Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2011-3596

created 2 months ago Activity log

Created suggestion 2 months ago

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted …

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

References

https://security-tracker.debian.org/tracker/CVE-2011-3596 x_transferredx_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3596 x_transferredx_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-3596 x_transferredx_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644289 x_transferredx_refsource_MISC

Affected products

polipo

==before 1.0.4.1

Matching in nixpkgs

pkgs.polipo

Small and fast caching web proxy

Package maintainers

@ehmry Emery Hemingway <ehmry@posteo.net>