From Mageia wiki
Jump to: navigation, search

MGASA-2012-0323

Date: November 6th, 2012
Affected releases: 2


Description:
Updated tinyproxy package fixes security vulnerability:

tinyproxy 1.8.3 allows remote attackers to cause a denial of service
(CPU and memory consumption) via (1) a large number of headers or a
large number of forged headers that are hashed into the same bucket
(CVE-2012-3505).

Additionally, this fixes errors in the init script and main
configuration file that prevented it from starting.


Updated Packages:
tinyproxy-1.8.3-1.2.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3505
http://www.debian.org/security/2012/dsa-2564
https://bugs.mageia.org/show_bug.cgi?id=7898

Retrieved from "https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2012-0323&oldid=12362"