FS#68309 - [security][libproxy] CVE-2020-25219 CVE-2020-26154
Attached to Project:
Arch Linux
Opened by loqs (loqs) - Saturday, 17 October 2020, 21:31 GMT
Last edited by Antonio Rojas (arojas) - Sunday, 19 June 2022, 09:34 GMT
Opened by loqs (loqs) - Saturday, 17 October 2020, 21:31 GMT
Last edited by Antonio Rojas (arojas) - Sunday, 19 June 2022, 09:34 GMT
|
Details
Description:
CVE-2020-25219 [1] url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. Fixed by [2] CVE-2020-26154 url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. Fixed by unmerged pull request [4]. Additional info: * libproxy 0.4.15+33+g454a499-2 [1] https://nvd.nist.gov/vuln/detail/CVE-2020-25219 [2] https://github.com/libproxy/libproxy/commit/a83dae404feac517695c23ff43ce1e116e2bfbe0 [3] https://nvd.nist.gov/vuln/detail/CVE-2020-26154 [4] https://github.com/libproxy/libproxy/pull/126 |
This task depends upon
Closed by Antonio Rojas (arojas)
Sunday, 19 June 2022, 09:34 GMT
Reason for closing: Fixed
Additional comments about closing: libproxy 0.4.16-1
Sunday, 19 June 2022, 09:34 GMT
Reason for closing: Fixed
Additional comments about closing: libproxy 0.4.16-1