Lighttpd 1.4.41 发布，高性能 Web 服务器

Lighttpd 1.4.41 发布了Lighttpd 是一个德国人领导的开源Web服务器软件，其根本的目的是提供一个专门针对高性能网站，安全、快速、兼容性好并且灵活的web server环境。具有非常低的内存开销，cpu占用率低，效能好，以及丰富的模块等特点。

一些新特性：

• security fixes

• security: encode quoting chars in HTML and XML

• security: ensure gid != 0 if server.username is set, but not server.groupname

• security: disable stat_cache if server.follow-symlink = “disable”

• security: httpoxy defense: do not emit HTTP_PROXY to CGI env

• fix bugs introduced in 1.4.40 (sorry)

• bug: lighttpd 1.4.40 might leave client sockets in TIME WAIT (FIN2_WAIT)

• bug: lighttpd 1.4.40 times out on TLS requests with POST data

• bug: lighttpd 1.4.40 reversed REQUEST_URI/REDIRECT_URI (now reverted)

• bug: lighttpd 1.4.40 rejects IPv6 addrs in $HTTP[“remoteip”]

• bug: lighttpd 1.4.40 rejects IPv6 addrs in $SERVER[“socket”] scope identifier

• bug: lighttpd 1.4.40 segfault in mod_accesslog if %T in custom format

• bug: lighttpd 1.4.40 might trigger assert when converting to hex string

• behavior changes

• new: use TMPDIR if server.upload-dirs is not defined, “/var/tmp” if neither

• new: inherit server.use-ipv6 and server.set-v6only from global scope

• reverted REQUEST_URI/REDIRECT_URI to match behavior in lighttpd <= 1.4.39

一些改进：

• remove long-deprecated, non-functional config opts

• [config] inherit server.use-ipv6 and server.set-v6only (fixes #678)

• [mod_auth] fix Digest auth to be better than Basic (fixes #1844)

• [mod_ssi] fix #config sizefmt=“bytes”

• [autobuild] move inet_pton detection later

• [core] #include <sys/filio.h> for FIONREAD (fixes #2726)

• [autobuild] clock_gettime() -lrt with glibc < 2.17

• [security] do not emit HTTP_PROXY to CGI env

• [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes #2737)

• [core] avoid spurious trace and error abort

• [core] stay in CON_STATE_CLOSE until done with req

• [core] $HTTP[“remoteip”] must handle IPv6 w/o []

• [mod_status] show keep-alive status w/ text output (fixes #2740)

• do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)

• revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)

• [core] permit IPv6 address scope identifier

• [TLS] better handling of SSL_ERROR_WANT_READ/WRITE

• [TLS] read all available records from SSL_read()

• [core] try AF_INET after AF_INET6 if use-ipv6

• [core] set chunkqueue tempdirs at startup

• [security] ensure gid != 0 if server.username set (fixes #2725)

• [security] disable stat_cache if !follow-symlink (fixes #2724)

• [core] fix buffer_copy_string_hex() assert (fixes #2742)

• [security] encode quoting chars in HTML and XML

• [cmake] always define _GNU_SOURCE

• [cmake] enable warnings for GCC and Clang

• [cmake] set cmake_minimum_required to 2.8.2

下载地址：

• lighttpd-1.4.41.tar.gz (GPG signature)

• SHA256: 8a5749e218237fafc3119dd8a4fcf510ea728728b3fcf1193fcad7209be4b6d7

• lighttpd-1.4.41.tar.xz (GPG signature)

• SHA256: 4bcc383ef6d6dc7b284f68882d71a178e2986c83c4e85eeb3c8f3b882e346b6c

• SHA256 checksums