[SECURITY] [DLA 2844-1] privoxy security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2844-1] privoxy security update
From: Utkarsh Gupta <utkarsh@debian.org>
Date: Mon, 13 Dec 2021 20:14:25 +0530
Message-id: <[🔎] CAPP0f949z3i1ZdkEL8zL8yJ6Q08YLsbzoORPT8Qst5Map30cfQ@mail.gmail.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -----------------------------------------------------------------------
Debian LTS Advisory DLA-2844-1              debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Utkarsh Gupta
December 13, 2021                           https://wiki.debian.org/LTS
- -----------------------------------------------------------------------

Package        : privoxy
Version        : 3.0.26-3+deb9u3
CVE ID         : CVE-2021-44540 CVE-2021-44543

Artem Ivanov and Joshua Rogers found an XSS and a DOS issue,
respectively, affecting src:privoxy, a non-caching web proxy with
advanced filtering capabilities for enhancing privacy, modifying
web page data and HTTP headers, controlling access, and removing
ads and other obnoxious Internet junk.

For Debian 9 stretch, these problems have been fixed in version
3.0.26-3+deb9u3.

We recommend that you upgrade your privoxy packages.

For the detailed security status of privoxy please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/privoxy

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmG3XBsACgkQgj6WdgbD
S5akjRAA2PNWIzBEaBQnZFYrL6v4I90sRHFWSI74kZFMQZZYwb7YBEUoXEPoDg0Q
1jiidEVeRo5udmBSWJAGeq0WwTEUUNTf8MFBsvgM0ntNbyOiUoDJ9p9eSM9lMRRC
P+wAvhMNytmKGRSepu85jsoejYbqcWNJU5Drno1F+P5vsZQRTlE0IS/hgy28flrc
I25jfFGXWKtY+gbZIwxX9GN918+WJKGaK1VcynBkRCZ8MBeBPsHSMyStqf9kXi7G
rcHLNVobbpSmYjH8YgK2kWwgMMcts9Q5zxGGKV0U4oGV3PkFtHp/2zNe7XCWVjU+
OFONu6Sl5QZ6aUrc9Hu7/EaXcREaEQOd6EcmBg0lbcurcst7oKy96Zp3snrREf1d
mQgpCi2A83K8dTRmYDKR5vu1nC+6c3/vIw1d9cU2vdBfN0vtJp8XKFbaKbBToo0Y
N2uQxm5rpFHZfBHBJc9psiYRNBiGJtsP7oFohoYtH8QYOppFUie4AL9IIfkau42b
JPUXRO7ba7klRru0zeqmGlLMQBzBHNz6NCQ8xTq1QmUzkPb1+H4U/rBMbIRlKxA3
PGkERqBEYPjXOLVdC+9jvkuhASOmN357LJ1ZkFeUN3Q/rpFvQIjtW0As5GJc+Gd2
95GKR4YmVU4Dhs+Lh62vEC/evbmoUEUPgP8wfPH6X5Qa+eNUdUo=
=19XW
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2842-1] apache-log4j2 security update
Next by Date: [SECURITY] [DLA 2846-1] raptor2 security update
Previous by thread: [SECURITY] [DLA 2842-1] apache-log4j2 security update
Next by thread: [SECURITY] [DLA 2846-1] raptor2 security update
Index(es):
- Date
- Thread