On Tue, Oct 04, 2011 at 10:12:07PM +0200, Thijs Kinkhorst wrote:
> Package: polipo
> Severity: important
> Tags: security
>
> Hi,
>
> A denial of service attack has been published against polipo:
> http://seclists.org/fulldisclosure/2011/Oct/10
>
> Given that polipo is intended for a limited audience, the attack needs to
> originate from this audience and the result is a denial of service, I
> think this doesn't need a full blown DSA. It should be fixed in unstable
> though, and possibly through (old)stable-proposed-updates.
>
> Please mention CVE-2011-3596 in your changelog entries.
What's the status?
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
