From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 30 Jan 2021 16:46:55 +0000 (+0100)
Subject: Update announcement for Privoxy 3.0.31 stable
X-Git-Tag: v_3_0_31~3
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/@default-cgi@/developer-manual/static/@default-cgi@edit-actions?a=commitdiff_plain;h=f1863beb4049af34709fda1019e81bcb906c1610;p=privoxy.git

Update announcement for Privoxy 3.0.31 stable
---

diff --git a/doc/webserver/announce.txt b/doc/webserver/announce.txt
index 21908e1b..3eb98eb6 100644
--- a/doc/webserver/announce.txt
+++ b/doc/webserver/announce.txt
@@ -1,8 +1,24 @@
-               Announcing Privoxy 3.0.30 stable
+               Announcing Privoxy 3.0.31 stable
 --------------------------------------------------------------------
 
-Privoxy 3.0.30 stable fixes a couple of bugs and introduces
-a few new features.
+Privoxy 3.0.31 fixes two security issues that were discovered while
+preparing the 3.0.30 release. The issues also affect earlier Privoxy
+releases.
+
+--------------------------------------------------------------------
+ChangeLog for Privoxy 3.0.31
+--------------------------------------------------------------------
+- Security/Reliability:
+  - Prevent an assertion from getting triggered by a crafted CGI request.
+    Commit 5bba5b89193fa. OVE-20210130-0001.
+    Reported by: Joshua Rogers (Opera)
+  - Fixed a memory leak when decompression fails "unexpectedly".
+    Commit f431d61740cc0. OVE-20210128-0001.
+
+- Bug fixes:
+  - Fixed detection of insufficient data for decompression.
+    Previously Privoxy could try to decompress a partly
+    uninitialized buffer.
 
 --------------------------------------------------------------------
 ChangeLog for Privoxy 3.0.30