summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorArno Töll <arno@debian.org>2011-12-20 10:37:27 +0000
committerArno Töll <arno@debian.org>2011-12-20 10:37:27 +0000
commit83f3b568002110e81cd0daff76bbb36fff49b285 (patch)
treec1ca54a11b8f0f40ea8bbea1fd4b7909e193e5fe /debian/changelog
parentb674a409fa3253e08e59fdcc8781eb700a6409dc (diff)
downloadlighttpd-83f3b568002110e81cd0daff76bbb36fff49b285.tar.gz
Update changelog to denote bug we close
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog4
1 files changed, 2 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 105dd24..836beda 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,7 +1,7 @@
lighttpd (1.4.30-1) unstable; urgency=medium
* New upstream release
- + Fix integer overflow (CVE-2011-4362)
+ + Fix integer overflow (CVE-2011-4362) (Closes: #652726)
+ Fix attack vector as disclosed by the SSL BEAST attack (related:
CVE-2011-3389). Note: If you are upgrading from an older version you need
to change your configuration to mitigate effects of the attack. See the
@@ -22,7 +22,7 @@ lighttpd (1.4.30-1) unstable; urgency=medium
sysvinit, ship systemd and tempfiles.d configuration files. Thanks to
Michael Stapelberg for providing the required files (Closes: #652442)
- -- Arno Töll <debian@toell.net> Tue, 20 Dec 2011 01:56:59 +0100
+ -- Arno Töll <debian@toell.net> Tue, 20 Dec 2011 11:36:09 +0100
lighttpd (1.4.29-1) unstable; urgency=low