Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 10 Jan 2015 21:05:12 -0500 (EST)
To: Yury German <>
Subject: Re: CVE Request for Privoxy Version: 3.0.22

On Wed, 7 Jan 2015, Yury German wrote:

> Privoxy Version 3.0.22 has two vulnerabilities that were fixed in the 
> version of Privoxy 3.0.22. Can we please assign CVE(s) to this.
> Fixed a memory leak when rejecting client connections due to
> the socket limit being reached (CID 66382). This affected
> Privoxy 3.0.21 when compiled with IPv6 support (on most
> platforms this is the default).

Use CVE-2015-1030.

> Fixed an immediate-use-after-free bug (CID 66394) and two
> additional unconfirmed use-after-free complaints made by
> Coverity scan (CID 66391, CID 66376).

Use CVE-2015-1031.

> URL to the Page: 
> <>


CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ