Security update for lighttpd
This update for lighttpd fixes the following issues:
lighttpd was updated to 1.4.67:
* Update comment about TCP_INFO on OpenBSD
* [mod_ajp13] fix crash with bad response headers (fixes #3170)
* [core] handle RDHUP when collecting chunked body CVE-2022-41556 (boo#1203872)
* [core] tweak streaming request body to backends
* [core] handle ENOSPC with pwritev() (#3171)
* [core] manually calculate off_t max (fixes #3171)
* [autoconf] force large file support (#3171)
* [multiple] quiet coverity warnings using casts
* [meson] add license keyword to project declaration
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1203872
VUL-0: CVE-2022-41556: lighttpd: resource leak in mod_fastcgi and mod_scgi could lead to a denial of service after a large number of bad HTTP requests
