oss-sec mailing list archives

Re: Two DoS issues fixed in Privoxy 3.0.31 stable

From: Fabian Keil <freebsd-listen () fabiankeil de>
Date: Thu, 4 Feb 2021 16:46:32 +0100

Fabian Keil <freebsd-listen () fabiankeil de> wrote on 2021-01-31:

--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.31
--------------------------------------------------------------------

- Security/Reliability:
  - Prevent an assertion from getting triggered by a crafted CGI request.
    Commit 5bba5b89193fa. OVE-20210130-0001.
    Reported by: Joshua Rogers (Opera)


CVE-2021-20217.

  - Fixed a memory leak when decompression fails "unexpectedly".
    Commit f431d61740cc0. OVE-20210128-0001.


CVE-2021-20216.

Fabian

Attachment: _bin
Description: OpenPGP digital signature

Current thread:

Two DoS issues fixed in Privoxy 3.0.31 stable Fabian Keil (Jan 31)
- Re: Two DoS issues fixed in Privoxy 3.0.31 stable Fabian Keil (Feb 04)