Hello community, here is the log from the commit of package patchinfo.3479 for openSUSE:13.1:Update checked in at 2015-02-06 17:06:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3479 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3479.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3479" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3479"> <issue id="914934" tracker="bnc">VUL-0: privoxy: 3.0.23 fixes several vulnerabilities</issue> <issue id="CVE-2015-1382" tracker="cve" /> <issue id="CVE-2015-1381" tracker="cve" /> <issue id="CVE-2015-1380" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description>privoxy was updated to version 3.0.23 to fix three security issues. These security issues were fixed: - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled (the default) they could previously cause Privoxy to abort() (CVE-2015-1380). - Fixed multiple segmentation faults and memory leaks in the pcrs code. This fix also increases the chances that an invalid pcrs command is rejected as such (CVE-2015-1381). - Client requests with body that can't be delivered no longer cause pipelined requests behind them to be rejected as invalid (CVE-2015-1382). </description> <summary>Security update for privoxy</summary> </patchinfo> -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
