========================================================================== Ubuntu Security Notice USN-5826-1 January 25, 2023
privoxy vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Privoxy. Software Description: - privoxy: Privacy enhancing HTTP Proxy Details:Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-44540)
Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting (XSS) attacks.
(CVE-2021-44543) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: privoxy 3.0.28-2ubuntu0.2 Ubuntu 18.04 LTS: privoxy 3.0.26-5ubuntu0.3 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5826-1 CVE-2021-44540, CVE-2021-44543
OpenPGP_0x56383E35D153B8B2.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
