Security update for HAVP anti-virus proxy
Small but important: a missing dot in one of the entries on the whitelist provided with the Http Anti-Virus Proxy (HAVP) allows attackers to inject malware. The whitelist at /etc/havp/whitelist includes the entry *sourceforge.net/*clamav-* . However, a missing dot in front of sourceforge unfortunately causes HAVP to disregard content from other domains that end in sourceforge.net, for example www.malwarefromsourceforge.net.
HAVP update 0.92a has the single purpose of adding a dot to the whitelist entry: *.sourceforge.net/*clamav-*.
The feature article from The H Security entitled "Using the HAVP anti-virus proxy to protect from web attacks" demonstrates how to install and configure HAVP in only a few steps.
(crve)