Security Information / 2016 / Security Information -- DSA-3460-1 privoxy

Debian Security Advisory

DSA-3460-1 privoxy -- security update

Date Reported:

30 Jan 2016

Affected Packages:

privoxy

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-1982, CVE-2016-1983.

More information:

It was discovered that privoxy, a web proxy with advanced filtering capabilities, contained invalid reads that could enable a remote attacker to crash the application, thus causing a Denial of Service.

For the oldstable distribution (wheezy), these problems have been fixed in version 3.0.19-2+deb7u3.

For the stable distribution (jessie), these problems have been fixed in version 3.0.21-7+deb8u1.

For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 3.0.24-1.

We recommend that you upgrade your privoxy packages.