tinyproxy 1.8.3-1ubuntu0.1 source package in Ubuntu


tinyproxy (1.8.3-1ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: Fix for denial of service vulnerability where remote
    attackers send crafted request headers. (LP: #1154502)
    - debian/patches/001-CVE-2012-3505.patch: Limit the number of headers to
      prevent DoS attacks. Randomize hashmaps in order to avoid fake headers
      getting included in the same bucket, allowing for DoS attacks.
    - CVE-2012-3505
 -- Christian Kuersteiner <email address hidden>   Wed, 13 Mar 2013 16:42:14 +0700

Upload details

Uploaded by:
Christian Kuersteiner on 2013-03-16
Sponsored by:
Seth Arnold
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2013-03-16 universe net
Precise security on 2013-03-16 universe net


File Size SHA-256 Checksum
tinyproxy_1.8.3.orig.tar.bz2 197.7 KiB be559b54eb4772a703ad35239d1cb59d32f7cf8a739966742622d57df88b896e
tinyproxy_1.8.3-1ubuntu0.1.debian.tar.bz2 12.7 KiB 13913c08766b13bfc9c5484309e4b6377c9cc8351f1162fbf8e2cab68832d8ae
tinyproxy_1.8.3-1ubuntu0.1.dsc 1.7 KiB ea213d74e0c1cae8d4dea673773856cb93f531397d21db376efd7187170e7970

View changes file

Binary packages built by this source

tinyproxy: A lightweight, non-caching, optionally anonymizing HTTP proxy

 An anonymizing HTTP proxy which is very light on system resources,
 ideal for smaller networks and similar situations where other proxies
 (such as Squid) may be overkill and/or a security risk. Tinyproxy can
 also be configured to anonymize HTTP requests (allowing for exceptions
 on a per-header basis).