SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ufdbGuard-1.33.5-3.2.i586.rpm :
Thu Dec 15 13:00:00 2016 Marcus Kool - 1.32.4
Fix: fix memory corruption and crash due to double free memory - this may happen when the database is reloaded
Fix: ufdbHostnames.c did not compile on FreeBSD.
Fix: clean install on FreeBSD
Enhancement: ufdbGenTable has a stricter check for illegal characters in domainnames
Change: URL parameters without an \'=\' are no longer logged as erroneous URLs
Change: URL parameters with very long parameter values are no longer logged as erroneous URLs

Fri Oct 21 14:00:00 2016 Marcus Kool - 1.32.3
Some changes of 1.32.2 are reversed since the intended solution did not work well
for many users. The issue remains that the database format \"DB2.1\" of ufdbGuard 1.32.x is
incompatible with \"DB2.1\" of ufdbGuard 1.31.x but it is highly unlikely that users notice
this since ufdbGenTable of ufdbGuard 1.31.x uses DB2.0 as the default database format
and hence does not cause issues.

Fix: when URL tables with parameters are used, ufdbGuard may not always find the URL
in the URL table producing a false negative result
Fix: URL tables with a parameter without value (e.g. example.com/cgi?foo=) caused a fatal error
Change: the default DB format of ufdbGenTable changed to 2.2 which supports parameters in URLs
Change: ufdbGenTable: do not accept URLs with parameters for database for 2.1

Thu Oct 20 14:00:00 2016 Marcus Kool - 1.32.2
reversed Fix: crash reading large URL tables generated by ufdbGenTable 1.31 with DB format 2.1
reversed Fix: ufdbGenTable -F 2.1 produced URL tables which were backward incompatible
Fix: when URL tables with parameters are used, ufdbGuard may not always find the URL in the URL table producing a false negative result
Change: the default DB format of ufdbGenTable changed to 2.2

Wed Oct 12 14:00:00 2016 Marcus Kool - 1.32.1
Enhancement: New engine for HTTPS probing: do not probe known sites.
Enhancement: increase HTTPS queue size from 800 to 1500.
Enhancement: more content guessing in ufdbhttpd
Enhancement: Skype SSL certificate for pipe.skype.com is detected
Enhancement: ufdbgclient reconnects faster using last_failed_connect_time
Enhancement: use zlib compression: up to 5 times faster than the default bzip2 compression.
This also implies that the URL database reload time is reduced.
Enhancement: ufdbGenTable uses a new internal data structure and is 7 times faster for large URL tables.
Enhancement: ufdbGuardd now issues errors in the log file when squid is configured to use helper concurrency but ufdbgclient does not have the -C option.
Enhancement: new pseudo categories: \"localnet\"
Enhancement: ufdbGenTable recognizes many new TLDs
Enhancement: ufdbUpdate can send email if it fails to download the URL database or fails to signal ufdbguardd.
Enhancement: URL categories can now have a mix of IP and usernames.
Enhancement: support ssl-bump with Squid 3.5.20 and higher
Squid 3.5.x needs squid.conf with
url_rewrite_extras \"%>a/%>A %un %>rm bump_mode=%ssl::bump_mode sni=\\\"%ssl::>sni\\\" referer=\\\"%{Referer}>h\\\"\"
Enhancement: crash reports are uploaded to URLfilterDB for fast bug fixing.
The option \'upload-crash-reports on|off\' (default is on) controls if the crash report is uploaded.
Enhancement: ufdbGuard can match and block URLs with parameters based on the value of a parameter or the existence of a parameter
Enhancement: detect certificates of Anydesk.com and teamviewer (and new security options allow-teamviewer-over-https and allow-anydesk-over-https)
Enhancement: uncategorised URLs are now stored in a faster hash table and referers are also kept there.
Enhancement: ufdbhttpd has now support for POST
Enhancement: ufdbhttpd has support for social-badges category
Enhancement: new parameter: use-ipv6-on-wan (default: on) to enable IPv6 for connecting to all servers on the WAN (HTTPS probes and updates.urlfilterdb.com)
Enhancement: the time and date specifications are more flexible and now also accepts \"8:00\" where previously only \"08:00\" was accepted. same for leading zeroes in dates.
Enhancement: new parameter: pidfile
Enhancement: new parameter: num-worker-threads
Enhancement: new parameter: block-bumped-connect
Enhancement: new parameter: evaluate-and
Enhancement: new parameter: evaluate-or (default)
Enhancement: Added checks for fatal errors: mix of exec and non-exec userlists, more than one execuserlist
Enhancement: Added check for error: category has no content definition
Enhancement: increased performance when a source contains many usernames
Enhancement: new security option https-prohibit-insecure-sslv3
Enhancement: new keyword \"sender-email\"
Enhancement: %C in the redirection URL shows all categories for the blocked URL.
Enhancement: the results of execuserlist(command) are cached to prevent delays in environments where it may take a long time to produce the userlist.
Fix: on some systems, when agressive HTTPS probing is used and the configuration is reloaded, the reload thread could not obtain a lock.
Fix: ufdbUpdate always had exit status 0
Fix: compilation failed on OSX
Fix: fix syntax error in execuserlist.sh
Fix: if the PIDDIR does not exist, ufdbguardd creates it, now also with the correct permissions.
Fix: add protection against oversized labels inside FQDN
Fix: emails by ufdbguardd have now a \"Date:\" header.
Fix: ufdbGenTable stripped \'www.\' from \'www.com\' which caused all .com domains to match.
Fix: count number of active workers and generate errors if this is higer than number of workers
Fix: ufdbpeek crashed when logging very large messages (buffer overflow in ufdbLog)
Fix: fix a few small memory leaks
Fix: ufdbGenTable may produce corrupted URL tables is a domain contains \'..\'
Fix: category with \"option safesearch\" blocked access
Change: removed -N option since this function is controlled by a configuration parameter
Change: uncategorised URLs are now uploaded with HTTPS instead of HTTP.


  
ICM