Several DoS will be fixed in the upcoming privoxy 3.0.32 release: https://lists.privoxy.org/pipermail/privoxy-devel/2021-February/000475.html Patches are not yet published, release is planned on Thursday: https://lists.privoxy.org/pipermail/privoxy-devel/2021-February/000480.html I plan to update privoxy next weekend or in a forthnight.
Thank you for the report! We typically don't add a version until a fix is in-tree, though.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3e03f00b6df257facc1c17b38b84a87f23d22aae commit 3e03f00b6df257facc1c17b38b84a87f23d22aae Author: Andrew Savchenko <bircoph@gentoo.org> AuthorDate: 2021-02-27 16:14:53 +0000 Commit: Andrew Savchenko <bircoph@gentoo.org> CommitDate: 2021-02-27 16:21:17 +0000 net-proxy/privoxy: version bump Update to version 3.0.32 Fixes: OVE-20210203-0001, OVE-20210205-0001, OVE-20210206-0001, OVE-20210207-0001, OVE-20210222-0001. Bug: https://bugs.gentoo.org/771960 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> net-proxy/privoxy/Manifest | 1 + .../privoxy/files/privoxy-3.0.32-gentoo.patch | 121 +++++++++++++++++ net-proxy/privoxy/privoxy-3.0.32.ebuild | 148 +++++++++++++++++++++ 3 files changed, 270 insertions(+)
Thank you! Please stabilize when ready.
(In reply to John Helmert III from comment #3) > Thank you! Please stabilize when ready. Ping. Ready?
(In reply to John Helmert III from comment #4) > (In reply to John Helmert III from comment #3) > > Thank you! Please stabilize when ready. > > Ping. Ready? Yes. Arch teams, please proceed with stabilization.
sparc stable
ppc done
ppc64 done
arm done
amd64 done
x86 done all arches done
Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=321320060479e4a9d76ff5a79ce56ba860972c67 commit 321320060479e4a9d76ff5a79ce56ba860972c67 Author: Andrew Savchenko <bircoph@gentoo.org> AuthorDate: 2021-04-03 15:31:00 +0000 Commit: Andrew Savchenko <bircoph@gentoo.org> CommitDate: 2021-04-03 15:31:00 +0000 net-proxy/privoxy: remove old version Bug: https://bugs.gentoo.org/771960 Package-Manager: Portage-3.0.18, Repoman-3.0.3 Signed-off-by: Andrew Savchenko <bircoph@gentoo.org> net-proxy/privoxy/Manifest | 1 - .../privoxy/files/privoxy-3.0.29-gentoo.patch | 118 ----------------- net-proxy/privoxy/privoxy-3.0.31.ebuild | 147 --------------------- 3 files changed, 266 deletions(-)
Thanks!
Added to an existing GLSA request.
This issue was resolved and addressed in GLSA 202107-16 at https://security.gentoo.org/glsa/202107-16 by GLSA coordinator John Helmert III (ajak).