Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 7: 2021-0089 Critical: Privoxy Memory Leak And CGI Request Issues

mageia
Calendar Grey February 19, 2021
Dist Mageia Esm H88
Mageia 2021-0090 enhances openSSL to address severe vulnerabilities impacting encryption protocols and data integrity checks.
Fixed a memory leak when decompression fails "unexpectedly"

Summary

Fixed a memory leak when decompression fails "unexpectedly". (CVE-2021-20216) Prevent an assertion from getting triggered by a crafted CGI request. (CVE-2021-20217)

References

- https://bugs.mageia.org/show_bug.cgi?id=28281

- http://www.privoxy.org/announce.txt

- https://www.openwall.com/lists/oss-security/2021/02/04/4

-

- https://www.cve.org/CVERecord?id=CVE-2021-20216

- https://www.cve.org/CVERecord?id=CVE-2021-20217

Topics%20covered

Topics Covered

security advisory update critical memory leak memory handling Privoxy privoxy Mageia CGI request request issue

Resolution

SRPMS

- 7/core/privoxy-3.0.31-1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 19 Feb 2021
URL: https://advisories.mageia.org/MGASA-2021-0089.html
Type: security
CVE: CVE-2021-20216, CVE-2021-20217

Topics%20covered

Topics Covered

security advisory update critical memory leak memory handling Privoxy privoxy Mageia CGI request request issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here