Vulmon
Amazon Linux AMI Security Advisory: ALAS-2023-1739
Advisory Release Date: 2023-04-27 16:19 Pacific
Advisory Updated Date: 2023-05-03 18:48 Pacific
Severity:
Important
References:
CVE-2021-20275
CVE-2021-44540
CVE-2021-44542
FAQs regarding Amazon Linux ALAS/CVE Severity
FAQs regarding Amazon Linux ALAS/CVE Severity
Issue Overview:
A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service. (CVE-2021-20275)
A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. (CVE-2021-44540)
A memory leak vulnerability was found in Privoxy when handling errors. (CVE-2021-44542)
Affected Packages:
privoxy
Issue Correction:
Run yum update privoxy to update your system.
New Packages:
i686:
privoxy-3.0.23-2.17.amzn1.i686
privoxy-debuginfo-3.0.23-2.17.amzn1.i686
src:
privoxy-3.0.23-2.17.amzn1.src
x86_64:
privoxy-3.0.23-2.17.amzn1.x86_64
privoxy-debuginfo-3.0.23-2.17.amzn1.x86_64