Mailinglist Archive: opensuse-updates (170 mails)

< Previous Next >
openSUSE-SU-2016:0311-1: Security update for Privoxy
openSUSE Security Update: Security update for Privoxy

Announcement ID: openSUSE-SU-2016:0311-1
Rating: low
References: #963151 #963152
Cross-References: CVE-2016-1982 CVE-2016-1983
Affected Products:
openSUSE 13.1

An update that fixes two vulnerabilities is now available.


This update to Privoxy 3.0.24 fixes two minor security issues.

The vulnerabilities should not be exploitable in the binary as compiled in

* CVE-2016-1982: Corrupt chunk-encoded content could cause an invalid read
* CVE-2016-1983: Empty Host headers in client requests could result in
invalid reads (boo#963152)

This update also contains general bug fixes and improvements as well as
white and blacklist updates.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch 2016-132=1

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 13.1 (i586 x86_64):



< Previous Next >
This Thread
  • No further messages