Gentoo Linux Security Advisory 201607-10 - Improper input validation in Varnish allows remote attackers to conduct HTTP smuggling attacks, and possibly trigger a buffer overflow. Versions less than 3.0.7 are affected.
c34e7c2fcf5bec193bd0105cdbf6caa9e33b041e525c3094834b3e35b5bdb77a
Debian Linux Security Advisory 3553-1 - Regis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies.
bc657fff411ae02e679a1648904473ae77ce5c8698e470789184f8f669a61b43