Version 0.92a of the HTTP Anti-Virus Proxy (HAVP) was recently released, patching a security flaw.

"The whitelist at /etc/havp/whitelist includes the entry *sourceforge.net/*clamav-*," according to The H Security. "However, a missing dot in front of sourceforge unfortunately causes HAVP to disregard content from other domains that end in sourceforge.net, for example www.malwarefromsourceforge.net."


"HAVP update 0.92a has the single purpose of adding a dot to the whitelist entry: *.sourceforge.net/*clamav-*," the article states.

Click here to read the article at The H Security.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.