Fedora 40: tinyproxy 2024-aa3631a416 Security Advisory Updates
Summary
tinyproxy is a small, efficient HTTP/SSL proxy daemon that is very useful in a
small network setting, where a larger proxy like Squid would either be too
resource intensive, or a security risk.
Update Information:
Update to version 1.11.2 to fix CVE-2023-49606.
Change Log
* Tue Jul 16 2024 Carl George
References
[ 1 ] Bug #2278396 - CVE-2023-49606 tinyproxy: HTTP connection headers use-after-free vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2278396 [ 2 ] Bug #2298298 - tinyproxy-1.11.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2298298
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-aa3631a416' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label