oss-sec mailing list archives
Re: CVE Request for Privoxy Version: 3.0.22
From: cve-assign () mitre org
Date: Sat, 10 Jan 2015 21:05:12 -0500 (EST)
On Wed, 7 Jan 2015, Yury German wrote:
Privoxy Version 3.0.22 has two vulnerabilities that were fixed in the version of Privoxy 3.0.22. Can we please assign CVE(s) to this.Fixed a memory leak when rejecting client connections due to the socket limit being reached (CID 66382). This affected Privoxy 3.0.21 when compiled with IPv6 support (on most platforms this is the default).
Use CVE-2015-1030.
Fixed an immediate-use-after-free bug (CID 66394) and two additional unconfirmed use-after-free complaints made by Coverity scan (CID 66391, CID 66376).
Use CVE-2015-1031.
URL to the Page: http://www.privoxy.org/announce.txt <http://www.privoxy.org/announce.txt>
--- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Current thread:
- CVE Request for Privoxy Version: 3.0.22 Yury German (Jan 07)
- Re: CVE Request for Privoxy Version: 3.0.22 cve-assign (Jan 10)