Well, I don't know why something has 'suddenly' become a problem: its a known issue for years. The HTTP smuggling [http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf] attacks made that very obvious 5 years ago now.
http://en.wikipedia.org/wiki/HTTP_pipelining has a decent overview. Its nice an interesting that some recent software has it on, but that is generally because the authors don't realise how broken it is, IMNSHO :). -Rob -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktikdep4hoghns30kc-jryxqba9fmudd9-dvjf...@mail.gmail.com
