+privoxy (3.0.33~gitsnapshot-1) UNRELEASED; urgency=medium
+
+ * Unreleased GIT snapshot.
+ * Adapt Debian patches to GIT changes.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 11 Apr 2021 13:07:57 +0200
+
+privoxy (3.0.32-2) unstable; urgency=medium
+
+ * Work around apparmor failure in testsuite (Closes: #986258).
+ * apparmor: Allow multiple instances using /run/privoxy*.pid
+ * README.Debian: add information about apparmor.
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 03 Apr 2021 11:17:39 +0200
+
+privoxy (3.0.32-1) unstable; urgency=medium
+
+ * New upstream release 3.0.32.
+ * Adapt all patches to new version.
+
+ -- Roland Rosenfeld <roland@debian.org> Thu, 25 Feb 2021 22:18:54 +0100
+
+privoxy (3.0.31-1) unstable; urgency=medium
+
+ * New upstream release 3.0.31.
+ * Support nodoc build option.
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 30 Jan 2021 21:40:46 +0100
+
+privoxy (3.0.30-1) unstable; urgency=medium
+
+ * New upstream release 3.0.30.
+ * Update all patches to new version.
+ * 15_mansection8, 35_man-spelling, 39_show-status and 40_redirect-ssl
+ are now incorporated upstream.
+ * Optimize debian/rules clean to restore pristine state.
+
+ -- Roland Rosenfeld <roland@debian.org> Thu, 28 Jan 2021 22:00:05 +0100
+
+privoxy (3.0.29-2) unstable; urgency=medium
+
+ * Use --enable-extended-statistics and --enable-pcre-host-patterns.
+ * 39_show-status: Add new features to show-status page.
+ * Remove 38_SOURCE_DATE_EPOCH, since upstream honors it when set.
+ * Upgrade to Standards-Version 4.5.1 (no changes).
+ * 40_redirect-ssl: Check the actual URL when https inspecting requests.
+ * Add apparmor profile usr.sbin.privoxy.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 17 Jan 2021 13:10:33 +0100
+
+privoxy (3.0.29-1) unstable; urgency=medium
+
+ * New upstream release 3.0.29.
+ * Update all patches to new version.
+ * 36_trusted-cgi-referer-example and 37_ppedit-tests403 are now
+ incorporated upstream.
+ * d/copyright: Update to new upstream version.
+ * d/copyright: use ./ prefix to upstream filenames, because orig.tar.gz
+ is build with a ./ prefix.
+ * Upgrade to debhelper v13.
+ * Rebuild privoxy-man-page.html.
+ * 38_SOURCE_DATE_EPOCH: Remove hardcoded SOURCE_DATE_EPOCH from
+ configure.in but use the date from debian/changelog.
+ * Remove 05_defaut_action since this is no longer needed.
+ * Tag all patches with Forwarded header.
+ * debian/watch: Cleanup and update to version 4.
+ * Compile --with-mbedtls to allow https-inspection.
+ * Adapt TLS/SSL settings to Debian FHS.
+ * Generate dirs with correct permissions for https-inspection.
+ * Delete https-inspection certs on purge.
+ * Expire https-inspection certs after 90 days.
+ * Compile --with-brotli to enable support for brotli decompression.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 29 Nov 2020 14:22:27 +0100
+
+privoxy (3.0.28-3) unstable; urgency=medium
+
+ * Add buildlog to salsa-ci test pipeline.
+ * d/salsa-ci.yml stripped down using pipline-jobs.yml
+ * Build-depend on debhelper-compat (= 12) instead of using d/compat.
+ * Upgrade to Standards-Version 4.5.0 (no changes).
+ * Add upstream metadata.
+ * privoxy.service: run After=network-online.target, this fixes
+ LP#1870101.
+
+ -- Roland Rosenfeld <roland@debian.org> Thu, 02 Apr 2020 18:04:44 +0200
+
+privoxy (3.0.28-2) unstable; urgency=medium
+
+ * d/tests/privoxy-regression-test: Remove tmpdir on exit.
+ * 36_trusted-cgi-referer-example: Comment trusted-cgi-referer pointing
+ to example.org
+ * d/maintscript: Remove orphaned /etc/privoxy/templates/show-version
+ (Closes: #918110).
+ * 37_ppedit-tests403: Update a bunch of regression tests that have to
+ expect status code 403 now.
+ * Enable enable-edit-actions in privoxy-regression-test again.
+ * Upgrade to debhelper v12.
+ * Update (minimal) upstream signing key.
+ * Add Pre-Depends: ${misc:Pre-Depends} for --skip-systemd-native.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 06 Jan 2019 13:07:14 +0100
+
+privoxy (3.0.28-1) unstable; urgency=medium
+
+ [ Roland Rosenfeld ]
+ * Add es debconf translation. Thanks to Jonathan Bustillos (Closes: #903863).
+ * 38_connection_close: Don't add a "Connection" header for CONNECT requests.
+
+ [ Ondřej Nový ]
+ * d/tests: Use AUTOPKGTEST_TMP instead of ADTTMP
+ * d/watch: Use https protocol
+
+ [ Roland Rosenfeld ]
+ * d/tests: Fix leftover ADTTMP.
+ * Add salsa CI pipeline in debian/gitlab-ci.yml.
+ * New upstream version 3.0.28.
+ * Adapt all patches to new version (06_8bit_manual is implemented in a
+ better way upstream now, 36_openspopenjade is replaced by some
+ autoconf code, 37_adventofcode and 38_connection_close are included
+ upstream).
+ * Update debian/copyright.
+ * Upgrade to Standards-Version 4.3.0 (Declare Rules-Requires-Root: no).
+ * Move PID file from /var/run to /run.
+ * Undo voodoo to remove CVS tags from configs since upstream uses git
+ now.
+ * Disable enable-edit-actions in privoxy-regression-test, since the test
+ seems to be broken (does not use referrer, which is required here).
+
+ -- Roland Rosenfeld <roland@debian.org> Mon, 31 Dec 2018 16:52:27 +0100
+
+privoxy (3.0.26-6) unstable; urgency=medium
+
+ * Fix typo in patch description.
+ * postinst: avoid using chown -R.
+ * Move source.lintian-overrides to soure/lintian-overrides.
+ * Add Vcs-headers pointing to salsa.
+ * Upgrade to Standards-Version 4.1.4 (no changes).
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 29 Apr 2018 11:57:47 +0200
+
+privoxy (3.0.26-5) unstable; urgency=medium
+
+ * Add ru debconf translation. Thanks to Lev Lamberov (Closes: #883110).
+ * Optimize patches for gbp pq.
+ * Upgrade to Standards-Version 4.1.3 (no changes).
+ * Upgrade to debhelper v11 (remove systemd from dh call).
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 20 Jan 2018 12:49:42 +0100
+
+privoxy (3.0.26-4) unstable; urgency=medium
+
+ * Add pt debconf translation. Thanks to Rui Branco (Closes: #858743).
+ * Add description to 36_openspopenjade.patch.
+ * Upgrade to debhelper v10 and remove dh-systemd build dependency.
+ * debhelper v10 replaces autotools-dev.
+ * Remove Testsuite header, since this is automatically added.
+ * Upgrade to Standards-Version 4.1.1
+ - change copyrights-format to https.
+
+ -- Roland Rosenfeld <roland@debian.org> Wed, 01 Nov 2017 10:45:49 +0100
+
+privoxy (3.0.26-3) unstable; urgency=medium
+
+ * Add da debconf translation. Thanks to Joe Dalton (Closes: #850876).
+ * 37_adventofcode: unlock adventofcode.com (Closes: #848211).
+
+ -- Roland Rosenfeld <roland@debian.org> Wed, 11 Jan 2017 22:24:55 +0100
+
+privoxy (3.0.26-2) unstable; urgency=medium
+
+ * Add db_stop to postinst, since upgrade fails otherwise in some
+ situations (Closes: #835409).
+ * Replace sp and jade with opensp and openjade. Thanks to Neil Roeth
+ for providing a patch (Closes: #837207).
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 10 Sep 2016 08:48:35 +0200
+
+privoxy (3.0.26-1) unstable; urgency=medium
+
+ * New upstream version 3.0.26.
+ * This includes 36_listen-nohost.patch.
+ * Updated all patches to new version.
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 27 Aug 2016 22:28:32 +0200
+
+privoxy (3.0.25-2) unstable; urgency=medium
+
+ * Add pt_BR debconf translation. Thanks to Adriano Rafael Gomes
+ (Closes: #827327).
+ * Symlink p_doc.css to user-manual.
+ * Install regression-tests.action.
+ * Enable autopkgtest and run privoxy-regression-test.pl.
+ * Install privoxy-regression-test and man page to binary package.
+ * Updated debian/copyright to catch all copyright variants.
+ * Remove outdated stuff from README.Debian.
+ * 36_listen-nohost: Fix crashes with "listen-addr :8118" (Closes: #834941).
+
+ -- Roland Rosenfeld <roland@debian.org> Tue, 23 Aug 2016 09:27:34 +0200
+
+privoxy (3.0.25-1) unstable; urgency=medium
+
+ * New upstream version 3.0.25 (beta).
+ * Adapt all patches to new upstream version.
+ * Update debian/copyright to new privoxy home.
+ * Add sv debconf translation. Thanks to Jonatan Nyberg (Closes: #824913).
+ * Add fr debconf translation. Thanks to Steve Petruzzello (Closes: #825478).
+ * Add nl debconf translation. Thanks to Frans Spiesschaert (Closes: #825691).
+ * privoxy.service: Run after network.target (Closes: #825358).
+
+ -- Roland Rosenfeld <roland@debian.org> Sat, 28 May 2016 23:13:56 +0200
+
privoxy (3.0.24-2) unstable; urgency=medium
- * Upgrade Standards-Version to 3.9.7 (no changes).
+ * Upgrade Standards-Version to 3.9.8 (no changes).
+ * Add -p to QUILT_DIFF_OPTS.
+ * Add Documentation key to privoxy.service.
+ * 35_man-spelling: Fix spelling error in privoxy-log-parser(1).
+ * Add debconf and ucf support to make listen-address configurable.
+ Thanks to James Valleroy for providing the code (Closes: #798219).
+ * Remove 28_listen_localhost, but listen on 127.0.0.1:8118 and
+ [::1]:8118 by default, since otherwise privoxy listens only on IPv6
+ (Closes: #518010, #557443).
+ * Change several URLs from http to https.
- -- Roland Rosenfeld <roland@debian.org> Thu, 04 Feb 2016 19:35:59 +0100
+ -- Roland Rosenfeld <roland@debian.org> Sun, 01 May 2016 14:21:22 +0200
privoxy (3.0.24-1) unstable; urgency=medium
privoxy (3.0.21-5) unstable; urgency=low
* 34_CVE-2015-1030: Fix memory leak in rfc2553_connect_to(). CID 66382
- * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
+ * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
only consists of one item. CID 66394.
* 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to
NULL in case of errors. Should make use-after-free in the caller less
likely. CID 66391, CID 66376.
* These 3 patches Closes: #775167.
-
+
-- Roland Rosenfeld <roland@debian.org> Mon, 12 Jan 2015 08:44:23 +0100
privoxy (3.0.21-4) unstable; urgency=low
-- Roland Rosenfeld <roland@debian.org> Thu, 24 Jan 2013 17:40:51 +0100
+privoxy (3.0.19-2+deb7u4) oldstable; urgency=high
+
+ * 42_CVE-2013-2503: Proxy authentication headers are removed unless the
+ new directive enable-proxy-authentication-forwarding is used.
+ Forwarding the headers potentionally allows malicious sites to trick
+ the user into providing it with login information (Closes: #702896).
+
+ -- Roland Rosenfeld <roland@debian.org> Tue, 08 Mar 2016 08:52:26 +0100
+
privoxy (3.0.19-2+deb7u3) wheezy-security; urgency=high
* 40_CVE-2016-1982: Prevent invalid reads in case of corrupt
privoxy (3.0.19-2+deb7u1) stable-security; urgency=medium
- * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
+ * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
only consists of one item. CID 66394.
* 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to
NULL in case of errors. Should make use-after-free in the caller less
privoxy (3.0.16-1+deb6u2) squeeze-lts; urgency=high
- * Non-maintainer upload by the Squeeze LTS Team.
+ * Non-maintainer upload by the Squeeze LTS Team.
* CVE-2016-1982
Prevent invalid reads in case of corrupt chunk-encoded content
* CVE-2016-1983
- Remove empty Host headers in client requests; resulting in
+ Remove empty Host headers in client requests; resulting in
invalid reads.
-
+
-- Thorsten Alteholz <debian@alteholz.de> Fri, 22 Jan 2016 18:03:02 +0100
privoxy (3.0.16-1+deb6u1) squeeze-lts; urgency=medium
privoxy (3.0.15-2) unstable; urgency=low
* 30_localhost_fixup: Remove workaround for "localhost" listen-address,
- which should solve all problems with privoxy not starting.
+ which should solve all problems with privoxy not starting.
(Closes: #534735).
-- Roland Rosenfeld <roland@debian.org> Sun, 13 Dec 2009 10:09:11 +0100
weren't noticed, cause they are written to the console on start now
(Closes: #375174)
* Modify init.d script to be more lsb compliant.
- Depends on lsb-base (>= 3.2-13)
+ Depends on lsb-base (>= 3.2-13)
* Allow disabling privoxy via RUN_DAEMON=no in /etc/default/privoxy.
(Closes: #482563).
* Update README.Debian to fit all changes.
* IPv6 patch added again: 03_ipv6: privoxy-3.0.10-ipv6-all-6.diff by
Petr Písař (Closes: #179461).
- It seems that the old bugs #391600 and #393605, which appeared with
+ It seems that the old bugs #391600 and #393605, which appeared with
the previous version, are fixed now.
* 28_listen_localhost: Listen on localhost:8118 instead of 127.0.0.1:8118,
because this is independent from localhost IP (127.0.0.1 vs. 127.0.1.1)
privoxy (3.0.5-beta-3) unstable; urgency=medium
* Disable the IPv6 patch, because this is seems to have too many bugs
- for a release right now.
+ for a release right now.
- This reopens #179461.
- This solves the problem, that "listen-address :8118" listens on
localhost only (Closes: #391600).
- This solves the problem, that regex pattern at front of hostname
- is ignored (Closes: #393605).
+ is ignored (Closes: #393605).
* Use /usr/share/dpatch/dpatch.make in debian/rules instead of adding
the content by hand.
* Extended version of 26_edit_only_writable.dpatch by Fabian Keil. Now
privoxy (3.0.5-beta-1) unstable; urgency=low
* New upstream version 3.0.5-beta.
- * hide-referrer{foo} now allows everything as a forged referrer not
- only http/https URLs and ignoring invalid URLs (Closes: #258193).
+ * hide-referrer{foo} now allows everything as a forged referrer not
+ only http/https URLs and ignoring invalid URLs (Closes: #258193).
* Fixes the name of the filter from "popups" to "all-popups" in
user.action. (Closes: #385886).
* Block http://www.google-analytics.com/urchin.js because this is used
privoxy (3.0.3-4) unstable; urgency=low
- * Stop converting entities to 8bit chars in the documentation
+ * Stop converting entities to 8bit chars in the documentation
(Closes: #203697).
* Fix typos ('persistant' and 'Januar') in man page and man page sources
(Closes: #302145).
privoxy (3.0.3-3) unstable; urgency=low
* Now really remove multiproxy.org from all documentation, not only from
- the config file (Closes: #198953).
+ the config file (Closes: #198953).
-- Roland Rosenfeld <roland@debian.org> Sun, 15 Feb 2004 23:11:29 +0100
- This introduces workarounds for server (PHP <4.2.3) bugs including
the "blank page" problem (Closes: #215231).
- Avoid the conversion of "open" in scripts to "PrivoxyWindowOpen"
- (Closes: #197995).
+ (Closes: #197995).
- "advocancy" is no longer blocked (Closes: #202042).
- Fixed yet another two memory leaks (Closes: #215911).
* Stop backup of pdf directory, because it is no longer contained in the
upstream package.
* Create doc/pdf, which is missing upstream.
- * disable filter{unsolicited-popups} for www.perl.com/language/newdocs/pod/
+ * disable filter{unsolicited-popups} for www.perl.com/language/newdocs/pod/
to avoid problems with "PrivoxyWindowOpen" in Perl manuals
(Closes: #195311).
* Apply patch make privoxy compilable on woody where htmldoc --version
* Stop build-depending on special versions of libc6-dev and gcc.
Hopefully all auto-builders run new versions which shouldn't cause
- trouble (Closes: #182267)
+ trouble (Closes: #182267)
-- Roland Rosenfeld <roland@debian.org> Mon, 24 Feb 2003 19:07:11 +0100
* Do no longer build html and txt versions of documentation using
docbook, but use the converted versions which come with the upstream
package.
- * default.action fixed upstream: "downloads" no longer blocked
+ * default.action fixed upstream: "downloads" no longer blocked
(Closes: #148290).
* default.filter fixed upstream: Made WeBugs job ungreedy (Closes: #149450).
* Remove the "beta" from the version number (the final release will be