ALT Linux Team

Branch sisyphus update on 2015-03-30

2015-03-30

ALT-BU-2015-2383-1

Branch sisyphus update bulletin.

ALT-PU-2015-1335-1

Package privoxy updated to version 3.0.23-alt1 for branch sisyphus in task 142399.

Closed vulnerabilities

Published: 2015-01-20
Modified: 2025-04-12

CVE-2015-1030

Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2015-02-10
Modified: 2025-04-12

CVE-2015-1031

Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these details are obtained from third party information.

Severity: HIGH (7.5) Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
Published: 2015-01-20
Modified: 2025-04-12

CVE-2015-1201

Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2015-02-03
Modified: 2025-04-12

CVE-2015-1380

jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2015-02-03
Modified: 2025-04-12

CVE-2015-1381

Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:
Published: 2015-02-03
Modified: 2025-04-12

CVE-2015-1382

parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
References:

ALT-PU-2015-1336-1

Package mpv updated to version 0.8.3-alt1 for branch sisyphus in task 142417.

Closed bugs

Bug #30873

Поддержка DVD и BlueRay

Bug #30874

Сборка с zsh completions

VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top