[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 142-1] privoxy security update

Package        : privoxy
Version        : 3.0.16-1+deb6u1
CVE ID         : CVE-2015-1031 CVE-2015-1381 CVE-2015-1382

Several vulnerabilities have been fixed in privoxy, a privacy enhancing
HTTP proxy:

CVE-2015-1031, CID66394:

    unmap(): Prevent use-after-free if the map only consists of one item.

CVE-2015-1031, CID66376 and CID66391:

     pcrs_execute(): Consistently set *result to NULL in case of errors.
     Should make use-after-free in the caller less likely.


     Fix multiple segmentation faults and memory leaks in the pcrs code.


     Fix invalid read to prevent potential crashes.

We recommend that you upgrade your privoxy packages.

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: