Advisories ยป MGASA-2015-0003

Updated privoxy package fixes security vulnerabilities

Publication date: 05 Jan 2015
Type: security
Affected Mageia releases : 4


Updated privoxy packages fix security issues:

A memory leak occurred in privoxy 3.0.21 compiled with IPv6 support when 
rejecting client connections due to the socket limit being reached. 
(CID 66382)

A use-after-free bug was found in privoxy 3.0.21 and two additional 
potential use-after-free issues were detected by Coverity scan. (CID 66394, 
CID 66376, CID 66391)

Also fixed is a file descriptor leak in an error path in jbsockets.c. 
(CID 66368)