A format string flaw was reported [1] in libproxy's proxy commandline tool (bin/proxy). This was corrected upstream [2] and is included in the 0.4.0 release. FORTIFY_SOURCE turns this into a harmless crash: % http_proxy=http://foo%n.example.com/ proxy http://example.com *** %n in writable segment detected *** http://foozsh: abort (core dumped) http_proxy=http://foo%n.example.com/ proxy http://example.com NOTE: this flaw exists solely in the proxy tool, not the library. [1] https://bugzilla.novell.com/show_bug.cgi?id=791086 [2] https://code.google.com/p/libproxy/source/detail?r=475
Fedora has libproxy 0.4.10 in -testing for Fedora 16; Fedora 17 and newer already have version 0.4.10.
libproxy-0.4.11-1.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
libproxy-0.4.11-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
This should be fixed in current release
Leaving open for non-Fedora.
As noted in comment #0, this is bug in the proxy example / test application and not libproxy library. Problem is also mitigated to the use of FORTIFY_SOURCE to a harmless application crash. Hence there is currently no plan to fix this in Red Hat Enterprise Linux 6. Issue will be fixed in future product versions if they include libproxy. Statement: The Red Hat Security Response Team has rated this issue as having low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.