Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
First Last Prev Next    This bug is not in your last search results.
Bug 1185922 - (CVE-2015-1380) CVE-2015-1380 privoxy: denial of service in case of client requests with incorrect chunk-encoded body
CVE-2015-1380 privoxy: denial of service in case of client requests with inco...
Status: CLOSED WONTFIX
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20150126,repor...
: Security
Depends On: 1185925 1185926
Blocks: 1169216
  Show dependency treegraph
 
Reported: 2015-01-26 11:02 EST by Vasyl Kaigorodov
Modified: 2015-03-20 03:49 EDT (History)
4 users (show)

See Also:
Fixed In Version: Privoxy 3.0.23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-03-19 06:15:06 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Vasyl Kaigorodov 2015-01-26 11:02:28 EST 
It was reported [1] that Privoxy 3.0.23 contains fixes for the following security issues:

- Fixed a DoS issue in case of client requests with incorrect
  chunk-encoded body. When compiled with assertions enabled
  (the default) they could previously cause Privoxy to abort().
  Reported by Matthew Daley.
  http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/jcc.c?r1=1.433&r2=1.434

- Fixed multiple segmentation faults and memory leaks in the
  pcrs code. This fix also increases the chances that an invalid
  pcrs command is rejected as such. Previously some invalid commands
  would be loaded without error. Note that Privoxy's pcrs sources
  (action and filter files) are considered trustworthy input and
  should not be writable by untrusted third-parties.
  http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.47

- Fixed an 'invalid read' bug which could at least theoretically
  cause Privoxy to crash.
  http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.297&r2=1.298

[1]: http://seclists.org/oss-sec/2015/q1/259
Comment 1 Vasyl Kaigorodov 2015-01-26 11:05:28 EST 
Created privoxy tracking bugs for this issue:

Affects: fedora-all [bug 1185925]
Affects: epel-all [bug 1185926]
Comment 2 Martin Prpič 2015-01-28 05:21:38 EST 
CVE assignments per http://seclists.org/oss-sec/2015/q1/285:

> - Fixed a DoS issue in case of client requests with incorrect
>   chunk-encoded body. When compiled with assertions enabled
>   (the default) they could previously cause Privoxy to abort().
>   Reported by Matthew Daley.
>  
> http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/jcc.c?r1=1.433&r2=1.
> 434

CVE-2015-1380

> 
> - Fixed multiple segmentation faults and memory leaks in the
>   pcrs code. This fix also increases the chances that an invalid
>   pcrs command is rejected as such. Previously some invalid commands
>   would be loaded without error. Note that Privoxy's pcrs sources
>   (action and filter files) are considered trustworthy input and
>   should not be writable by untrusted third-parties.
>  
> http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/pcrs.c?r1=1.46&r2=1.
> 47

CVE-2015-1381

> 
> - Fixed an 'invalid read' bug which could at least theoretically
>   cause Privoxy to crash.
>  
> http://ijbswa.cvs.sourceforge.net/viewvc/ijbswa/current/parsers.c?r1=1.
> 297&r2=1.298

CVE-2015-1382
Comment 3 Vasyl Kaigorodov 2015-03-18 09:07:44 EDT 
CVE-2015-1381 has been split to https://bugzilla.redhat.com/1203246
CVE-2015-1382 has been split to https://bugzilla.redhat.com/1203248
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.