Ori Hollander reported that missing header name length checks in the htx_add_header and htx_add_trailer functions in HAProxy, a fast and reliable load balancing reverse proxy, could result in request smuggling attacks or response splitting attacks. Additionally this update addresses #993303 introduced in DSA 4960-1 causing HAProxy to fail serving URLs with HTTP/2 containing "//".