MGASA-2021-0089

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0089.html

Import Source

https://advisories.mageia.org/MGASA-2021-0089.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2021-0089

Related

CVE-2021-20216
CVE-2021-20217

Published

2021-02-19T10:27:54Z

Modified

2021-02-19T09:48:08Z

Summary

Updated privoxy package fixes security vulnerabilities

Details

Fixed a memory leak when decompression fails "unexpectedly". (CVE-2021-20216) Prevent an assertion from getting triggered by a crafted CGI request. (CVE-2021-20217)

References

https://advisories.mageia.org/MGASA-2021-0089.html
https://bugs.mageia.org/show_bug.cgi?id=28281
http://www.privoxy.org/announce.txt
https://www.openwall.com/lists/oss-security/2021/02/04/4
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LYXYETZZHYGLBE3WLXSZCYBO5VDRKFDT/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2021-0089

Affected packages