Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 40: 2024-aa3631a416 Critical Update for Tinyproxy DoS Risk

fedora
Calendar Grey July 26, 2024
Dist Fedora Esm H88
Fedora 40 has issued important updates to Tinyproxy, addressing HTTP connection vulnerabilities. Users must upgrade to the latest version to enhance security against potential threats
Update to version 1.11.2 to fix CVE-2023-49606.

Summary

tinyproxy is a small, efficient HTTP/SSL proxy daemon that is very useful in a

small network setting, where a larger proxy like Squid would either be too

resource intensive, or a security risk.

Update Information:

Update to version 1.11.2 to fix CVE-2023-49606.

Topics%20covered

Topics Covered

security advisory Fedora fix tinyproxy version update HTTP proxy resource efficiency

Change Log

* Tue Jul 16 2024 Carl George - 1.11.2-1 - Update to version 1.11.2 rhbz#2298298 - Fixes CVE-2023-49606 rhbz#2278396

References


[ 1 ] Bug #2278396 - CVE-2023-49606 tinyproxy: HTTP connection headers use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278396 [ 2 ] Bug #2298298 - tinyproxy-1.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2298298

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-aa3631a416' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: tinyproxy
Product: Fedora 40
Version: 1.11.2
Release: 1.fc40
URL: https://tinyproxy.github.io/
Summary: A small, efficient HTTP/SSL proxy daemon

Topics%20covered

Topics Covered

security advisory Fedora fix tinyproxy version update HTTP proxy resource efficiency

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here