Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 39 Tinyproxy Security Advisory: CVE-2023-49606 Critical Risk

fedora
Calendar Grey July 26, 2024
Dist Fedora Esm H88
Fedora 39 tinyproxy security update announces a fix for CVE-2023-49606, mitigating severe vulnerabilities.
Backport upstream patch for CVE-2023-49606.

Summary

tinyproxy is a small, efficient HTTP/SSL proxy daemon that is very useful in a

small network setting, where a larger proxy like Squid would either be too

resource intensive, or a security risk.

Update Information:

Backport upstream patch for CVE-2023-49606.

Topics%20covered

Topics Covered

security advisory network security critical Fedora tinyproxy use-after-free HTTP proxy

Change Log

* Wed Jul 17 2024 Carl George - 1.10.0-14 - Backport upstream patch for CVE-2023-49606 rhbz#2278396

References


[ 1 ] Bug #2278396 - CVE-2023-49606 tinyproxy: HTTP connection headers use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278396

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-661a8bb3b0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tinyproxy
Product: Fedora 39
Version: 1.10.0
Release: 14.fc39
URL: https://github.com/tinyproxy/
Summary: A small, efficient HTTP/SSL proxy daemon

Topics%20covered

Topics Covered

security advisory network security critical Fedora tinyproxy use-after-free HTTP proxy

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here