Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#68309 - [security][libproxy] CVE-2020-25219 CVE-2020-26154

Attached to Project: Arch Linux
Opened by loqs (loqs) - Saturday, 17 October 2020, 21:31 GMT
Last edited by freswa (frederik) - Sunday, 18 October 2020, 01:57 GMT
Task Type Bug Report
Category Packages: Extra
Status Assigned
Assigned To Jan de Groot (JGC)
Jan Alexander Steffens (heftig)
Levente Polyak (anthraxx)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No


CVE-2020-25219 [1]
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. Fixed by [2]

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
Fixed by unmerged pull request [4].

Additional info:
* libproxy 0.4.15+33+g454a499-2
This task depends upon