From be1946c9ece236b1d825861c559fdcd02cfaee02 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Sun, 17 Jan 2016 14:31:33 +0000
Subject: [PATCH] Import ChangeLog
---
doc/source/changelog.sgml | 260 ++++++++++++++++++++++++++++++++------
1 file changed, 222 insertions(+), 38 deletions(-)
diff --git a/doc/source/changelog.sgml b/doc/source/changelog.sgml
index 196d235d..bc2d46fb 100644
--- a/doc/source/changelog.sgml
+++ b/doc/source/changelog.sgml
@@ -3,7 +3,7 @@
Purpose : Entity included in other project documents.
- $Id: changelog.sgml,v 2.12 2015/01/26 11:25:45 fabiankeil Exp $
+ $Id: changelog.sgml,v 2.13 2015/03/29 17:22:05 fabiankeil Exp $
Copyright (C) 2013 Privoxy Developers http://www.privoxy.org/
See LICENSE.
@@ -21,8 +21,10 @@
-->
<para>
- <application>Privoxy 3.0.23</application> stable is a bug-fix release,
- some of the fixed bugs are security issues:
+ <application>Privoxy 3.0.24</application> stable contains a couple
+ of new features but is mainly a bug-fix release. Two of the fixed bugs
+ are security issues (CVE requests pending) and may be used to remotely
+ trigger crashes on platforms that carefully check memory accesses (most don't).
</para>
<!--
@@ -32,45 +34,123 @@
<para>
<itemizedlist>
+ <listitem>
+ <para>
+ Security fixes (denial of service):
+ <itemizedlist>
+ <listitem>
+ <para>
+ Prevent invalid reads in case of corrupt chunk-encoded content.
+ Bug discovered with afl-fuzz and AddressSanitizer.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove empty Host headers in client requests.
+ Previously they would result in invalid reads.
+ Bug discovered with afl-fuzz and AddressSanitizer.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
<listitem>
<para>
Bug fixes:
<itemizedlist>
<listitem>
<para>
- Fixed a DoS issue in case of client requests with incorrect
- chunk-encoded body. When compiled with assertions enabled
- (the default) they could previously cause Privoxy to abort().
- Reported by Matthew Daley. CVE-2015-1380.
+ When using socks5t, send the request body optimistically as well.
+ Previously the request body wasn't guaranteed to be sent at all
+ and the error message incorrectly blamed the server.
+ Fixes #1686 reported by Peter Müller and G4JC.
</para>
</listitem>
<listitem>
<para>
- Fixed multiple segmentation faults and memory leaks in the
- pcrs code. This fix also increases the chances that an invalid
- pcrs command is rejected as such. Previously some invalid commands
- would be loaded without error. Note that Privoxy's pcrs sources
- (action and filter files) are considered trustworthy input and
- should not be writable by untrusted third-parties. CVE-2015-1381.
+ Fixed buffer scaling in execute_external_filter() that could lead
+ to crashes. Submitted by Yang Xia in #892.
</para>
</listitem>
<listitem>
<para>
- Fixed an 'invalid read' bug which could at least theoretically
- cause Privoxy to crash. So far, no crashes have been observed.
- CVE-2015-1382.
+ Fixed crashes when executing external filters on platforms like
+ Mac OS X. Reported by Jonathan McKenzie on ijbswa-users@
</para>
</listitem>
<listitem>
<para>
- Compiles with --disable-force again. Reported by Kai Raven.
+ Properly parse ACL directives with ports when compiled with HAVE_RFC2553.
+ Previously the port wasn't removed from the host and in case of
+ 'permit-access 127.0.0.1 example.org:80' Privoxy would try (and fail)
+ to resolve "example.org:80" instead of example.org.
+ Reported by Pak Chan on ijbswa-users@.
</para>
</listitem>
<listitem>
<para>
- Client requests with body that can't be delivered no longer
- cause pipelined requests behind them to be rejected as invalid.
- Reported by Basil Hussain.
+ Check requests more carefully before serving them forcefully
+ when blocks aren't enforced. Privoxy always adds the force token
+ at the beginning of the path, but would previously accept it anywhere
+ in the request line. This could result in requests being served that
+ should be blocked. For example in case of pages that were loaded with
+ force and contained JavaScript to create additionally requests that
+ embed the origin URL (thus inheriting the force prefix).
+ The bug is not considered a security issue and the fix does not make
+ it harder for remote sites to intentionally circumvent blocks if
+ Privoxy isn't configured to enforce them.
+ Fixes #1695 reported by Korda.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Normalize the request line in intercepted requests to make rewriting
+ the destination more convenient. Previously rewrites for intercepted
+ requests were expected to fail unless $hostport was being used, but
+ they failed "the wrong way" and would result in an out-of-memory
+ message (vanilla host patterns) or a crash (extended host patterns).
+ Reported by "Guybrush Threepwood" in #1694.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Enable socket lingering for the correct socket.
+ Previously it was repeatedly enabled for the listen socket
+ instead of for the accepted socket. The bug was found by
+ code inspection and did not cause any (reported) issues.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Detect and reject parameters for parameter-less actions.
+ Previously they were silently ignored.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Fixed invalid reads in internal and outdated pcre code.
+ Found with afl-fuzz and AddressSanitizer.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Prevent invalid read when loading invalid action files.
+ Found with afl-fuzz and AddressSanitizer.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Windows build: Use the correct function to close the event handle.
+ It's unclear if this bug had a negative impact on Privoxy's behaviour.
+ Reported by Jarry Xu in #891.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ In case of invalid forward-socks5(t) directives, use the
+ correct directive name in the error messages. Previously they
+ referred to forward-socks4t failures.
+ Reported by Joel Verhagen in #889.
</para>
</listitem>
</itemizedlist>
@@ -82,14 +162,70 @@
<itemizedlist>
<listitem>
<para>
- If a pcrs command is rejected as invalid, Privoxy now logs
- the cause of the problem as text. Previously the pcrs error
- code was logged.
+ Set NO_DELAY flag for the accepting socket. This significantly reduces
+ the latency if the operating system is not configured to set the flag
+ by default. Reported by Johan Sintorn in #894.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Allow to build with mingw x86_64. Submitted by Rustam Abdullaev in #135.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Introduce the new forwarding type 'forward-webserver'.
+ Currently it is only supported by the forward-override{} action and
+ there's no config directive with the same name. The forwarding type
+ is similar to 'forward', but the request line only contains the path
+ instead of the complete URL.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The CGI editor no longer treats 'standard.action' special.
+ Nowadays the official "standards" are part of default.action
+ and there's no obvious reason to disallow editing them through
+ the cgi editor anyway (if the user decided that the lack of
+ authentication isn't an issue in her environment).
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Improved error messages when rejecting intercepted requests
+ with unknown destination.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A couple of log messages now include the number of active threads.
</para>
</listitem>
<listitem>
<para>
- The tests are less likely to cause false positives.
+ Removed non-standard Proxy-Agent headers in HTTP snipplets
+ to make testing more convenient.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Include the error code for pcre errors Privoxy does not recognize.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Config directives with numerical arguments are checked more carefully.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Privoxy's malloc() wrapper has been changed to prevent zero-size
+ allocations which should only occur as the result of bugs.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Various cosmetic changes.
</para>
</listitem>
</itemizedlist>
@@ -101,13 +237,51 @@
<itemizedlist>
<listitem>
<para>
- '.sify.com/' is no longer blocked. Apparently it is not actually
- a pure tracking site (anymore?). Reported by Andrew on ijbswa-users@.
+ Unblock ".deutschlandradiokultur.de/".
+ Reported by u302320 in #924.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Add two fast-redirect exceptions for "yandex.ru".
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Disable filter{banners-by-size} for ".plasmaservice.de/".
</para>
</listitem>
<listitem>
<para>
- Unblock banners on .amnesty.de/ which aren't ads.
+ Unblock klikki.fi/adv/.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Block requests for "resources.infolinks.com/".
+ Reported by "Black Rider" on ijbswa-users@.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Block a bunch of criteo domains.
+ Reported by Black Rider.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Block "abs.proxistore.com/abe/".
+ Reported by Black Rider.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Disable filter{banners-by-size} for ".black-mosquito.org/".
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Disable fast-redirects for "disqus.com/".
</para>
</listitem>
</itemizedlist>
@@ -119,32 +293,42 @@
<itemizedlist>
<listitem>
<para>
- The 'Would you like to donate?' section now also contains
- a "Paypal" address.
+ FAQ: Explicitly point fingers at ASUS as an example of a
+ company that has been reported to force malware based on
+ Privoxy upon its customers.
</para>
</listitem>
<listitem>
<para>
- The list of supported operating systems has been updated.
+ Correctly document the action type for a bunch of "multi-value"
+ actions that were incorrectly documented to be "parameterized".
+ Reported by Gregory Seidman on ijbswa-users@.
</para>
</listitem>
<listitem>
<para>
- The existence of the SF support and feature trackers has been
- deemphasized because they have been broken for months.
- Most of the time the mailing lists still work.
+ Fixed the documented type of the forward-override{} action
+ which is obviously 'parameterized'.
</para>
- </listitem>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Website improvements:
+ <itemizedlist>
<listitem>
<para>
- The claim that default.action updates are sometimes released
- on their own has been removed. It hasn't happened in years.
+ Users who don't trust binaries served by SourceForge
+ can get them from a mirror. Migrating away from SourceForge
+ is planned for 2016 (TODO list item #53).
</para>
</listitem>
<listitem>
<para>
- Explicitly mention that Tor's port may deviate from the default
- when using a bundle. Requested by Andrew on ijbswa-users@.
+ The website is now available as onion service
+ (http://jvauzb4sb3bwlsnc.onion/).
</para>
</listitem>
</itemizedlist>
--
2.49.0