| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: privoxy | Distribution: openSUSE Leap 15.2 |
| Version: 3.0.29 | Vendor: openSUSE |
| Release: lp152.3.3.1 | Build date: Tue Dec 29 15:08:00 2020 |
| Group: Productivity/Networking/Web/Proxy | Build host: obs-power9-06 |
| Size: 1219044 | Source RPM: privoxy-3.0.29-lp152.3.3.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.privoxy.org/ | |
| Summary: The Internet Junkbuster - HTTP Proxy Server | |
The Internet Junkbuster - HTTP Proxy Server: A non-caching HTTP proxy server that runs between a web browser and a web server and filters contents as described in the configuration files.
GPL-3.0-or-later
* Sun Dec 06 2020 Andreas Stieger <andreas.stieger@gmx.de>
- privoxy 3.0.29:
* Fixed memory leaks when a response is buffered and the buffer
limit is reached or Privoxy is running out of memory.
OVE-20201118-0001
* Fixed a memory leak in the show-status CGI handler when
no action files are configured
OVE-20201118-0002
* Fixed a memory leak in the show-status CGI handler when
no filter files are configured
OVE-20201118-0003
* Fixes a memory leak when client tags are active
OVE-20201118-0004
* Fixed a memory leak if multiple filters are executed
and the last one is skipped due to a pcre error
OVE-20201118-0005
* Prevent an unlikely dereference of a NULL-pointer that
could result in a crash if accept-intercepted-requests
was enabled, Privoxy failed to get the request destination
from the Host header and a memory allocation failed.
OVE-20201118-0006
* Fixed memory leaks in the client-tags CGI handler when
client tags are configured and memory allocations fail.
OVE-20201118-0007
* Fixed memory leaks in the show-status CGI handler when memory
allocations fail
OVE-20201118-0008
* Add experimental https inspection support
* Use JIT compilation for static filtering for speedup
* Add support for Brotli decompression, add
'no-brotli-accepted' filter which prevents the use of
Brotli compression
* Add feature to gather exended statistics
* Use IP_FREEBIND socket option to help with failover
* Allow to use extended host patterns and vanilla host patterns
at the same time by prefixing extended host patterns with
"PCRE-HOST-PATTERN:"
* Added "Cross-origin resource sharing" (CORS) support
* Add SOCKS5 username/password support
* Bump the maximum number of action and filter files
to 100 each
* Fixed handling of filters with "split-large-forms 1"
when using the CGI editor.
* Better detect a mismatch of connection details when
figuring out whether or not a connection can be reused
* Don't send a "Connection failure" message instead of the
"DNS failure" message
* Let LOG_LEVEL_REQUEST log all requests
* Improvements to default Action file
- license changed to GPLv3
- remove packaging vulnerability boo#1157449
- remove packaging for distributions without systemd
drops privoxy-3.0.16-networkmanager.patch
* Sun Dec 06 2020 Andreas Stieger <andreas.stieger@gmx.de>
- add upstream signing key and verify source signature
* Wed Aug 19 2020 Dominique Leuenberger <dimstar@opensuse.org>
- Stop trying to mangle _unitdir: this is defined in all supported
distros.
* Mon Feb 03 2020 Dominique Leuenberger <dimstar@opensuse.org>
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
shortcut through the -mini flavors.
* Thu Jul 25 2019 matthias.gerstner@suse.com
- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
firewalld, see [1].
[1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Mon Dec 31 2018 sean@suspend.net
- Update to version 3.0.28:
* Bug fixes:
- Fix misplaced parentheses
- Changed two regression tests to depend on config directive
* Wed Sep 28 2016 kieltux@gmail.com
- Update to version 3.0.26
* Bug fixes:
- Fixed crashes with "listen-addr :8118" (SF Bug #902).
The regression was introduced in 3.0.25 beta and reported
by Marvin Renich in Debian bug #834941.
* General improvements:
- Log when privoxy is toggled on or off via cgi interface.
- Highlight the "Info: Now toggled " on/off log message
in the Windows log viewer.
- Highlight the loading actions/filter file log message
in the Windows log viewer.
- Mention client-specific tags on the toggle page as a
potentionally more appropriate alternative.
* Infrastructure improvements:
- Add perl script to generate an RSS feed for the packages
Submitted by "Unknown".
* Build system improvements:
- strptime.h: fix a compiler warning about ambiguous else.
- configure.in: Check for Docbook goo on the BSDs as well.
- GNUMakefile.in: Let the dok-user target remove
temporary files.
- BuildArch for docs: noarch
* Sat Jan 23 2016 astieger@suse.com
- Privoxy 3.0.24
Includes fixes for two security issues that may be used to
remotely trigger crashes on platforms that carefully check memory
accesses.
* Security fixes (denial of service):
+ Prevent invalid reads in case of corrupt chunk-encoded
content. CVE-2016-1982 [boo#963151]
+ Remove empty Host headers in client requests. Previously
they would result in invalid reads. CVE-2016-1983 [boo#963152]
* General bug fixes and improvements
* White and blacklist updates
* Wed Jan 28 2015 andreas.stieger@gmx.de
- add CVE IDs for [boo#914934]
* Tue Jan 27 2015 andreas.stieger@gmx.de
- add CVE and bug IDs to last two changelog entries
* Mon Jan 26 2015 joerg.lorenzen@ki.tng.de
- update to version 3.0.23 [boo#914934]
- Bug fixes:
- Fixed a DoS issue in case of client requests with incorrect
chunk-encoded body. When compiled with assertions enabled
(the default) they could previously cause Privoxy to abort().
[CVE-2015-1380]
- Fixed multiple segmentation faults and memory leaks in the
pcrs code. This fix also increases the chances that an invalid
pcrs command is rejected as such. Previously some invalid commands
would be loaded without error. Note that Privoxy's pcrs sources
(action and filter files) are considered trustworthy input and
should not be writable by untrusted third-parties.
[CVE-2015-1381]
- Fixed an 'invalid read' bug which could at least theoretically
cause Privoxy to crash. So far, no crashes have been observed.
- Compiles with --disable-force again. Reported by Kay Raven.
- Client requests with body that can't be delivered no longer
cause pipelined requests behind them to be rejected as invalid.
[CVE-2015-1382]
- General improvements:
- If a pcrs command is rejected as invalid, Privoxy now logs
the cause of the problem as text. Previously the pcrs error
code was logged.
- The tests are less likely to cause false positives.
- Action file improvements:
- '.sify.com/' is no longer blocked. Apparently it is not actually
a pure tracking site (anymore?). Reported by Andrew on ijbswa-users@.
- Unblock banners on .amnesty.de/ which aren't ads.
- Documentation improvements:
- The 'Would you like to donate?' section now also contains
a "Paypal" address.
- The list of supported operating systems has been updated.
- The existence of the SF support and feature trackers has been
deemphasized because they have been broken for months.
Most of the time the mailing lists still work.
- The claim that default.action updates are sometimes released
on their own has been removed. It hasn't happened in years.
- Explicitly mention that Tor's port may deviate from the default
when using a bundle. Requested by Andrew on ijbswa-users@.
* Fri Nov 28 2014 andreas.stieger@gmx.de
- Privoxy 3.0.22 [boo#907675]
- Bug fixes:
- Fixed a memory leak when rejecting client connections
[CVE-2015-1030 [CVE-2015-1031] [boo#913094]
- Fixed an immediate-use-after-free bug and two additional
unconfirmed use-after-free complaints
[CVE-2015-1201] [boo#914450]
- Actually show the FORCE_PREFIX value on the show-status page.
- Properly deal with Keep-Alive headers with timeout= parameters
- Not using any filter files no longer results in warning messages
unless an action file is referencing header taggers or filters.
- Fixed a bug that prevented Privoxy from reusing some reusable
connections.
- General improvements:
- Introduced NO-REQUEST-TAG and NO-RESPONSE-TAG.
- Add support for the 'PATCH' method as defined in RFC5789.
- Reject requests with unsupported Expect header values.
- Normalize the HTTP-version in forwarded requests and responses.
- Server 'Keep-Alive' headers are no longer forwarded.
- Change declared template file encoding to UTF-8.
- Do not pass rejected keep-alive timeouts to the server.
- CGI templates no longer enforce new windows for some links.
- Documentation improvements
- Build system improvements
- Action file improvements:
- The pattern 'promotions.' is no longer being blocked.
- Various updated filter rules and exceptions.
- Filter file improvements & bug fixes:
- Decrease the chances that js-annoyances creates invalid JavaScript.
- Let the msn filter hide 'related' ads again.
- Prevent img-reorder from messing up img tags with empty src
attributes.
- add source URL
- fix self-obsoletion
- clean up spec file
* Sun Nov 09 2014 Led <ledest@gmail.com>
- fix bashisms in pre script
/etc/NetworkManager /etc/NetworkManager/dispatcher.d /etc/NetworkManager/dispatcher.d/privoxyd /etc/logrotate.d/privoxy /etc/privoxy /usr/lib/systemd/system/privoxy.service /usr/sbin/privoxy /usr/sbin/rcprivoxy /usr/share/doc/packages/privoxy /usr/share/doc/packages/privoxy/AUTHORS /usr/share/doc/packages/privoxy/ChangeLog /usr/share/doc/packages/privoxy/README /usr/share/licenses/privoxy /usr/share/licenses/privoxy/LICENSE /usr/share/man/man1/privoxy.1.gz /var/lib/privoxy /var/lib/privoxy/etc /var/lib/privoxy/etc/config /var/lib/privoxy/etc/default.action /var/lib/privoxy/etc/default.filter /var/lib/privoxy/etc/match-all.action /var/lib/privoxy/etc/regression-tests.action /var/lib/privoxy/etc/templates /var/lib/privoxy/etc/templates/blocked /var/lib/privoxy/etc/templates/cgi-error-404 /var/lib/privoxy/etc/templates/cgi-error-bad-param /var/lib/privoxy/etc/templates/cgi-error-disabled /var/lib/privoxy/etc/templates/cgi-error-file /var/lib/privoxy/etc/templates/cgi-error-file-read-only /var/lib/privoxy/etc/templates/cgi-error-modified /var/lib/privoxy/etc/templates/cgi-error-parse /var/lib/privoxy/etc/templates/cgi-style.css /var/lib/privoxy/etc/templates/client-tags /var/lib/privoxy/etc/templates/connect-failed /var/lib/privoxy/etc/templates/connection-timeout /var/lib/privoxy/etc/templates/default /var/lib/privoxy/etc/templates/edit-actions-add-url-form /var/lib/privoxy/etc/templates/edit-actions-for-url /var/lib/privoxy/etc/templates/edit-actions-for-url-filter /var/lib/privoxy/etc/templates/edit-actions-list /var/lib/privoxy/etc/templates/edit-actions-list-button /var/lib/privoxy/etc/templates/edit-actions-list-section /var/lib/privoxy/etc/templates/edit-actions-list-url /var/lib/privoxy/etc/templates/edit-actions-remove-url-form /var/lib/privoxy/etc/templates/edit-actions-url-form /var/lib/privoxy/etc/templates/forwarding-failed /var/lib/privoxy/etc/templates/mod-local-help /var/lib/privoxy/etc/templates/mod-support-and-service /var/lib/privoxy/etc/templates/mod-title /var/lib/privoxy/etc/templates/mod-unstable-warning /var/lib/privoxy/etc/templates/no-server-data /var/lib/privoxy/etc/templates/no-such-domain /var/lib/privoxy/etc/templates/show-request /var/lib/privoxy/etc/templates/show-status /var/lib/privoxy/etc/templates/show-status-file /var/lib/privoxy/etc/templates/show-url-info /var/lib/privoxy/etc/templates/toggle /var/lib/privoxy/etc/templates/toggle-mini /var/lib/privoxy/etc/templates/untrusted /var/lib/privoxy/etc/templates/url-info-osd.xml /var/lib/privoxy/etc/trust /var/lib/privoxy/etc/user.action /var/lib/privoxy/etc/user.filter /var/lib/privoxy/lib64 /var/lib/privoxy/log /var/lib/privoxy/var /var/lib/privoxy/var/log /var/lib/privoxy/var/log/privoxy /var/lib/privoxy/var/run
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 13:01:01 2024