Bug 849368 (CVE-2012-3505)
Summary: | CVE-2012-3505 tinyproxy: multiple headers hashmap DoS | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Other] Security Response | Reporter: | Kurt Seifried <kseifried> | ||||||
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> | ||||||
Status: | CLOSED UPSTREAM | QA Contact: | |||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | unspecified | CC: | jeremy, madam, rhel | ||||||
Target Milestone: | --- | Keywords: | Security | ||||||
Target Release: | --- | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2019-06-10 10:59:04 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Bug Depends On: | 849369, 849370 | ||||||||
Bug Blocks: | |||||||||
Attachments: |
|
Description
Kurt Seifried
2012-08-18 21:54:05 UTC
Created tinyproxy tracking bugs for this issue Affects: fedora-all [bug 849369] Created tinyproxy tracking bugs for this issue Affects: epel-all [bug 849370] Created attachment 605402 [details]
CVE-2012-3505-tinyproxy-limit-headers.patch
Created attachment 605403 [details]
CVE-2012-3505-tinyproxy-randomized-hashmaps.patch
Believe it or not: Fixes pushed to upstream and will be released soon with Tinyproxy 1.8.4. Upstream release including fix available at https://github.com/tinyproxy/tinyproxy/releases/tag/1.8.4 (Note: upstream hosting is currently changing.) This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products. |