tinyproxy: security fixes
Tinyproxy allowed remote attackers to cause a denial of service (CPU
and memory consumption) via (1) a large number of headers or (2) a large
number of forged headers that trigger hash collisions predictably. bucket.
This update fixes this by limiting headers and improving the hash keying.
-
Submitted by
Jan Engelhardt (jengelh)
Fixed bugs
bnc#776506
VUL-1: CVE-2012-3505: tinyproxy: Denial of Service (CPU consumption) via crafted requests
