Update Info

openSUSE-2021-1646


Security update for privoxy


Type: security
Severity: important
Issued: 2021-12-30
Description:
This update for privoxy fixes the following issues:

privoxy was updated to 3.0.33 (boo#1193584):

* CVE-2021-44543: Encode the template name to prevent XSS
  (cross-side scripting) when Privoxy is configured to servce
  the user-manual itself
* CVE-2021-44540: Free memory of compiled pattern spec
  before bailing
* CVE-2021-44541: Free header memory when failing to get the
  request destination.
* CVE-2021-44542: Prevent memory leaks when handling errors
* Disable fast-redirects for a number of domains
* Update default block lists
* Many bug fixes and minor enhancements


              

Packages


  • privoxy-3.0.33-bp153.2.3.1