tinyproxy 1.8.3-1ubuntu0.1 source package in Ubuntu


tinyproxy (1.8.3-1ubuntu0.1) precise-security; urgency=low

  * SECURITY UPDATE: Fix for denial of service vulnerability where remote
    attackers send crafted request headers. (LP: #1154502)
    - debian/patches/001-CVE-2012-3505.patch: Limit the number of headers to
      prevent DoS attacks. Randomize hashmaps in order to avoid fake headers
      getting included in the same bucket, allowing for DoS attacks.
    - CVE-2012-3505
 -- Christian Kuersteiner <email address hidden>   Wed, 13 Mar 2013 16:42:14 +0700

Upload details

Uploaded by:
Christian Kuersteiner on 2013-03-16
Sponsored by:
Seth Arnold
Uploaded to:
Original maintainer:
Ubuntu Developers
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2013-03-16 universe net
Precise security on 2013-03-16 universe net


File Size MD5 Checksum
tinyproxy_1.8.3.orig.tar.bz2 197.7 KiB 292ac51da8ad6ae883d4ebf56908400d
tinyproxy_1.8.3-1ubuntu0.1.debian.tar.bz2 12.7 KiB c4485abc2bba030ce622d8e3199f1072
tinyproxy_1.8.3-1ubuntu0.1.dsc 1.7 KiB c81732abb2ada8bbb8b13c69c964e2cb

View changes file

Binary packages built by this source

tinyproxy: A lightweight, non-caching, optionally anonymizing HTTP proxy

 An anonymizing HTTP proxy which is very light on system resources,
 ideal for smaller networks and similar situations where other proxies
 (such as Squid) may be overkill and/or a security risk. Tinyproxy can
 also be configured to anonymize HTTP requests (allowing for exceptions
 on a per-header basis).