<!--
- File : $Source: /cvsroot/ijbswa/current/doc/source/changelog.sgml,v $
+ File : doc/source/changelog.sgml
Purpose : Entity included in other project documents.
- $Id: changelog.sgml,v 2.8 2014/11/14 11:31:41 fabiankeil Exp $
-
- Copyright (C) 2013 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2013-2021 Privoxy Developers https://www.privoxy.org/
See LICENSE.
======================================================================
user-manual
-->
-<para>
- <application>Privoxy 3.0.22</application> stable is mainly a bug-fix
- release, it also has a couple of new features, though.
- Note that the first two entries in the ChangeLog below refer to security
- issues:
-</para>
<!--
The SGML ChangeLog can be generated with: utils/changelog2doc.pl ChangeLog
-->
+
<para>
+ <application>Privoxy 3.0.32</application> fixes multiple DoS issues
+ and a couple of other bugs. The issues also affect earlier Privoxy
+ releases.
+</para>
+ <para>
+ Changes in <application>Privoxy 3.0.32</application> stable:
+ </para>
+ <para>
<itemizedlist>
<listitem>
<para>
- Bug fixes:
+ Security/Reliability:
<itemizedlist>
<listitem>
<para>
- Fixed a memory leak when rejecting client connections due to
- the socket limit being reached (CID 66382). This affected
- Privoxy 3.0.21 when compiled with IPv6 support (on most
- platforms this is the default).
- </para>
- </listitem>
- <listitem>
- <para>
- Fixed an immediate-use-after-free bug (CID 66394) and two
- additional unconfirmed use-after-free complaints made by
- Coverity scan (CID 66391, CID 66376).
- </para>
- </listitem>
- <listitem>
- <para>
- Actually show the FORCE_PREFIX value on the show-status page.
+ ssplit(): Remove an assertion that could be triggered with a
+ crafted CGI request.
+ Commit 2256d7b4d67. OVE-20210203-0001.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Properly deal with Keep-Alive headers with timeout= parameters
- If the timeout still can't be parsed, use the configured
- timeout instead of preventing the client from keeping the
- connection alive. Fixes #3615312/#870 reported by Bernard Guillot.
+ cgi_send_banner(): Overrule invalid image types. Prevents a
+ crash with a crafted CGI request if Privoxy is toggled off.
+ Commit e711c505c48. OVE-20210206-0001.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Not using any filter files no longer results in warning messages
- unless an action file is referencing header taggers or filters.
- Reported by Stefan Kurtz in #3614835.
+ socks5_connect(): Don't try to send credentials when none are
+ configured. Fixes a crash due to a NULL-pointer dereference
+ when the socks server misbehaves.
+ Commit 85817cc55b9. OVE-20210207-0001.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Fixed a bug that prevented Privoxy from reusing some reusable
- connections. Two bit masks with different purpose unintentionally
- shared the same bit.
+ chunked_body_is_complete(): Prevent an invalid read of size two.
+ Commit a912ba7bc9c. OVE-20210205-0001.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- A couple of additional bugs were discovered by Coverity Scan.
- The fixes that are not expected to affect users are not explicitly
- mentioned here, for details please have a look at the CVS logs.
+ Obsolete pcre: Prevent invalid memory accesses with an invalid
+ pattern passed to pcre_compile(). Note that the obsolete pcre code
+ is scheduled to be removed before the 3.0.33 release. There has been
+ a warning since 2008 already.
+ Commit 28512e5b624. OVE-20210222-0001.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
- General improvements:
+ Bug fixes:
<itemizedlist>
<listitem>
<para>
- Introduced negative tag patterns NO-REQUEST-TAG and NO-RESPONSE-TAG.
- They apply if no matching tag is found after parsing client or
- server headers.
+ Properly parse the client-tag-lifetime directive. Previously it was
+ not accepted as an obsolete hash value was being used.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Add support for external filters which allow to process the
- response body with a script or program written in any language
- the platform supports. External filters are enabled with
- +external-filter{} after they have been defined in one of the
- filter files with a header line starting with "EXTERNAL-FILTER:".
- External filter support is experimental, not compiled by default
- and known not to work on all platforms.
+ decompress_iob(): Prevent reading of uninitialized data.
+ Reported by: Joshua Rogers (Opera).
</para>
</listitem>
<listitem>
<para>
- Add support for the 'PATCH' method as defined in RFC5789.
+ decompress_iob(): Don't advance cur past eod when looking
+ for the end of the file name and comment.
</para>
</listitem>
<listitem>
<para>
- Reject requests with unsupported Expect header values.
- Fixes a couple of Co-Advisor tests.
+ decompress_iob(): Cast value to unsigned char before shifting.
+ Prevents a left-shift of a negative value which is undefined behaviour.
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Normalize the HTTP-version in forwarded requests and responses.
- This is an explicit RFC 2616 MUST and RFC 7230 mandates that
- intermediaries send their own HTTP-version in forwarded
- messages.
+ gif_deanimate(): Confirm that that we have enough data before doing
+ any work. Fixes a crash when fuzzing with an empty document.
+ Reported by: Joshua Rogers (Opera).
</para>
</listitem>
<listitem>
<para>
- Server 'Keep-Alive' headers are no longer forwarded. From a user's
- point of view it doesn't really matter, but RFC 2616 (obsolete)
- mandates that the header is removed and this fixes a Co-Advisor
- complaint.
+ buf_copy(): Fail if there's no data to write or nothing to do.
+ Prevents undefined behaviour "applying zero offset to null pointer".
+ Reported by: Joshua Rogers (Opera)
</para>
</listitem>
<listitem>
<para>
- Change declared template file encoding to UTF-8. The templates
- already used a subset of UTF-8 anyway and changing the declaration
- allows to properly display UTF-8 characters used in the action files.
- This change may require existing action files with ISO-8859-1
- characters that aren't valid UTF-8 to be converted to UTF-8.
- Requested by Sam Chen in #582.
+ log_error(): Treat LOG_LEVEL_FATAL as fatal even when --stfu is
+ being used while fuzzing.
+ Reported by: Joshua Rogers (Opera).
</para>
</listitem>
<listitem>
<para>
- Do not pass rejected keep-alive timeouts to the server. It might
- not have caused any problems (we know of), but doing the right
- thing shouldn't hurt either.
+ Respect DESTDIR when considering whether or not to install
+ config files with ".new" extension.
</para>
</listitem>
<listitem>
<para>
- Let log_error() use its own buffer size #define to make changing
- the log buffer size slightly less inconvenient.
+ OpenSSL ssl_store_cert(): Fix two error messages.
</para>
</listitem>
<listitem>
<para>
- Turned single-threaded into a "proper" toggle directive with arguments.
- </para>
- </listitem>
- <listitem>
- <para>
- CGI templates no longer enforce new windows for some links.
- </para>
- </listitem>
- <listitem>
- <para>
- Remove an undocumented workaround ('HOST' header removal) for
- an Apple iTunes bug that according to #729900 got fixed in 2003.
- </para>
- </listitem>
- </itemizedlist>
- </para>
- </listitem>
- <listitem>
- <para>
- Action file improvements:
- <itemizedlist>
- <listitem>
- <para>
- The pattern 'promotions.' is no longer being blocked.
- Reported by rakista in #3608540.
+ Fix a couple of format specifiers.
</para>
</listitem>
<listitem>
<para>
- Disable fast-redirects for .microsofttranslator.com/.
+ Silence compiler warnings when compiling with NDEBUG.
</para>
</listitem>
<listitem>
<para>
- Disable filter{banners-by-size} for .dgb-tagungszentren.de/.
+ fuzz_server_header(): Fix compiler warning.
</para>
</listitem>
<listitem>
<para>
- Add adn.speedtest.net as a site-specific unblocker.
- Support request #3612908.
+ fuzz_client_header(): Fix compiler warning.
</para>
</listitem>
<listitem>
<para>
- Disable filter{banners-by-size} for creativecommons.org/.
+ cgi_send_user_manual(): Also reject requests if the user-manual
+ directive specifies a https:// URL. Previously Privoxy would try and
+ fail to open a local file.
</para>
- </listitem>
- <listitem>
- <para>
- Block requests to data.gosquared.com/. Reported by cbug in #3613653.
- </para>
- </listitem>
- <listitem>
- <para>
- Unblock .conrad./newsletter/. Reported by David Bo in #3614238.
- </para>
- </listitem>
- <listitem>
- <para>
- Unblock .bundestag.de/.
- </para>
- </listitem>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ General improvements:
+ <itemizedlist>
<listitem>
<para>
- Unblock .rote-hilfe.de/.
+ Log the TLS version and the the cipher when debug 2 is enabled.
</para>
</listitem>
<listitem>
<para>
- Disable fast-redirects for .facebook.com/plugins/like.php.
+ ssl_send_certificate_error(): Respect HEAD requests by not sending a body.
</para>
</listitem>
<listitem>
<para>
- Unblock Stackexchange popup URLs that aren't used to serve ads.
- Reported by David Wagner in #3615179.
+ ssl_send_certificate_error(): End the body with a single new line.
</para>
</listitem>
<listitem>
<para>
- Disable fast-redirects for creativecommons.org/.
+ serve(): Increase the chances that the host is logged when closing
+ a server socket.
</para>
</listitem>
<listitem>
<para>
- Unblock .stopwatchingus.info/.
+ handle_established_connection(): Add parentheses to clarify an expression
+ Suggested by: David Binderman
</para>
</listitem>
<listitem>
<para>
- Block requests for .adcash.com/script/.
- Reported by Tyrexionibus in #3615289.
+ continue_https_chat(): Explicitly unset CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE
+ if process_encrypted_request() fails. This makes it more obvious that the
+ connection will not be reused. Previously serve() relied on
+ CSP_FLAG_SERVER_CONTENT_LENGTH_SET and CSP_FLAG_CHUNKED being unset.
+ Inspired by a patch from Joshua Rogers (Opera).
</para>
</listitem>
<listitem>
<para>
- Disable HTML filters if the response was tagged as JavaScript.
- Filtering JavaScript code with filters intended to deal with HTML
- is usually a waste of time and, more importantly, may break stuff.
+ decompress_iob(): Add periods to a couple of log messages
</para>
</listitem>
<listitem>
<para>
- Use a custom redirect{} for .washingtonpost.com/wp-apps/imrs\.php\?src=
- Previously enabling the 'Advanced' settings (or manually enabling
- +fast-redirects{}) prevented some images from being loaded properly.
+ Terminate the body of the HTTP snipplets with a single new line
+ instead of "\r\n".
</para>
</listitem>
<listitem>
<para>
- Unblock "adina*." Fixes #919 reported by Morton A. Goldberg.
+ configure: Add --with-assertions option and only enable assertions
+ when it is used
</para>
</listitem>
<listitem>
<para>
- Block '/.*DigiAd'.
+ windows build: Use --with-brotli and --with-mbedtls by default and
+ enable dynamic error checking.
</para>
</listitem>
<listitem>
<para>
- Unblock 'adele*.'. Reported by Adele Lime in #1663.
+ gif_deanimate(): Confirm we've got an image before trying to write it
+ Saves a pointless buf_copy() call.
</para>
</listitem>
<listitem>
<para>
- Disable banners-by-size for kggp.de/.
+ OpenSSL ssl_store_cert(): Remove a superfluous space before the serial number.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
- Filter file improvements & bug fixes:
+ Action file improvements:
<itemizedlist>
<listitem>
<para>
- Decrease the chances that js-annoyances creates invalid JavaScript.
- Submitted by John McGowan on ijbswa-users@.
+ Disable fast-redirects for .golem.de/
</para>
</listitem>
<listitem>
<para>
- Let the msn filter hide 'related' ads again.
+ Unblock requests to adri*.
</para>
</listitem>
<listitem>
<para>
- Remove a stray '1' in the 'html-annoyances' filter.
+ Block requests for trc*.taboola.com/
</para>
</listitem>
<listitem>
<para>
- Prevent img-reorder from messing up img tags with empty src
- attributes. Fixes #880 reported by Duncan.
+ Disable fast-redirects for .linkedin.com/
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
- Documentation improvements:
+ Filter file improvements:
<itemizedlist>
<listitem>
<para>
- Updated the 'Would you like to donate?' section.
- </para>
- </listitem>
- <listitem>
- <para>
- Note that invalid forward-override{} parameter syntax isn't
- detected until the parameter is used.
- </para>
- </listitem>
- <listitem>
- <para>
- Add another +redirect{} example: a shortcut for illumos bugs.
- </para>
- </listitem>
- <listitem>
- <para>
- Make it more obvious that many operating systems support log
- rotation out of the box.
- </para>
- </listitem>
- <listitem>
- <para>
- Fixed dead links. Reported by Mark Nelson in #3614557.
- </para>
- </listitem>
- <listitem>
- <para>
- Rephrased the 'Why is the configuration so complicated?' answer
- to be slightly less condescending. Anonymously suggested in #3615122.
- </para>
- </listitem>
- <listitem>
- <para>
- Be more explicit about accept-intercepted-requests's lack of MITM support.
- </para>
- </listitem>
- <listitem>
- <para>
- Make 'demoronizer' FAQ entries more generic.
- </para>
- </listitem>
- <listitem>
- <para>
- Add an example hostname to the --pre-chroot-nslookup description.
- </para>
- </listitem>
- <listitem>
- <para>
- Add an example for a host pattern that matches an IP address.
- </para>
- </listitem>
- <listitem>
- <para>
- Rename the 'domain pattern' to 'host pattern' as it may
- contain IP addresses as well.
- </para>
- </listitem>
- <listitem>
- <para>
- Recommend forward-socks5t when using Tor. It seems to work fine and
- modifying the Tor configuration to profit from it hasn't been necessary
- for a while now.
- </para>
- </listitem>
- <listitem>
- <para>
- Add another redirect{} example to stress that redirect loops can
- and should be avoided.
- </para>
- </listitem>
- <listitem>
- <para>
- The usual spelling and grammar fixes. Parts of them were
- reported by Reuben Thomas in #3615276.
- </para>
- </listitem>
- <listitem>
- <para>
- Mention the PCRS option letters T and D in the filter section.
- </para>
- </listitem>
- <listitem>
- <para>
- Clarify that handle-as-empty-doc-returns-ok is still useful
- and will not be removed without replacement.
+ Make the second pcrs job of the img-reorder filter greedy again.
+ The ungreedy version broke the img tags on:
+ https://bulk.fefe.de/scalability/.
</para>
</listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Privoxy-Log-Parser:
+ <itemizedlist>
<listitem>
<para>
- Note that security issues shouldn't be reported using the bug tracker.
+ Highlight a few more messages.
</para>
</listitem>
<listitem>
<para>
- Clarify what Privoxy does if both +block{} and +redirect{} apply.
+ Clarify the --statistics output. The shown "Reused connections"
+ are server connections so name them appropriately.
</para>
</listitem>
<listitem>
<para>
- Removed the obsolete bookmarklets section.
+ Bump version to 0.9.3.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
- Build system improvements:
+ Privoxy-Regression-Test:
<itemizedlist>
<listitem>
<para>
- Let --with-group properly deal with secondary groups.
- Patch submitted by Anatoly Arzhnikov in #3615187.
+ Add the --check-bad-ssl option to the --help output.
</para>
</listitem>
<listitem>
<para>
- Fix web-actions target.
+ Bump version to 0.7.3.
</para>
- </listitem>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Documentation:
+ <itemizedlist>
<listitem>
<para>
- Add a web-faq target that only updates the FAQ on the webserver.
+ Add pushing the created tag to the release steps in the developer manual.
</para>
</listitem>
<listitem>
<para>
- Remove already-commented-out non-portable DOSFILTER alternatives.
+ Clarify that 'debug 32768' should be used in addition to the other debug
+ directives when reporting problems.
</para>
- </listitem>
+ </listitem>
<listitem>
<para>
- Remove the obsolete targets dok-put and dok-get.
+ Add a 'Third-party licenses and copyrights' section to the user manual.
</para>
</listitem>
- <listitem>
- <para>
- Add a sf-shell target.
- </para>
- </listitem>
</itemizedlist>
</para>
</listitem>