ChangeLog: https://github.com/emikulic/darkhttpd/releases/tag/v1.14
* Add support for logging with syslog.
* Fix hung connection from consecutive keep-alive requests.
* Fix high CPU usage when timeout is disabled.
* Add --forward-https.
* Make header parsing case insensitive, to work behind an HTTP2 reverse proxy.
* Add trailing slash to links for directories.
* Fix crash when a file has a large (year 10,000+) mtime.
A flaw was found in darkhttpd. Invalid error handling allows remote attackers
to cause denial-of-service by accessing a file with a large modification date.
The highest threat from this vulnerability is to system availability.
PR: 267507
Reported by: henrichhartzer@tuta.io
MFH: 2022Q4 (security update)
Security: CVE-2020-25691
1de880e0f6