privoxy -- multiple vulnerabilities

2016-01-22T00:00:00
ID A763A0E7-C3D9-11E5-B5FE-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2016-01-22T00:00:00

Description

Privoxy Developers reports:

Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer.

Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983. Bug discovered with afl-fuzz and AddressSanitizer.