Explore top 10 tips to secure your open-source projects now. Read More
×
This update for tinyproxy fixes the following issues:
- Update to release 1.11.2
* Fix potential use-after-free in header handling [CVE-2023-49606,
boo#1223746]
* Prevent junk from showing up in error page in invalid requests
[CVE-2022-40468, CVE-2023-40533, boo#1223743]
- Move tinyproxy program to /usr/bin.
- Update to release 1.11.1
* New fnmatch based filtertype
- Update to release 1.11
* Support for multiple bind directives.
- update to 1.10.0:
* Configuration file has moved from /etc/tinyproxy.conf to
/etc/tinyproxy/tinyproxy.conf.
* Add support for basic HTTP authentication
* Add socks upstream support
* Log to stdout if no logfile is specified
* Activate reverse proxy by default
* Support bind with transparent mode
* Allow multiple listen statements in the configuration
* Fix CVE-2017-11747: Create PID file before dropping privileges.
* Fix CVE-2012-3505: algorithmic...
Read the Full AdvisoryPatch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-119=1
- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):
tinyproxy-1.11.2-bp155.3.3.1
https://www.suse.com/security/cve/CVE-2012-3505.html
https://www.suse.com/security/cve/CVE-2017-11747.html
https://www.suse.com/security/cve/CVE-2022-40468.html
https://www.suse.com/security/cve/CVE-2023-40533.html
https://www.suse.com/security/cve/CVE-2023-49606.html
https://bugzilla.suse.com/1200028
https://bugzilla.suse.com/1203553
https://bugzilla.suse.com/1223743
https://bugzilla.suse.com/1223746
Get the latest Linux and open source security news straight to your inbox.