Bug 913094 (CVE-2015-1031) - VUL-0: CVE-2015-1030 CVE-2015-1031: privoxy: potential flaws fixed in version 3.0.22
Summary: VUL-0: CVE-2015-1030 CVE-2015-1031: privoxy: potential flaws fixed in version...
Status: RESOLVED DUPLICATE of bug 907675
Alias: CVE-2015-1031
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other openSUSE 13.2
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Michal Seben
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/112210/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-01-14 14:37 UTC by Victor Pereira
Modified: 2015-01-27 14:01 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2015-01-14 14:37:53 UTC 
rh#1169213

  Fixed a memory leak when rejecting client connections due to
  the socket limit being reached (CID 66382). This affected
  Privoxy 3.0.21 when compiled with IPv6 support (on most
  platforms this is the default).
  
  Fixed an immediate-use-after-free bug (CID 66394) and two
  additional unconfirmed use-after-free complaints made by
  Coverity scan (CID 66391, CID 66376).


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1169213
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1030
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1030
Comment 1 Victor Pereira 2015-01-14 14:38:07 UTC 
please submit to factory
Comment 2 Swamp Workflow Management 2015-01-14 23:02:33 UTC 
bugbot adjusting priority
Comment 3 Andreas Stieger 2015-01-27 14:01:35 UTC 
Already fixed and update to 3.0.22 released

*** This bug has been marked as a duplicate of bug 907675 ***