privoxy 3.0.24-1ubuntu0.1 source package in Ubuntu
Changelog
privoxy (3.0.24-1ubuntu0.1) xenial-security; urgency=medium * SECURITY UPDATE: Buffer overflow - debian/patches/38_CVE-2021-20217.patch: Prevent an assertion by a crafted CGI request. - CVE-2021-20217 * SECURITY UPDATE: Memory leak - debian/patches/40_CVE-2021-20216.patch: Fix a memory leak. - debian/patches/41_CVE-2020-35502.patch: Fixed memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory. - debian/patches/42_CVE-2021-20209.patch: Fixed a memory leak in the show-status CGI handler when no action files are configured. - debian/patches/43_CVE-2021-20210.patch: Fixed a memory leak in the show-status CGI handler when no filter files are configured. - debian/patches/45_CVE-2021-20212.patch: Fixed a memory leak if multiple filters are executed and the last one is skipped due to a pcre error. - debian/patches/48_CVE-2021-20215.patch: Fixed memory leaks in the show-status CGI handler when memory allocations fail. - CVE-2021-20216 - CVE-2020-35502 - CVE-2021-20209 - CVE-2021-20210 - CVE-2021-20212 - CVE-2021-20215 * SECURITY UPDATE: Denial of Service - debian/patches/46_CVE-2021-20213.patch: Prevent an unlikely dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled. - debian/patches/49_CVE-2021-20272.patch: Remove an assertion that could be triggered with a crafted CGI request. - debian/patches/50_CVE-2021-20273.patch: Overrule invalid image types. Prevents a crash with a crafted CGI request if Privoxy is toggled off. - debian/patches/51_CVE-2021-20275.patch: Prevent invalid read of size two. - debian/patches/52_CVE-2021-20276.patch: Obsolete pcre: Prevent invalid memory accesses. - CVE-2021-20213 - CVE-2021-20272 - CVE-2021-20273 - CVE-2021-20275 - CVE-2021-20276 * Fix detection of insufficient data: debian/patches/39_decompress_iob.patch -- Eduardo Barretto <email address hidden> Wed, 17 Mar 2021 17:28:00 +0100
Upload details
- Uploaded by:
- Eduardo Barretto
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Xenial | updates | universe | web | |
Xenial | security | universe | web |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
privoxy_3.0.24.orig.tar.gz | 1.6 MiB | a381f6dc78f08de0d4a2342d47a5949a6608073ada34b933137184f3ca9fb012 |
privoxy_3.0.24-1ubuntu0.1.debian.tar.xz | 25.2 KiB | c44c0152255f45dc4e369038ce6332c2056bf450c4d60c4a6eabfce3c466d92a |
privoxy_3.0.24-1ubuntu0.1.dsc | 1.9 KiB | ceada0ea6d5652c56b9e37828ca79ef0f216586758082e4916d97dbe39bc43bd |
Available diffs
Binary packages built by this source
- privoxy: Privacy enhancing HTTP Proxy
Privoxy is a web proxy with advanced filtering capabilities for
protecting privacy, filtering web page content, managing cookies,
controlling access, and removing ads, banners, pop-ups and other
obnoxious Internet junk. Privoxy has a very flexible configuration
and can be customized to suit individual needs and tastes. Privoxy
has application for both stand-alone systems and multi-user networks.
.
Privoxy is based on Internet Junkbuster (tm).
- privoxy-dbgsym: debug symbols for package privoxy
Privoxy is a web proxy with advanced filtering capabilities for
protecting privacy, filtering web page content, managing cookies,
controlling access, and removing ads, banners, pop-ups and other
obnoxious Internet junk. Privoxy has a very flexible configuration
and can be customized to suit individual needs and tastes. Privoxy
has application for both stand-alone systems and multi-user networks.
.
Privoxy is based on Internet Junkbuster (tm).