On 04/02/14 05:09, Andrew Anderson wrote: > There exists a trivial DoS attack against EZproxy that I reported to OCLC about 2 years ago, and has not been addressed yet. ... and as soon as that gets a CVE (see http://cve.mitre.org/), corporate IT departments will force libraries to upgrade to the latest version or turn the software off. cheers stuart -- Stuart Yeates Library Technology Services http://www.victoria.ac.nz/library/Received on Mon Feb 03 2014 - 15:18:07 EST