On Tue 17/04/2018 23:06, Björn Ketelaars wrote: > Diff below brings pound to 2.8a, which fixes potential request smuggling > via fudged headers. > > I played with this version of Pound a couple of months ago...and forgot > about it. > > Build tested ok on amd64. > > Comments/OKs?
Forgot to mention: If I'm not mistaken this update addresses https://www.cvedetails.com/cve/CVE-2016-10711/
