hoffie reported it
... because Lfe from #lighttpd pinged me ;)
I don't think this has high priority for us, as using case-insensitive file systems for web-accessible content is not really that common on Linux, I'd say.
Thanks armin76 ;)
can someone please add CVE-2008-1270?
Removed the CVE again, it's the other bug.
please bump here
1.4.19 is in the tree which applies the linked patch...
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 release sh sparc x86"
1.4.19-r1 will hit the tree in a sec. see also bug #214892
Closing [noglsa] since bug a version fixing this vulnerability is now stable and this bug is not subject to GLSA processing because of the C4 status.