Ok, now it makes sense. As a workaround, you should avoid using x-forwarded-for header from untrusted sources. Usually, it is the case - you can trust your frontend servers ;)
That means - real impact of this issue is very minor and mostly due to misconfiguration. 07.08.2012 14:15 пользователь "Sébastien Bocahu" < lists+deb...@zecrazytux.net> написал: > Hi, > > I am the bug reporter. > > > The "minimal" patch is to drop 030_ipv6.patch. I can't confirm that > > this bug is *not* reproducible for 0.6 version *with* the above patch. > > > > Can you ask bugreporter to report details on: > > -->8-- > > rpaf 0.6 is available in Debian wheezy. The IPv6 patched is not > applied > > though. I patched myself and tested it on the > > same squeeze environment: there is no more segfaults. > > -->8-- > > ? > > Unmodified 030_ipv6.patch still produce segfaults on 0.6+, for me. > > You are right. The ipv6 patch still produce segfaults on 0.6 on my setups > as > well. I had messed up while testing custom patches, sorry. > > This means that I should report the bug to upstream, as there is still a > bug in > the memory management or header parsing in 0.6... > > Thanks for working on this >
