This bug was fixed in the package tinyproxy - 1.8.3-1ubuntu0.1
---------------
tinyproxy (1.8.3-1ubuntu0.1) precise-security; urgency=low
* SECURITY UPDATE: Fix for denial of service vulnerability where remote
attackers send crafted request headers. (LP: #1154502)
- debian/patches/001-CVE-2012-3505.patch: Limit the number of headers to
prevent DoS attacks. Randomize hashmaps in order to avoid fake headers
getting included in the same bucket, allowing for DoS attacks.
- CVE-2012-3505
-- Christian Kuersteiner <[email protected]> Wed, 13 Mar 2013 16:42:14 +0700
** Changed in: tinyproxy (Ubuntu Precise)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1154502
Title:
Multiple open vulnerabilities in tinyproxy
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/1154502/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
