hoffie reported it
... because Lfe from #lighttpd pinged me ;) I don't think this has high priority for us, as using case-insensitive file systems for web-accessible content is not really that common on Linux, I'd say. Thanks armin76 ;)
can someone please add CVE-2008-1270?
Done
Removed the CVE again, it's the other bug.
please bump here
1.4.19 is in the tree which applies the linked patch...
Arches, please test and mark stable: =www-servers/lighttpd-1.4.19 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 release sh sparc x86"
ppc64 stable
alpha/ia64/sparc stable
1.4.19-r1 will hit the tree in a sec. see also bug #214892
Closing [noglsa] since bug a version fixing this vulnerability is now stable and this bug is not subject to GLSA processing because of the C4 status.