ea2b1f96
- SHA1:
6b42570b0b19cfbcb4324780c61625b139f6ef8e
- MD5:
- http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.21.tar.bz2
- MD5:
49eeba63c931fa82120711adc7182731
- SHA1:
e76f83b9c56c83f0a734ad0bdd20351fc97472d2
- MD5:
- SHA1 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.21.sha1sum
- MD5 checksums: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.21.md5sum