A vulnerability was found in a way the privoxy processes specific client requests. A request with "Host" header empty could result in an invalid read.
Created privoxy tracking bugs for this issue:
Affects: fedora-all [bug 1300973]
Affects: epel-6 [bug 1300974]
Affects: epel-7 [bug 1300975]
Buffer over-read issue, possibly leading to crash. The privoxy is only included in Red Hat Enterprise Linux 5, which is in Phase 3 of its life cycle, and is therefore not planned to have this issue corrected.