Package: lighttpd Version: 1.4.19-1 Severity: important The default debian configuration settings (and the one which is "intuitive") has the following code snippet: $HTTP["remoteip"] == "127.0.0.1"
This occurs in /etc/lighttpd/lighttpd.conf, /etc/lighttpd/conf-available/10-cgi.conf, and probably other modules (which I haven't installed) too. In the most recent version (1.4.19) the default Debian configuration is to enable IPv6 by default. This BREAKS the above configuration, because 127.0.0.1 is not a valid IPv6 address; ::ffff:127.0.0.1 is the corresponding IPv6 address. The bug can be easily fixed by replacing the above code snippet, in all the cases where it occurs, with one of the following: $HTTP["remoteip"] == "::ffff:127.0.0.1" $HTTP["remoteip"] =~ "127.0.0.1" The first one is more strict and more "correct". However the second one allows easy disabling/enabling of IPv6, and is also more intuitive / newbie-friendly, because 127.0.0.1 is what everyone is used to. In either case, comments next to the code explaining why ' == "127.0.0.1" ' doesn't work, would help to wrap up any confusion that people might have. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages lighttpd depends on: ii libattr1 1:2.4.41-1 Extended attribute shared library ii libbz2-1.0 1.0.5-0.1 high-quality block-sorting file co ii libc6 2.7-6 GNU C Library: Shared libraries ii libgamin0 [libfam0] 0.1.9-2 Client library for the gamin file ii libldap-2.4-2 2.4.7-6.1 OpenLDAP libraries ii libpcre3 7.4-1+lenny1 Perl 5 Compatible Regular Expressi ii libssl0.9.8 0.9.8g-8 SSL shared libraries ii libterm-readline-perl- 1.0302-1 Perl implementation of Readline li ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip ii mime-support 3.40-1.1 MIME files 'mime.types' & 'mailcap ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime lighttpd recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]