It was found that if the server serving a PAC file sends more than 102400 bytes without a Content-Length present, libproxy can overflow its buffer by PAC_HTTP_BLOCK_SIZE (512) bytes. References: https://github.com/libproxy/libproxy/pull/126 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968366
Created libproxy tracking bugs for this issue: Affects: fedora-all [bug 1883584]
Is this issue ever going to be fixed in RHEL8 ? Asking because I got asked to fix this in our RHEL8 based containers back on 2020/10/13 in https://issues.redhat.com/browse/CRW-1290 but as of UBI 8.6 the latest RPM is still libproxy-0.4.15-5.2.el8 But according to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968366 we need 0.4.15-15 Since we depend on RHEL8 / UBI8 containers for our image builds, this isn't something we can fix downstream... instead it needs a RHEL RPM fix, which we can then inherit.