Comment 1 Raphael Marichez (Falco) (RETIRED) 2008-08-14 14:56:02 UTC

03.08.2008
HAVP 0.89 released
- Fix possible retry loop and hang (thanks to Peter Warasin @ endian.it)
- Always send Via: header, fixes some IIS problems (e.g. MSNBC)



I took the liberty of bumping it since there is no significative change.

And it seems it has a security impact. So, reassigning to security.

Original advisory is here: https://sourceforge.net/mailarchive/forum.php?thread_name=487CDF51.5060201%40endian.com&forum_name=havp-devel

Comment 2 Raphael Marichez (Falco) (RETIRED) 2008-08-14 14:58:48 UTC

Hi AMD64 team and X86 team, please could you test & stabilize net-proxy/havp-0.89, thanks.

Comment 3 Markus Meier 2008-08-15 18:17:40 UTC

amd64/x86 stable, all arches done.

Comment 4 Raphael Marichez (Falco) (RETIRED) 2008-08-17 22:35:27 UTC

Thanks. Time to vote.

I would vote glsa because that kind of DoS is really easy to trigger. But half-yes because of the weak distribution of that software.

Comment 5 Matt Drew (RETIRED) 2008-09-08 17:07:41 UTC

I'll vote yes, because it's a security-specific application - the people that ARE using it need to know.

Comment 6 Pierre-Yves Rofes (RETIRED) 2008-09-18 21:30:21 UTC

yes too, request filed.

Comment 7 Pierre-Yves Rofes (RETIRED) 2008-09-21 17:35:29 UTC

GLSA 200809-11