Red Hat Bugzilla – Bug 1169213
CVE-2015-1030 privoxy: potential flaws fixed in version 3.0.22
Last modified: 2015-03-20 03:47:36 EDT
The 3.0.22 release of Privoxy fixes the following potential flaws: "" Fixed a memory leak when rejecting client connections due to the socket limit being reached (CID 66382). This affected Privoxy 3.0.21 when compiled with IPv6 support (on most platforms this is the default). Fixed an immediate-use-after-free bug (CID 66394) and two additional unconfirmed use-after-free complaints made by Coverity scan (CID 66391, CID 66376). "" Version 3.0.22 is already in the Fedora and EPEL 6 testing repositories. Reference: http://www.privoxy.org/announce.txt
(In reply to Murray McAllister from comment #0) > Fixed a memory leak when rejecting client connections due to > the socket limit being reached (CID 66382). This affected > Privoxy 3.0.21 when compiled with IPv6 support (on most > platforms this is the default). This was assigned CVE-2015-1030. > > Fixed an immediate-use-after-free bug (CID 66394) and two > additional unconfirmed use-after-free complaints made by > Coverity scan (CID 66391, CID 66376). This was assigned CVE-2015-1031. http://seclists.org/oss-sec/2015/q1/111
Common Vulnerabilities and Exposures assigned an identifier CVE-2015-1201 to the following vulnerability: Name: CVE-2015-1201 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1201 Assigned: 20150120 Reference: http://secunia.com/advisories/62123 Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
upstream fixes ============== CVE-2015-1030 ------------- Fixed a memory leak when rejecting client connections due to the socket limit being reached (CID 66382). This affected Privoxy 3.0.21 when compiled with IPv6 support (on most platforms this is the default). Links: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=log http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=log&pathrev=v_3_0_22 Patch: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/cgisimple.c?view=patch&r1=1.130&r2=1.131&pathrev=v_3_0_22 CVE-2015-1031 ------------- Fixed an immediate-use-after-free bug (CID 66394) and two additional unconfirmed use-after-free complaints made by Coverity scan (CID 66391, CID 66376). Links: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/list.c?view=log&pathrev=v_3_0_22 Patch: http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/list.c?view=patch&r1=1.31&r2=1.32&pathrev=v_3_0_22
CVE-2015-1201 has been split to https://bugzilla.redhat.com/1203237 CVE-2015-1031 has been split to https://bugzilla.redhat.com/1203242