Christopher Davis released a new version for polipo. I made also an update for the FreeBSD port.

Changes:

Polipo 1.0.4.1 contains several security and 
stability fixes over 1.0.4.

31 January 2010: Polipo 1.0.4.1:
  Cherry-picked fixes from 1.0.5
  * Fixed an integer overflow that may lead to a 
    crash (http://secunia.com/advisories/37607/).
    Discovered by Jeremy Brown. (CVE-2009-4413)
  * Fixed a crash that occurs when a server sends 
    a malformed Cache-Control: header (CVE-2009-3305).
    Patch from Stefan Fritsch.
  * Prevent an infinite loop when a bodyless 204 or 
    1xx response is encountered.
  * Don't crash when we get an error while waiting 
    for 100 continue status.

Kommentar hinzufügen

geschrieben von Frank Behrens am 2. Februar 2010 09:20:00 CET #