SUSE CVE-2012-4505

Heap-based buffer overflow in the pxpacreload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504...

SUSE CVE-2012-4504

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...

SUSE CVE-2012-5580

Format string vulnerability in the printproxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the httpproxy environment...

SUSE CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

SUSE CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

OESA-2022-1756 libproxy security update

libproxy offers the following features: extremely small core footprint 35k. no external dependencies within libproxy core.libproxy plugins may have dependencies. only 3 functions in the stable external API. dynamic adjustment to changing network topology. a standard way of dealing with proxy...

new packages: libproxy

An update is available for libproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpris...

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20. A patched version of the package is available...

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20

CVE-2020-25219 affecting package libproxy for versions less than 0.4.15-20. A patched version of the package is available...

CVE-2020-26154 affecting package libproxy for versions less than 0.4.17-5

CVE-2020-26154 affecting package libproxy for versions less than 0.4.17-5. An upgraded version of the package is available that resolves this issue...

Mageia: Security Advisory (MGASA-2020-0373)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2020-0399)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled as demonstrated by a large PAC file that is delivered without a Content-length header.

...

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

...

Advisory ROSA-SA-2021-1885

Software: libproxy 0.4.11 OS: Cobalt 7.9 CVE-ID: CVE-2020-25219 CVE-Crit: HIGH CVE-DESC: url :: recvline in url.cpp in libproxy 0.4.x to 0.4.15 allows a remote HTTP server to run uncontrolled recursion through a response consisting of an infinite stream with no newline character. This results in...

EulerOS Virtualization for ARM 64 3.0.2.0 : libproxy (EulerOS-SA-2021-2073)

According to the version of the libproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion...

Huawei EulerOS: Security Advisory for libproxy (EulerOS-SA-2021-2073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 34 Update: glib-networking-2.68~rc-1.fc34

This package contains modules that extend the networking support in GIO. In particular, it contains libproxy- and GSettings-based GProxyResolver implementations and a gnutls-based GTlsConnection implementation...