DSA-2002 polipo -- denial of serviceID: oval:org.mitre.oval:def:7445 | Date: (C)2010-05-24 (M)2023-10-27 |
Class: PATCH | Family: unix |
Several denial of service vulnerabilities have been discovered in polipo, a small, caching web proxy. The Common Vulnerabilities and Exposures project identifies the following problems: A malicous remote sever could cause polipo to crash by sending an invalid Cache-Control header. A malicous client could cause polipo to crash by sending a large Content-Length value. This upgrade also fixes some other bugs that could lead to a daemon crash or an infinite loop and may be triggerable remotely.