Security update for privoxy
This update to Privoxy 3.0.24 fixes two minor security issues.
The vulnerabilities should not be exploitable in the binary as compiled in openSUSE.
* CVE-2016-1982: Corrupt chunk-encoded content could cause an invalid read (boo#963151)
* CVE-2016-1983: Empty Host headers in client requests could result in invalid reads (boo#963152)
This update also contains general bug fixes and improvements as well as white and blacklist updates.
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#963151
VUL-1: CVE-2016-1982 privoxy: invalid reads in case of corrupt chunk-encoded content
bnc#963152
VUL-1: CVE-2016-1983 privoxy: invalid read via empty host header in client request
