lighttpd 1.4.13

January 30, 2007

Only 2 weeks after .12 hit the servers we have a new release cleaning up the issues that were introduced by it.


On the fix side we have:

  • fixed a seg-fault in the HTTP-Request splitting
  • fixed long-standing bug with Content-Length and HEAD requests
  • fixed a possible abort of a upload if xattr is enabled

New are

  • mod-magnet finally handles ‘require “lfs”’ without complaining
  • mod-magnet got light.stat() which uses the stat-cache
  • mod-webdav supports LOCK if compiled with –with-webdav-locks

Debian user have to compile their lua-support with:

$ configure --with-lua=lua5.1 ...

as their lua-5.1 package isn’t called ‘lua’.

Enjoy this release and watch out for 1.5.0 on the horizon. :)

lighttpd 1.4.13 - 2006-10-09 23:54


  • added initgroups in spawn-fcgi (#871)
  • added apr1 support htpasswd in mod-auth (#870)
  • added lighty.stat() to mod_magnet
  • fixed segfault in splitted CRLF CRLF sequences (introduced in 1.4.12) (#876)
  • fixed compilation of LOCK support in mod-webdav
  • fixed fragments in request-URLs (#869)
  • fixed pkg-config check for lua5.1 on debian
  • fixed Content-Length = 0 on HEAD requests without a known Content-Length (#119)
  • fixed mkdir() forcing 0700 (#884)
  • fixed writev() on FreeBSD 4.x and older (#875)
  • removed warning about a 404-error-handler returned 404
  • backported and fixed the buildsystem changes for webdav locks
  • fixed plugin loading so we can finally load lua extensions in mod_magnet scripts
  • fixed large uploads if xattr is enabled