SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for privoxy-3.0.28-bp151.2.1.x86_64.rpm :

* Mon Dec 31 2018 seanAATTsuspend.net- Update to version 3.0.28:
* Bug fixes: - Fix misplaced parentheses - Changed two regression tests to depend on config directive
* Wed Sep 28 2016 kieltuxAATTgmail.com- Update to version 3.0.26
* Bug fixes: - Fixed crashes with \"listen-addr :8118\" (SF Bug #902). The regression was introduced in 3.0.25 beta and reported by Marvin Renich in Debian bug #834941.
* General improvements: - Log when privoxy is toggled on or off via cgi interface. - Highlight the \"Info: Now toggled \" on/off log message in the Windows log viewer. - Highlight the loading actions/filter file log message in the Windows log viewer. - Mention client-specific tags on the toggle page as a potentionally more appropriate alternative.
* Infrastructure improvements: - Add perl script to generate an RSS feed for the packages Submitted by \"Unknown\".
* Build system improvements: - strptime.h: fix a compiler warning about ambiguous else. - configure.in: Check for Docbook goo on the BSDs as well. - GNUMakefile.in: Let the dok-user target remove temporary files.- BuildArch for docs: noarch
* Sat Jan 23 2016 astiegerAATTsuse.com- Privoxy 3.0.24 Includes fixes for two security issues that may be used to remotely trigger crashes on platforms that carefully check memory accesses.
* Security fixes (denial of service): + Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982 [boo#963151] + Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983 [boo#963152]
* General bug fixes and improvements
* White and blacklist updates
* Wed Jan 28 2015 andreas.stiegerAATTgmx.de- add CVE IDs for [boo#914934]
* Tue Jan 27 2015 andreas.stiegerAATTgmx.de- add CVE and bug IDs to last two changelog entries
* Mon Jan 26 2015 joerg.lorenzenAATTki.tng.de- update to version 3.0.23 [boo#914934] - Bug fixes: - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled (the default) they could previously cause Privoxy to abort(). [CVE-2015-1380] - Fixed multiple segmentation faults and memory leaks in the pcrs code. This fix also increases the chances that an invalid pcrs command is rejected as such. Previously some invalid commands would be loaded without error. Note that Privoxy\'s pcrs sources (action and filter files) are considered trustworthy input and should not be writable by untrusted third-parties. [CVE-2015-1381] - Fixed an \'invalid read\' bug which could at least theoretically cause Privoxy to crash. So far, no crashes have been observed. - Compiles with --disable-force again. Reported by Kay Raven. - Client requests with body that can\'t be delivered no longer cause pipelined requests behind them to be rejected as invalid. [CVE-2015-1382] - General improvements: - If a pcrs command is rejected as invalid, Privoxy now logs the cause of the problem as text. Previously the pcrs error code was logged. - The tests are less likely to cause false positives. - Action file improvements: - \'.sify.com/\' is no longer blocked. Apparently it is not actually a pure tracking site (anymore?). Reported by Andrew on ijbswa-usersAATT. - Unblock banners on .amnesty.de/ which aren\'t ads. - Documentation improvements: - The \'Would you like to donate?\' section now also contains a \"Paypal\" address. - The list of supported operating systems has been updated. - The existence of the SF support and feature trackers has been deemphasized because they have been broken for months. Most of the time the mailing lists still work. - The claim that default.action updates are sometimes released on their own has been removed. It hasn\'t happened in years. - Explicitly mention that Tor\'s port may deviate from the default when using a bundle. Requested by Andrew on ijbswa-usersAATT.
* Fri Nov 28 2014 andreas.stiegerAATTgmx.de- Privoxy 3.0.22 [boo#907675]- Bug fixes: - Fixed a memory leak when rejecting client connections [CVE-2015-1030 [CVE-2015-1031] [boo#913094] - Fixed an immediate-use-after-free bug and two additional unconfirmed use-after-free complaints [CVE-2015-1201] [boo#914450] - Actually show the FORCE_PREFIX value on the show-status page. - Properly deal with Keep-Alive headers with timeout= parameters - Not using any filter files no longer results in warning messages unless an action file is referencing header taggers or filters. - Fixed a bug that prevented Privoxy from reusing some reusable connections.- General improvements: - Introduced NO-REQUEST-TAG and NO-RESPONSE-TAG. - Add support for the \'PATCH\' method as defined in RFC5789. - Reject requests with unsupported Expect header values. - Normalize the HTTP-version in forwarded requests and responses. - Server \'Keep-Alive\' headers are no longer forwarded. - Change declared template file encoding to UTF-8. - Do not pass rejected keep-alive timeouts to the server. - CGI templates no longer enforce new windows for some links. - Documentation improvements - Build system improvements- Action file improvements: - The pattern \'promotions.\' is no longer being blocked. - Various updated filter rules and exceptions.- Filter file improvements & bug fixes: - Decrease the chances that js-annoyances creates invalid JavaScript. - Let the msn filter hide \'related\' ads again. - Prevent img-reorder from messing up img tags with empty src attributes.- add source URL- fix self-obsoletion- clean up spec file
* Sun Nov 09 2014 Led - fix bashisms in pre script
* Tue Aug 19 2014 wagner-thomasAATTgmx.at- added config file for SuSEfirewall2
* Mon Jul 07 2014 wagner-thomasAATTgmx.at- update logrotate config file after switch to systemd (bnc#878788)- added \"reload\" capability which was lost during switch from sysvinit to systemd- privoxy-3.0.16-networkmanager.systemd.patch: update Networkmanager dispatcher to reload config of privoxy with systemd (bnc#862339)
  
ICM