Version 0.89 of HAVP is out.
HAVP 0.89 released
- Fix possible retry loop and hang (thanks to Peter Warasin @ endian.it)
- Always send Via: header, fixes some IIS problems (e.g. MSNBC)
I took the liberty of bumping it since there is no significative change.
And it seems it has a security impact. So, reassigning to security.
Original advisory is here: https://sourceforge.net/mailarchive/forum.php?thread_name=487CDF51.5060201%40endian.com&forum_name=havp-devel
Hi AMD64 team and X86 team, please could you test & stabilize net-proxy/havp-0.89, thanks.
amd64/x86 stable, all arches done.
Thanks. Time to vote.
I would vote glsa because that kind of DoS is really easy to trigger. But half-yes because of the weak distribution of that software.
I'll vote yes, because it's a security-specific application - the people that ARE using it need to know.
yes too, request filed.