高性能Web服務器，Lighttpd 1.4.36 發布

Lighttpd 是一個德國人領導的開源Web服務器軟件，其根本的目的是提供一個專門針對高性能網站，安全、快速、兼容性好并且靈活的web server環境。具有非常低的內存開銷，cpu占用率低，效能好，以及豐富的模塊等特點。

Lighttpd是眾多OpenSource輕量級的web server中較為優秀的一個。支持FastCGI, CGI, Auth, 輸出壓縮(output compress), URL重寫, Alias等重要功能，而Apache之所以流行，很大程度也是因為功能豐富，在lighttpd上很多功能都有相應的實現了，這點對于apache的用 戶是非常重要的，因為遷移到lighttpd就必須面對這些問題。

• 默認禁用 SSL 3.0
• 對日志中的所有字符串進行轉義
• 修復了上傳時無法創建臨時文件導致的段錯誤
• 改變內部緩沖、chunks 等方面的 API，可能導致第三方插件的兼容問題

下載地址：

• lighttpd-1.4.36.tar.gz (GPG signature)
  • SHA256: 8afc12cd40412cd94679f08725c68e4f5a3d91dfff7abc12d217c4f489b1819b
• lighttpd-1.4.36.tar.xz (GPG signature)
  • SHA256: 897ab6b1cc7bd51671f8af759e7846245fbbca0685c30017e93a5882a9ac1a53
• SHA256 checksums

與 1.4.35 版本比較，詳細改進內容包括：

• use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
• fix bad shift in conditional netmask “…/0” handling
• add more mime types and a script to generate mime.conf (fixes #2579)
• add support for (Free)BSD extended attributes
• [build] use fortify flags with “extra-warnings”
• [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn’t available
• [ssl] disable SSL3.0 by default
• fixed typo in example config found by openSUSE user (boo# 907709)
• [network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609)
• [connections] fix bug in connection state handling
• print backtrace in assert logging with libunwind
• major refactoring of internal buffer/chunk handling
• [mod_auth] use crypt_r instead of crypt if available
• fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
• fix segfaults in many plugins if they failed configuration
• escape all strings for logging (fixes #2646 log file injection, reported by Jaanus K??p)
• fix hex escape in accesslog (fixes #2559)
• show extforward re-run warning only with debug.log-request-handling (fixes #2561)
• parse If-None-Match for ETag validation (fixes #2578)
• fix memory leak in mod_status when no counters are set (found by coverity)
• [mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
• fix segfault when temp file for upload couldn’t be created (found by coverity)
• mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
• [mod_proxy] add unix domain socket support (fixes #2653)
• [configfile] fix reading uninitialized variable (found by Willian B.)