Debian Security Advisory
DSA-3460-1 privoxy -- security update
- Date Reported:
- 30 Jan 2016
- Affected Packages:
- privoxy
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-1982, CVE-2016-1983.
- More information:
-
It was discovered that privoxy, a web proxy with advanced filtering capabilities, contained invalid reads that could enable a remote attacker to crash the application, thus causing a Denial of Service.
For the oldstable distribution (wheezy), these problems have been fixed in version 3.0.19-2+deb7u3.
For the stable distribution (jessie), these problems have been fixed in version 3.0.21-7+deb8u1.
For the testing (stretch) and unstable (sid) distributions, these problems have been fixed in version 3.0.24-1.
We recommend that you upgrade your privoxy packages.