pkgsrc.se | The NetBSD package collection

./www/thttpd, Tiny/turbo/throttling HTTP server

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q1, Version: 2.28, Package name: thttpd-2.28, Maintainer: pkgsrc-users

thttpd is a simple, small, portable, fast, and secure HTTP server.

Simple: It handles only the minimum necessary to implement HTTP/1.1.

Small: See the size comparison chart at
http://www.acme.com/software/thttpd/notes.html#sizes. It also has a
very small run-time size, since it does not fork and is very careful about
memory allocation.

Portable: It compiles cleanly on SunOS 4.1.x, Solaris 2.x, BSD/OS 2.x,
Linux 1.2.x, and OSF/1 (on a 64-bit Alpha).

Fast: In typical use it's about as fast as the best full-featured servers
(Apache, NCSA, Netscape). Under extreme load it's much faster.

Secure: It goes to great lengths to protect the web server machine
against attacks and breakins from other sites.

thttpd also provides URL-traffic-based throttling and virtual hosting.

Required to build:
[pkgtools/cwrappers]

Master sites:

http://www.acme.com/software/thttpd/

Version history: (Expand)

(2018-05-08) Updated to version: thttpd-2.28
(2018-04-04) Package added to pkgsrc.se, version thttpd-2.26 (created)

CVS history: (Expand)

2018-05-08 17:04:08 by Benny Siegert | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5754 - requested by wiz
www/thttpd: security fix

Revisions pulled up:
- www/thttpd/Makefile                                           1.48
- www/thttpd/distinfo                                           1.18

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Mon May  7 07:01:37 UTC 2018

   Modified Files:
   	pkgsrc/www/thttpd: Makefile distinfo

   Log message:
   thttpd: update to 2.28.

   From nia in PR 53266.

   New in version 2.28:

       Improvements to the FreeBSD startup script. (Craig Leres)
       Minor portability tweak in mmc.c.
       Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as \ 
CVE-2017-17663.

   New in version 2.27:

       Stats syslogs changed from LOG_INFO to LOG_NOTICE.
       Use memmove() for self-overlapping string copies instead of strcpy().
       Couple of subroutine name changes for consistency.