-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2795-2                   security@debian.org
http://www.debian.org/security/                           Michael Gilbert
November 16, 2013                      http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : lighttpd
Vulnerability  : regression
Problem type   : remote
Debian-specific: no
Debian Bug     : 729480

It was discovered discovered that SSL connections with client certificates
stopped working after the DSA-2795-1 update of lighttpd.  An upstream
patch has now been applied that provides an appropriate identifier for
client certificate verification.

For the oldstable distribution (squeeze), this problem has been fixed in
version 1.4.28-2+squeeze1.5.

For the stable distribution (wheezy), this problem has been fixed in
version 1.4.31-4+deb7u2.

For the testing (jessie) and unstable (sid) distributions, this problem
will be fixed soon.

We recommend that you upgrade your lighttpd packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQQcBAEBCgAGBQJSiBhlAAoJELjWss0C1vRznAgf/3GLMXwDwNiZnCXnwyiiWDlz
i03rvD4JC/AKzA/BUqxbutauuwBCDL1ed/Rmrk0q3emX6k6RPJlsUe+NCsQXJbcz
P0g+eCXGAjos/uMhEwKxp+/BM2ePp64eT80pGQi5PIKy/ecYElda2HmOJTve1y28
0VNoQmKay67mmwkKz6YncD1TCp67085fRmPVLspk2TS+Pp2cEURfjc2m1MW9K7HL
Ad9RotqBKdKD6CfNC7owCJiWUaBImHWXVszXNUrpxUWK3GPuwR2stoRhZ3vpdv4X
aDuP4bxrrhFg9I2vjQZmD6bhTwPW4dHfP8K+1mmCdI+r587XN2l2Q61HDjYOBS5K
u/PHnhqOFC1bC+fi3mpLLD4b3tryDQmGoaKtq2hxZXzAb+cJFwWQVvUpd6WqJzcr
j2pjp2RPYHloG6cd0LryuOJmylodCCXx8CNDClnJvTMcKZlTcgfwNpFeAtumuh8R
xjq4M5Agt/AdwiJwURj7+fvbkPhyzjDWjJzb9CJSNQgbkQAeZgdS6Z5kn25hmuMs
71IsJtd6F7xpTlh6LyguEBVNG9p9WUGoFAA0R2OBC/8dDpspdHmavZwuHbrKhsLO
gW0nDyyyJNGFnu93OfB7f2JgQZkumGLt36JNjgtpGLPQsBHFIcbJ0Ido4Malh7FC
sEWbgcjpJ0ulOjGtpBuICxX7NDuqd2btn803W3bubuzRkvI61aVcm8TinLwaR45Z
5GMewIpivvaF09tRBjRCSV3Qnq7BJNdYYWq/w4y/vTN77Qrfo47YMorphT+BdWQw
3X7jaRccIikpVQEfvaqbKMRVYt4aKGkeso56lNCoLmegDbDrS2kkHc3ei8Nx1RB5
yhlNh3KJC7rDG5Xvp84Su/gzHcHcW65IHwYLrOxYHceThe1UD90jDCmdg4GubBPh
ut7ShBkOFM0cxThl4L9hD9M/ROTIHjVZo+36twaa6WGVyEkHNfhD9hHH5fOIdnp7
hsQOmo6c+KoYs7/jkpUKlTy301XRBCid8i4jB0Ohw/CdOf3IrmJ7X1M2nycjAsD9
Fc5TDp6Rrhm7222gIFwzcu0Rmy5uTndn2inClKNUhb/hj4/u7IwBHdUsgULERt5w
7JDK87sPCjlIxp/fredrwOsZpBb+XeRlXhzW6SuWpJuaxc9TKElHILmeqeMnjej1
vWMoWA1wvtWIdTg7V3e/Y38EugYSyx1Jj1GtuYjUhe+sqpiGWaTC3lrqPCdV0A84
9CCKS51ewqLwB1RJrUbaxc5g0dmULkUFGuwgb5WT63Dp9AZIB2O8B3RpqkdIzyXP
caFNz/ydPSH4vXCHckoTyJ04CzylX8HkTgPmvLshGJTs74U1hCEfOOWT+2tLiHo=
=Uz0N
-----END PGP SIGNATURE-----