Red Hat Bugzilla – Bug 284511
CVE-2007-4727 FastCGI header overrun in lighttpd's mod_fastcgi
Last modified: 2007-11-30 17:12:15 EST
Description of problem:
New 1.4.18 release of lighttpd fixes an arbitrary code execution flaw in
lighttpd's header parsing code. Please update the package.
I'm working on updated packages for all current releases.
lighttpd-1.4.18-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.