Package: polipo Version: 0.9.12-1 Severity: grave
This should be of interest to the security team. I tried to contact them in debian.security about a month ago but with no result. Summary: polipo crashes because of a null-pointer dereference in the dns-handling code. Detailed report including the output of gdb is provided here: http://article.gmane.org/gmane.comp.web.polipo.user/1695 The upstream replied with an advice to switch to the 1.0.1 version, but it is not a solution as the new version introduces new segfaults: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=432561 -- System Information: Debian Release: 4.0 APT prefers proposed-updates APT policy: (900, 'proposed-updates'), (900, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.22-minimal Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8) Versions of packages polipo depends on: ii libc6 2.3.6.ds1-13etch4 GNU C Library: Shared libraries polipo recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
