JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c0e0a6876f
nixpkgs/pkgs
History
Martin Weinelt c0e0a6876f
libproxy: fix CVE-2020-25219, CVE-2020-26154 
CVE-2020-25219:
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a
remote HTTP server to trigger uncontrolled recursion via a response
composed of an infinite stream that lacks a newline character. This
leads to stack exhaustion.

CVE-2020-26154:
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when
PAC is enabled, as demonstrated by a large PAC file that is delivered
without a Content-length header.

Fixes: CVE-2020-25219, CVE-2020-26154
2020-11-28 21:52:23 +01:00
..
applications Merge pull request #102278 from symphorien/pan4 2020-11-28 20:28:22 +00:00
build-support make-desktopitem: desktop-file-utils is a nativeBuildInput 2020-11-27 01:17:32 +01:00
common-updater scripts/mark-broken: fix path 2020-11-25 13:08:27 -08:00
data Merge pull request #105177 from r-ryantm/auto-update/inter 2020-11-27 23:58:10 +01:00
desktops Merge pull request #105240 from r-ryantm/auto-update/nautilus 2020-11-28 18:42:26 +01:00
development libproxy: fix CVE-2020-25219, CVE-2020-26154 2020-11-28 21:52:23 +01:00
games minecraft-server: Add test 2020-11-28 12:43:17 -05:00
misc tmux-onedark-theme: init (#89623) 2020-11-28 19:46:57 +01:00
os-specific Merge pull request #105279 from r-ryantm/auto-update/mcelog 2020-11-28 21:00:27 +01:00
pkgs-lib
servers Merge pull request #103287 from happysalada/postgresql_add_debug 2020-11-28 20:40:32 +00:00
shells oh-my-zsh: 2020-11-25 → 2020-11-26 2020-11-28 12:43:17 -05:00
stdenv Merge pull request #85545 from LnL7/meta-available-flags 2020-11-28 18:57:47 +01:00
test haskell: Add documentationTarball to lib 2020-11-13 21:37:56 +01:00
tools Merge pull request #105235 from mweinelt/x11vnc 2020-11-28 21:29:13 +01:00
top-level dysnomia: 0.9.1 -> 0.10 2020-11-28 20:15:21 +01:00