Date: Sat, 10 Jan 2015 21:05:12 -0500 (EST) From: cve-assign@...re.org To: Yury German <yurylie@...yweb.com> cc: oss-security@...ts.openwall.com, cve-assign@...re.org, fk@...iankeil.de Subject: Re: CVE Request for Privoxy Version: 3.0.22 On Wed, 7 Jan 2015, Yury German wrote: > Privoxy Version 3.0.22 has two vulnerabilities that were fixed in the > version of Privoxy 3.0.22. Can we please assign CVE(s) to this. > > Fixed a memory leak when rejecting client connections due to > the socket limit being reached (CID 66382). This affected > Privoxy 3.0.21 when compiled with IPv6 support (on most > platforms this is the default). Use CVE-2015-1030. > Fixed an immediate-use-after-free bug (CID 66394) and two > additional unconfirmed use-after-free complaints made by > Coverity scan (CID 66391, CID 66376). Use CVE-2015-1031. > URL to the Page: http://www.privoxy.org/announce.txt > <http://www.privoxy.org/announce.txt> --- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ