Описание
Security update for privoxy
This update for privoxy fixes the following issues:
- Update to version 3.0.31:
- Security/Reliability (boo#1181650)
- Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers (Opera)
- Fixed a memory leak when decompression fails 'unexpectedly'. Commit f431d61740cc0. OVE-20210128-0001. CVE-2021-20216
- Bug fixes:
- Fixed detection of insufficient data for decompression. Previously Privoxy could try to decompress a partly uninitialized buffer.
- Security/Reliability (boo#1181650)
Список пакетов
openSUSE Leap 15.2
privoxy-3.0.31-lp152.3.6.1
privoxy-doc-3.0.31-lp152.3.6.1
Ссылки
- E-Mail link for openSUSE-SU-2021:0265-1
- SUSE Security Ratings
- SUSE Bug 1181650
- SUSE CVE CVE-2021-20216 page
- SUSE CVE CVE-2021-20217 page
Описание
A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability.
Затронутые продукты
openSUSE Leap 15.2:privoxy-3.0.31-lp152.3.6.1
openSUSE Leap 15.2:privoxy-doc-3.0.31-lp152.3.6.1
Ссылки
- CVE-2021-20216
- SUSE Bug 1181650
Описание
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.
Затронутые продукты
openSUSE Leap 15.2:privoxy-3.0.31-lp152.3.6.1
openSUSE Leap 15.2:privoxy-doc-3.0.31-lp152.3.6.1
Ссылки
- CVE-2021-20217
- SUSE Bug 1181650