Still an issue in bionic after update today (2019-06-13).
Setting
ssl.disable-client-renegotiation = "disable"
in lighttpd.conf helps, but is not really a solution, because of CVE-2009-3555.
lighttpd 1.4.45-1ubuntu3 libssl1.1 1.1.1-1ubuntu2.1~18.04.1
Still an issue in bionic after update today (2019-06-13).
Setting
ssl.disable- client- renegotiation = "disable"
in lighttpd.conf helps, but is not really a solution, because of CVE-2009-3555.
lighttpd 1.4.45-1ubuntu3 1~18.04. 1
libssl1.1 1.1.1-1ubuntu2.