* Add patches for CVE-2012-3505 (closes: #685281):
- CVE-2012-3505-tinyproxy-limit-headers.patch: Limit the number of
headers to prevent DoS attacks.
- CVE-2012-3505-tinyproxy-randomized-hashmaps.patch: Randomize hashmaps
in order to avoid fake headers getting included in the same bucket,
allowing for DoS attacks.
Bug reported and patches contributed by gpernot.
This bug was fixed in the package tinyproxy - 1.8.3-3
---------------
tinyproxy (1.8.3-3) unstable; urgency=high
* Add patches for CVE-2012-3505 (closes: #685281): 3505-tinyproxy- limit-headers. patch: Limit the number of 3505-tinyproxy- randomized- hashmaps. patch: Randomize hashmaps
- CVE-2012-
headers to prevent DoS attacks.
- CVE-2012-
in order to avoid fake headers getting included in the same bucket,
allowing for DoS attacks.
Bug reported and patches contributed by gpernot.
-- Jordi Mallach <email address hidden> Mon, 24 Sep 2012 21:05:41 +0200