oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Two DoS issues fixed in Privoxy 3.0.31 stable

From: Fabian Keil <freebsd-listen () fabiankeil de>
Date: Sun, 31 Jan 2021 13:13:08 +0100
               Announcing Privoxy 3.0.31 stable
--------------------------------------------------------------------

Privoxy 3.0.31 fixes two security issues that were discovered while
preparing the 3.0.30 release. The issues also affect earlier Privoxy
releases.

--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.31
--------------------------------------------------------------------

- Security/Reliability:
  - Prevent an assertion from getting triggered by a crafted CGI request.
    Commit 5bba5b89193fa. OVE-20210130-0001.
    Reported by: Joshua Rogers (Opera)
  - Fixed a memory leak when decompression fails "unexpectedly".
    Commit f431d61740cc0. OVE-20210128-0001.
[...]
-----------------------------------------------------------------
About Privoxy:
-----------------------------------------------------------------

Privoxy is a non-caching web proxy with advanced filtering capabilities for
enhancing privacy, modifying web page data and HTTP headers, controlling
access, and removing ads and other obnoxious Internet junk. Privoxy has a
flexible configuration and can be customized to suit individual needs and
tastes. It has application for both stand-alone systems and multi-user
networks.

Privoxy is Free Software and licensed under the GNU GPLv2.

[...]

Home Page: 
https://www.privoxy.org/

ChangeLog:
https://www.privoxy.org/3.0.31/user-manual/whatsnew.html

Attachment: _bin
Description: OpenPGP digital signature

Previous By Date Next
Previous By Thread Next

Current thread: