svn commit: r407256 - head/security/vuxml
Jason Unovitch
junovitch at FreeBSD.org
Tue Jan 26 03:13:33 UTC 2016
Author: junovitch
Date: Tue Jan 26 03:13:31 2016
New Revision: 407256
URL: https://svnweb.freebsd.org/changeset/ports/407256
Log:
Document recent privoxy security vulnerabilities
While here, catch up on the prior release's advisories for completeness
PR: 206504
Security: CVE-2016-1982
Security: CVE-2016-1983
Security: https://vuxml.FreeBSD.org/freebsd/a763a0e7-c3d9-11e5-b5fe-002590263bf5.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Tue Jan 26 02:45:38 2016 (r407255)
+++ head/security/vuxml/vuln.xml Tue Jan 26 03:13:31 2016 (r407256)
@@ -58,6 +58,155 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="a763a0e7-c3d9-11e5-b5fe-002590263bf5">
+ <topic>privoxy -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>privoxy</name>
+ <range><lt>3.0.24</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Privoxy Developers reports:</p>
+ <blockquote cite="http://www.privoxy.org/3.0.24/user-manual/whatsnew.html">
+ <p>Prevent invalid reads in case of corrupt chunk-encoded content.
+ CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer.
+ </p>
+ <p>Remove empty Host headers in client requests. Previously they
+ would result in invalid reads. CVE-2016-1983. Bug discovered with
+ afl-fuzz and AddressSanitizer.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2016-1982</cvename>
+ <cvename>CVE-2016-1983</cvename>
+ <freebsdpr>ports/206504</freebsdpr>
+ <url>http://www.privoxy.org/3.0.24/user-manual/whatsnew.html</url>
+ <url>http://www.openwall.com/lists/oss-security/2016/01/21/4</url>
+ </references>
+ <dates>
+ <discovery>2016-01-22</discovery>
+ <entry>2016-01-26</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="d9e1b569-c3d8-11e5-b5fe-002590263bf5">
+ <topic>privoxy -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>privoxy</name>
+ <range><lt>3.0.23</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Privoxy Developers reports:</p>
+ <blockquote cite="http://www.privoxy.org/3.0.23/user-manual/whatsnew.html">
+ <p>Fixed a DoS issue in case of client requests with incorrect
+ chunk-encoded body. When compiled with assertions enabled (the
+ default) they could previously cause Privoxy to abort(). Reported
+ by Matthew Daley. CVE-2015-1380.</p>
+ <p>Fixed multiple segmentation faults and memory leaks in the pcrs
+ code. This fix also increases the chances that an invalid pcrs
+ command is rejected as such. Previously some invalid commands would
+ be loaded without error. Note that Privoxy's pcrs sources (action
+ and filter files) are considered trustworthy input and should not be
+ writable by untrusted third-parties. CVE-2015-1381.</p>
+ <p>Fixed an 'invalid read' bug which could at least theoretically
+ cause Privoxy to crash. So far, no crashes have been observed.
+ CVE-2015-1382.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2015-1380</cvename>
+ <cvename>CVE-2015-1381</cvename>
+ <cvename>CVE-2015-1382</cvename>
+ <freebsdpr>ports/197089</freebsdpr>
+ <url>http://www.privoxy.org/3.0.23/user-manual/whatsnew.html</url>
+ <url>http://www.openwall.com/lists/oss-security/2015/01/26/4</url>
+ </references>
+ <dates>
+ <discovery>2015-01-26</discovery>
+ <entry>2016-01-26</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="89d4ed09-c3d7-11e5-b5fe-002590263bf5">
+ <topic>privoxy -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>privoxy</name>
+ <range><lt>3.0.22</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Privoxy Developers reports:</p>
+ <blockquote cite="http://www.privoxy.org/3.0.22/user-manual/whatsnew.html">
+ <p>Fixed a memory leak when rejecting client connections due to the
+ socket limit being reached (CID 66382). This affected Privoxy 3.0.21
+ when compiled with IPv6 support (on most platforms this is the
+ default).</p>
+ <p>Fixed an immediate-use-after-free bug (CID 66394) and two
+ additional unconfirmed use-after-free complaints made by Coverity
+ scan (CID 66391, CID 66376).</p>
+ </blockquote>
+ <p>MITRE reports:</p>
+ <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1201">
+ <p>Privoxy before 3.0.22 allows remote attackers to cause a denial
+ of service (file descriptor consumption) via unspecified vectors.
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2015-1030</cvename>
+ <cvename>CVE-2015-1031</cvename>
+ <cvename>CVE-2015-1201</cvename>
+ <freebsdpr>ports/195468</freebsdpr>
+ <url>http://www.privoxy.org/3.0.22/user-manual/whatsnew.html</url>
+ <url>http://www.openwall.com/lists/oss-security/2015/01/11/1</url>
+ </references>
+ <dates>
+ <discovery>2015-01-10</discovery>
+ <entry>2016-01-26</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="ad82b0e9-c3d6-11e5-b5fe-002590263bf5">
+ <topic>privoxy -- malicious server spoofing as proxy vulnerability</topic>
+ <affects>
+ <package>
+ <name>privoxy</name>
+ <range><lt>3.0.21</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Privoxy Developers reports:</p>
+ <blockquote cite="http://www.privoxy.org/3.0.21/user-manual/whatsnew.html">
+ <p>Proxy authentication headers are removed unless the new directive
+ enable-proxy-authentication-forwarding is used. Forwarding the
+ headers potentially allows malicious sites to trick the user into
+ providing them with login information. Reported by Chris John Riley.
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-2503</cvename>
+ <freebsdpr>ports/176813</freebsdpr>
+ <url>http://www.privoxy.org/3.0.21/user-manual/whatsnew.html</url>
+ </references>
+ <dates>
+ <discovery>2013-03-07</discovery>
+ <entry>2016-01-26</entry>
+ </dates>
+ </vuln>
+
<vuln vid="2e8cdd36-c3cc-11e5-b5fe-002590263bf5">
<topic>sudo -- potential privilege escalation via symlink misconfiguration</topic>
<affects>
More information about the svn-ports-head
mailing list