Alex Rykov
Alex Rykov
Overlapping #171
Log4j2. References - lunasec detects based on hashes specified [here](https://github.com/lunasec-io/lunasec/blob/master/tools/log4shell/log4j-library-hashes.json). The fact they use hashes is beside the point, but have a look at the version/file combo - [Palantir sniffer](https://github.com/palantir/log4j-sniffer)...
@pinacoelho, agreed on complexity(relative to zip). But disagree on value. There frequently are cases when software is distributed or backed up this way. So there is a risk of reintroduction...
The log attached [log.txt](https://github.com/eclipse/jetty.project/files/6736553/log.txt)
Does not this mean that the proxy requests close after the exchange is complete? Basically don't send other HTTP requests via the same pipe. Jetty client appears to close right...
It is not configurable. Culprit code on the line 767 [here](https://github.com/versat/cntlm/blame/084d75ba3947694a2a89d8d89cb309444c1fc660/forward.c) is 11 years old. This code appears to replicate HTTP/1.0 spec, rather than HTTP/1.1. And removing it indeed allows...
I tried curl, wget and chrome and captured [tcpdump.zip](https://github.com/eclipse/jetty.project/files/6751552/tcpdump.zip) (attached all but chrome and there are two curl dumps with -L and not) and they all seem to ignore close(note...
Although I created an issue and pull request for CNTLM, I don't anticipate this fix trickling downstream any time soon. Ubuntu and Redhat/centos packages still reference its old home on...
Sorry for being that guy, who asked yet is to lazy to do anything. Trying to find or generate a sample. So far unsuccessfully. At this point I only have...