From: Roland Rosenfeld <roland@spinnaker.de>
Date: Sun, 21 Oct 2007 12:10:44 +0000 (+0000)
Subject: Merge changes from Debian revision 3.0.6-4.
X-Git-Tag: v_3_0_7~119
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/@default-cgi@/faq/static/user-manual/@default-cgi@show-status?a=commitdiff_plain;h=3b1aa5679211bfdff57aa46cad375ed988ed385a;p=privoxy.git
Merge changes from Debian revision 3.0.6-4.
---
diff --git a/debian/README.Debian b/debian/README.Debian
index 5506000c..7074d3ba 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -1,11 +1,19 @@
privoxy for Debian
==================
-- enable-edit-actions and enable-remote-toggle are disabled in the
- Debian package for security reasons, because these options allow
- every user of your privoxy to change its configuration. If you still
- want to use these features, you can enable them in
- /etc/privoxy/config and do a "/etc/init.d/privoxy restart".
+- enable-edit-actions, enable-remote-toggle, and
+ enable-remote-http-toggle are disabled in the Debian package for
+ security reasons, because these options allow every user of your
+ privoxy to change its configuration. Except this there exist
+ exploits using Java and/or JavaScript that tell your browser to send
+ out requests for disabling the proxy or the filtering, which may
+ compromise your anonymity. If you still want to use these features,
+ you can enable them in /etc/privoxy/config and do a
+ "/etc/init.d/privoxy restart".
+
+- Comment "debug 1" from default configuration, so GET/POST/CONNECT
+ requests are no longer logged by default to protect your privacy a
+ bit more.
- Experimental IPv6 support patch is available in the source package
but currently disabled because of too many side effects and bugs.
@@ -43,4 +51,4 @@ privoxy for Debian
editable again.
Roland Rosenfeld <roland@debian.org>
-$Id: README.Debian,v 1.6 2006-11-12 11:34:59 roland Exp $
+$Id: README.Debian,v 1.7 2007-10-21 10:07:04 roland Exp $
diff --git a/debian/changelog b/debian/changelog
index 95e4ab7d..c87ca191 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,6 @@
-privoxy (3.0.7~CSV20071014-0.1) UNRELEASED; urgency=low
+privoxy (3.0.7~CSV20071021-0.1) UNRELEASED; urgency=low
- * CVS as of 2007-10-14.
+ * CVS as of 2007-10-21.
* Enable new zlib feature (Closes: #368448):
- build-depend on zlib1g-dev
- disable prevent-compression in 25_standard_medium.dpatch
@@ -12,7 +12,19 @@ privoxy (3.0.7~CSV20071014-0.1) UNRELEASED; urgency=low
doesn't like these.
* 32_faq_ulinkfix: Fix ulink parameter.
- -- Roland Rosenfeld <roland@debian.org> Sun, 14 Oct 2007 17:45:59 +0200
+ -- Roland Rosenfeld <roland@debian.org> Sun, 21 Oct 2007 14:05:00 +0200
+
+privoxy (3.0.6-4) unstable; urgency=low
+
+ * Set "enable-remote-http-toggle 0" by default because otherwise
+ requests may be able to bypass filtering by setting "X-Filter: No"
+ headers using some strange javascript code.
+ * Disable default logging of every GET/POST/CONNECT request to protect
+ your privacy a bit more.
+ * 05_defaut_action: Stop blocking Andorra ccTLD (.ad) (Closes: #445461).
+ * Run make clean/distclean only if GNUmakefile exists in debian/rules.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 21 Oct 2007 12:47:51 +0200
privoxy (3.0.6-3) unstable; urgency=low
diff --git a/debian/patches/05_defaut_action.dpatch b/debian/patches/05_defaut_action.dpatch
index a77e3007..9194b972 100644
--- a/debian/patches/05_defaut_action.dpatch
+++ b/debian/patches/05_defaut_action.dpatch
@@ -8,7 +8,16 @@
diff -urNad privoxy~/default.action.master privoxy/default.action.master
--- privoxy~/default.action.master
+++ privoxy/default.action.master
-@@ -1823,6 +1823,11 @@
+@@ -598,6 +598,8 @@
+ .*[epu]ad*.
+ county*.
+ countr*.
++#MASTER# Do not block Andorra ccTLD:
++.ad
+
+ #############################################################################
+ # Generic block patterns by path:
+@@ -1823,6 +1825,11 @@
{+filter{tiny-textforms} +prevent-compression}
.sourceforge.net/tracker
diff --git a/debian/patches/14_config.dpatch b/debian/patches/14_config.dpatch
index 76240b89..ec358695 100644
--- a/debian/patches/14_config.dpatch
+++ b/debian/patches/14_config.dpatch
@@ -52,6 +52,15 @@ diff -urNad privoxy~/config privoxy/config
#
# 2.3. actionsfile
+@@ -575,7 +575,7 @@
+ # If you want to use CLF (Common Log Format), you should set
+ # "debug 512" ONLY and not enable anything else.
+ #
+-debug 1 # show each GET/POST/CONNECT request
++#debug 1 # show each GET/POST/CONNECT request
+ debug 4096 # Startup banner and warnings
+ debug 8192 # Errors - *we highly recommended enabling this*
+
@@ -735,7 +735,7 @@
# Note that you must have compiled Privoxy with support for this
# feature, otherwise this option has no effect.
@@ -61,6 +70,15 @@ diff -urNad privoxy~/config privoxy/config
#
# 4.4. enable-remote-http-toggle
+@@ -770,7 +770,7 @@
+ # untrustworthy clients and want to enforce filtering, you will
+ # have to disable this option, otherwise you can ignore it.
+ #
+-enable-remote-http-toggle 1
++enable-remote-http-toggle 0
+
+ #
+ # 4.5. enable-edit-actions
@@ -803,7 +803,7 @@
# Note that you must have compiled Privoxy with support for this
# feature, otherwise this option has no effect.
diff --git a/debian/rules b/debian/rules
index 6e7ada55..a8422365 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,6 +1,6 @@
#!/usr/bin/make -f
#
-# (C) 2002-2006 Roland Rosenfeld <roland@debian.org>, based on
+# (C) 2002-2007 Roland Rosenfeld <roland@debian.org>, based on
# Sample debian/rules that uses debhelper.
# This file is public domain software, originally written by Joey Hess.
@@ -57,8 +57,8 @@ clean1:
dh_testroot
rm -f build-stamp configure-stamp
- -$(MAKE) clean
- -$(MAKE) distclean
+ [ ! -f GNUmakefile ] || $(MAKE) clean
+ [ ! -f GNUmakefile ] || $(MAKE) distclean
rm -f configure config.h GNUmakefile
rm -f privoxy.8