CVE-2016-10711
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
Date published : 2018-01-29
http://www.apsis.ch/pound/pound_list/archive/2016/2016-10/1477235279000
https://lists.debian.org/debian-lts-announce/2018/02/msg00015.html