--- /dev/null
+diff -urN lighttpd-1.4.32.org/src/http_auth.c lighttpd-1.4.32/src/http_auth.c
+--- lighttpd-1.4.32.org/src/http_auth.c 2012-05-17 11:29:24.000000000 +0200
++++ lighttpd-1.4.32/src/http_auth.c 2013-06-05 19:58:07.828450230 +0200
+@@ -688,6 +688,8 @@
+ salt[salt_len] = '\0';
+
+ crypted = crypt(pw, salt);
++ if (NULL == crypted)
++ return -1;
+
+ if (0 == strcmp(password->ptr, crypted)) {
+ return 0;
Summary(pl.UTF-8): Szybki i lekki serwer HTTP
Name: lighttpd
Version: 1.4.32
-Release: 1
+Release: 2
License: BSD
Group: Networking/Daemons/HTTP
Source0: http://download.lighttpd.net/lighttpd/releases-1.4.x/%{name}-%{version}.tar.bz2
Patch3: %{name}-branding.patch
Patch5: %{name}-mod_deflate.patch
Patch6: test-port-setup.patch
+Patch7: %{name}-crypt.patch
#Patch: %{name}-modinit-before-fork.patch
#Patch: %{name}-errorlog-before-fork.patch
URL: http://www.lighttpd.net/
%patch3 -p1
%{?with_deflate:%patch5 -p1}
%patch6 -p1
+%patch7 -p1
rm -f src/mod_ssi_exprparser.h # bad patching: should be removed by is emptied instead