This is my first submission. I tested this by running ebuild /usr/local/portage/www-servers/lighttpd/lighttpd-1.4.26.ebuild test And Installed on my x86 system using my overlay tree PORTDIR_OVERLAY=/usr/local/portage emerge -av lighttpd Changes in this build according to URL (the OOM/DoS was patched in gentoo by lighttpd-1.2.25-r1.ebuild): There have been some important bug fixes (request parser handling for splitted header data, a fd leak in mod_cgi, a segfault with broken configs in mod_rewrite/mod_redirect, HUP detection and an OOM/DoS vulnerability).
Created attachment 218927 [details] lighttpd-1.4.26.ebuild
* Append to previous buffer in con read, fix DoS/OOM vulnerability (fixes #2147, found by liming, CVE-2010-0295)
The vulnerability was fixed for gentoo in lighttpd-1.4.25-r1 via a patch (not lighttpd-1.2.25-r1 as I mistyped before).
Security issue (fixed in 1.4.25-r1 in Gentoo, as noted above) is being tracked in bug 303213, so this is just an ordinary version bump.
