Proposed commit message:
Mark mini_httpd < 1.28 and thttpd < 2.28 as vulnerable as per:
http://acme.com/updates/archive/199.html
While we're here, fix whitespace in vuln.xml that "make validate" flagged. Reviewed by: ? (mentor) Approved by: ? (mentor) Security: CVE-2017-17663 Differential Revision: ?