Version 0.89 of HAVP is out. Reproducible: Always
03.08.2008 HAVP 0.89 released - Fix possible retry loop and hang (thanks to Peter Warasin @ endian.it) - Always send Via: header, fixes some IIS problems (e.g. MSNBC) I took the liberty of bumping it since there is no significative change. And it seems it has a security impact. So, reassigning to security. Original advisory is here: https://sourceforge.net/mailarchive/forum.php?thread_name=487CDF51.5060201%40endian.com&forum_name=havp-devel
Hi AMD64 team and X86 team, please could you test & stabilize net-proxy/havp-0.89, thanks.
amd64/x86 stable, all arches done.
Thanks. Time to vote. I would vote glsa because that kind of DoS is really easy to trigger. But half-yes because of the weak distribution of that software.
I'll vote yes, because it's a security-specific application - the people that ARE using it need to know.
yes too, request filed.
GLSA 200809-11