Important changes
- HTTP/2 detect and log rapid reset attack
Downloads
- lighttpd-1.4.73.tar.gz (GPG signature)
- SHA256:
816cbec71e8d02d874f1d5c798d76d091a76d5acbeb6e017ba76aeb4263d6995
- lighttpd-1.4.73.tar.xz (GPG signature)
- SHA256:
818816d0b314b0aa8728a7076513435f6d5eb227f3b61323468e1f10dbe84ca8
- SHA256 checksums
- SHA512 checksums
Changes from 1.4.72
- [core] add .mkv to mimetype.assign builtin defaults
- [core] warn if out-of-range value for config short
- [mod_openssl] set default curves for ossl < 1.1.0
- [mod_h2] parse HEADERS flags sooner
- [mod_h2] check send window before defer frame rd
- [mod_h2] send GOAWAY to excessive request flood
- [mod_h2] h2_parse_headers_frame() adjust args
- [mod_h2] h2_recv_headers() parse trailers earlier
- [mod_h2] send GOAWAY to excessive request flood
- [mod_h2] discard new streams after GOAWAY sent
- [mod_h2] h2_discard_headers() to HPACK-decode hdrs
- [core] parse entire server.http-parseopts list
- [mod_wstunnel] Sec-WebSocket-Protocol only if req hdr
- [mod_h2] disable h2proto if mod_h2 was not found
- [core] omit dlopen trace for mod_h2, mod_deflate
- [mod_h2] defer input parsing if large output queue
- [mod_h2] defer frame handling if stream pend close
- [mod_h2] detect and log HTTP/2 rapid reset attack
- [core] honor MBEDTLS_USE_PSA_CRYPTO for hash,rand
- [mod_mbedtls] honor MBEDTLS_USE_PSA_CRYPTO for rand
- [core] comment out li_rand_bytes() (unused)
- [mod_mbedtls] handle mbedtls 3.x partial write
- [mod_h2] detect and log HTTP/2 rapid reset attack
- [mod_h2] detect and log HTTP/2 rapid reset attack
- [mod_openssl] warn if openssl version < 3.0.0
- [mod_openssl] include openssl/hmac.h for boringssl