Debian Security Advisory 1609-1 - Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint.
47d9590cba1f0e6cca6378a35e695f31a892c064c75b91017f061d6d7867e0f4
Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.
4b93d00e8346ee0513619fe0cb000ab50487fcd726d600745ed90dd8a12b0ecb