http://www.vuxml.org/freebsd/fc9c217e-3791-11dc-bb1a-000fea449b8a.html "Some vulnerabilities have been reported in lighttpd, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service)."
CVE-2007-3946 Lighttpd SA 2007:04-07 CVE-2007-3947 Lighttpd SA 2007:03 CVE-2007-3948 ? CVE-2007-3949 Lighttpd SA 2007:08 (patch: CVE-2007-3950 ? ? Lighttpd SA 2007:09
Lighttpd 1.4.16 has just been released, and rebuilt for all current Fedora and EPEL branches. Packages are waiting to be pushed.
lighttpd-1.4.16-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.