Web applications on Phusion Passenger are not vulnerable to HTTPoxy

A short time ago an old security issue was revealed to still be present in many modern application servers. The issue is now known as HTTPoxy, »

Security advisory: CVE-2015-7519 header overwriting (medium severity)

It was discovered by the SUSE security team that it was possible, in some cases, for clients to overwrite headers set by the server, resulting in »