oss-sec mailing list archives
Re: Apache HttpClient CVE request [VU#153049]
From: Mark J Cox <mjc () redhat com>
Date: Fri, 8 Apr 2011 08:08:31 +0100 (BST)
* [HTTPCLIENT-1061] Fixed critical bug causing Proxy-Authorization header to be sent to the target host when tunneling requests through a proxy server that requires authentication.
Use CVE-2011-1498 for this issue Thanks, Mark
Current thread:
- Apache HttpClient CVE request [VU#153049] Chad Dougherty (Apr 07)
- Re: Apache HttpClient CVE request [VU#153049] Mark J Cox (Apr 08)