Package: polipo Severity: important Tags: security Hi,
A denial of service attack has been published against polipo: http://seclists.org/fulldisclosure/2011/Oct/10 Given that polipo is intended for a limited audience, the attack needs to originate from this audience and the result is a denial of service, I think this doesn't need a full blown DSA. It should be fixed in unstable though, and possibly through (old)stable-proposed-updates. Please mention CVE-2011-3596 in your changelog entries. thanks, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
