new polipo version 1.0.4.1
bug fix release
Christopher Davis released a new version for polipo. I made also an update for the FreeBSD port.
Changes:
Polipo 1.0.4.1 contains several security and stability fixes over 1.0.4. 31 January 2010: Polipo 1.0.4.1: Cherry-picked fixes from 1.0.5 * Fixed an integer overflow that may lead to a crash (http://secunia.com/advisories/37607/). Discovered by Jeremy Brown. (CVE-2009-4413) * Fixed a crash that occurs when a server sends a malformed Cache-Control: header (CVE-2009-3305). Patch from Stefan Fritsch. * Prevent an infinite loop when a bodyless 204 or 1xx response is encountered. * Don't crash when we get an error while waiting for 100 continue status.