[SECURITY] [DLA 2372-1] libproxy security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2372-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
September 12, 2020 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : libproxy
Version : 0.4.14-2+deb9u1
CVE ID : CVE-2020-25219
It was discovered that there was a denial of service attack in
libproxy, a library to make applications HTTP proxy aware. A remote
server could cause an infinite stack recursion.
For Debian 9 "Stretch", this problem has been fixed in version
0.4.14-2+deb9u1.
We recommend that you upgrade your libproxy packages.
For the detailed security status of libproxy please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libproxy
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl9cl/MACgkQHpU+J9Qx
HlgjrxAAxk8OunTVKCTtCztwJKSWCSp46WGF+4fRXmKIFdjHw0/+4e6dKcaHXEbF
3OwLem9UGa4C8VnmuXb3S8ThAbZZ+ceaIYBBun8DlD7/3V23RezZeiegKr+ZhN61
6WYKRl8cGWJmGX0TVOW27tmw2Yin5n+tTQAroAVvx3HT2xy8wvzruwtJMPx01LzN
iQqaQrcnkiHOpkOcp0STPb15J2YRaDaZa6lGa214sN11lMw8HN7ARdM967qXz5x3
cAYLbOpzQm3BIBZhEGFA0407VYLduvexIVwgOBi8PeilYHuLCLfm7DKkbOtRn2Tn
sZfDg6NuAitjpy/WbnwUUmBn3+blCtTOacJMq9PFjr+2E0QCAHZxqrzD2KUV02x/
tF46GlFiBVi3XsDyWADBpU9IWy/EY0uHjfC840fA5F7c4zsd9pUXy5na7kVdIFFH
pb7itoMKhIRRXYeyEsTBa2RPX3pbSx/s3nM/usd2DpyZG71SYy1anBwwrhgt3+JH
psnzEmvm0YgGQ8Fd0C0PZI1sbbfuDVUpO3vSoqQK/yXITPuTgSYgEw7ittFgNFr1
Xn9rJtaejY/biO6o138ZrgWUg4enbuvolbOGSoXxEiA7dVsJKN+ZoF7QXovEdQoH
mTPDaNkY4KRvtJE8K/fLleUu02SLclymAdssYxfpxVSrmxbYY8U=
=+5f8
-----END PGP SIGNATURE-----
Reply to: