Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 10 Jan 2015 21:05:12 -0500 (EST)
From: cve-assign@...re.org
To: Yury German <yurylie@...yweb.com>
cc: oss-security@...ts.openwall.com, cve-assign@...re.org, fk@...iankeil.de
Subject: Re: CVE Request for Privoxy Version: 3.0.22


On Wed, 7 Jan 2015, Yury German wrote:

> Privoxy Version 3.0.22 has two vulnerabilities that were fixed in the 
> version of Privoxy 3.0.22. Can we please assign CVE(s) to this.
>
> Fixed a memory leak when rejecting client connections due to
> the socket limit being reached (CID 66382). This affected
> Privoxy 3.0.21 when compiled with IPv6 support (on most
> platforms this is the default).

Use CVE-2015-1030.

> Fixed an immediate-use-after-free bug (CID 66394) and two
> additional unconfirmed use-after-free complaints made by
> Coverity scan (CID 66391, CID 66376).

Use CVE-2015-1031.

> URL to the Page: http://www.privoxy.org/announce.txt 
> <http://www.privoxy.org/announce.txt>

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ