process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. CREATE(Triage):(User=admin) [CVE-2019-16239|https://nvd.nist.gov/vuln/detail/CVE-2019-16239]