<!--
- File : $Source: /cvsroot/ijbswa/current/doc/source/changelog.sgml,v $
+ File : doc/source/changelog.sgml
Purpose : Entity included in other project documents.
- $Id: changelog.sgml,v 2.10 2014/11/18 14:22:17 fabiankeil Exp $
-
- Copyright (C) 2013 Privoxy Developers http://www.privoxy.org/
+ Copyright (C) 2013-2018 Privoxy Developers https://www.privoxy.org/
See LICENSE.
======================================================================
user-manual
-->
-<para>
- <application>Privoxy 3.0.23</application> stable is a bug-fix release,
- some of the fixed bugs are security issues (CVE requests pending):
-</para>
<!--
The SGML ChangeLog can be generated with: utils/changelog2doc.pl ChangeLog
-->
-<para>
<para>
+ <application>Privoxy 3.0.26</application> stable is a bug-fix release
+ for the previously released 3.0.25 beta which introduced client-specific
+ tags and included a couple of minor improvements.
+</para>
+
<itemizedlist>
<listitem>
<para>
Bug fixes:
+ </para>
<itemizedlist>
<listitem>
<para>
- Fixed a DoS issue in case of client requests with incorrect
- chunk-encoded body. When compiled with assertions enabled
- (the default) they could previously cause Privoxy to abort().
- Reported by Matthew Daley.
+ Fixed crashes with "listen-addr :8118" (SF Bug #902).
+ The regression was introduced in 3.0.25 beta and reported
+ by Marvin Renich in Debian bug #834941.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ General improvements:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Log when privoxy is toggled on or off via cgi interface.
</para>
</listitem>
<listitem>
<para>
- Fixed multiple segmentation faults and memory leaks in the
- pcrs code. This fix also increases the chances that an invalid
- pcrs command is rejected as such. Previously some invalid commands
- would be loaded without error. Note that Privoxy's pcrs sources
- (action and filter files) are considered trustworthy input and
- should not be writable by untrusted third-parties.
+ Highlight the "Info: Now toggled " on/off log message
+ in the Windows log viewer.
</para>
</listitem>
<listitem>
<para>
- Fixed an 'invalid read' bug which could at least theoretically
- cause Privoxy to crash. So far, no crashes have been observed.
+ Highlight the loading actions/filter file log message
+ in the Windows log viewer.
</para>
</listitem>
<listitem>
<para>
- Compiles with --disable-force again. Reported by Kay Raven.
+ Mention client-specific tags on the toggle page as a
+ potentionally more appropriate alternative.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Documentation improvements:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Update download section on the homepage.
+ The downloads are available from the website now.
</para>
</listitem>
<listitem>
<para>
- Client requests with body that can't be delivered no longer
- cause pipelined requests behind them to be rejected as invalid.
- Reported by Basil Hussain.
+ Add sponsor FAQ.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove obsolete reference to mailing lists hosted at SourceForge.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Update the "Before the Release" section of the developer manual.
</para>
</listitem>
</itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Infrastructure improvements:
</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Add perl script to generate an RSS feed for the packages
+ Submitted by "Unknown".
+ </para>
+ </listitem>
+ </itemizedlist>
</listitem>
<listitem>
<para>
- General improvements:
+ Build system improvements:
+ </para>
<itemizedlist>
<listitem>
<para>
- If a pcrs command is rejected as invalid, Privoxy now logs
- the cause of the problem as text. Previously the pcrs error
- code was logged.
+ strptime.h: fix a compiler warning about ambiguous else.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ configure.in: Check for Docbook goo on the BSDs as well.
</para>
</listitem>
<listitem>
<para>
- The tests are less likely to cause false positives.
+ GNUMakefile.in: Let the dok-user target remove temporary files.
</para>
</listitem>
</itemizedlist>
+ </listitem>
+ </itemizedlist>
+
+<para>
+ Changes between <application>Privoxy 3.0.25 beta</application>
+ and the previous release:
+</para>
+
+ <itemizedlist>
+ <listitem>
+ <para>
+ Bug fixes:
</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Always use the current toggle state for new requests.
+ Previously new requests on reused connections inherited
+ the toggle state from the previous request even though
+ the toggle state could have changed.
+ Reported by Robert Klemme.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Fixed two buffer-overflows in the (deprecated) static
+ pcre code. These bugs are not considered security issues
+ as the input is trusted.
+ Found with afl-fuzz and ASAN.
+ </para>
+ </listitem>
+ </itemizedlist>
</listitem>
<listitem>
<para>
- Action file improvements:
+ General improvements:
+ </para>
<itemizedlist>
<listitem>
<para>
- '.sify.com/' is no longer blocked. Apparently it is not actually
- a pure tracking site (anymore?). Reported by Andrew on ijbswa-users@.
+ Added support for client-specific tags which allow Privoxy
+ admins to pre-define tags that are set for all requests from
+ clients that previously opted in through the CGI interface.
+ They are useful in multi-user setups where admins may
+ want to allow users to disable certain actions and filters
+ for themselves without affecting others.
+ In single-user setups they are useful to allow more fine-grained
+ toggling. For example to disable request blocking while still
+ crunching cookies, or to disable experimental filters only.
+ This is an experimental feature, the syntax and behaviour may
+ change in future versions.
+ Sponsored by Robert Klemme.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Dynamic filters and taggers now support a $listen-address variable
+ which contains the address the request came in on.
+ For external filters the variable is called $PRIVOXY_LISTEN_ADDRESS.
+ Original patch contributed by pursievro.
</para>
</listitem>
<listitem>
<para>
- Unblock banners on .amnesty.de/ which aren't ads.
+ Add client-header-tagger 'listen-address'.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Include the listen-address in the log message when logging new requests.
+ Patch contributed by pursievro.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Turn invalid max-client-connections values into fatal errors.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The show-status page now shows whether or not dates before 1970
+ and after 2038 are expected to be handled properly.
+ This is mainly useful for Privoxy-Regression-Test but could
+ also come handy when dealing with time-related support requests.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ On Mac OS X the thread id in log messages are more likely to
+ be unique now.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ When complaining about missing filters, the filter type is logged
+ as well.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A couple of harmless coverity warnings were silenced
+ (CID #161202, CID #161203, CID #161211).
</para>
</listitem>
</itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Action file improvements:
</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Filtering is disabled for Range requests to let download resumption
+ and Windows updates work with the default configuration.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Unblock ".ardmediathek.de/".
+ Reported by ThTomate in #932.
+ </para>
+ </listitem>
+ </itemizedlist>
</listitem>
<listitem>
<para>
Documentation improvements:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Add FAQ entry for crashes caused by memory limits.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove obsolete FAQ entry about a bug in PHP 4.2.3.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Mention the new mailing lists were appropriate.
+ As the archives have not been migrated, continue to
+ mention the archives at SF in the contacting section
+ for now.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Note that the templates should be adjusted if Privoxy is
+ running as intercepting proxy without getting all requests.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ A bunch of links were converted to https://.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Rephrase onion service paragraph to make it more obvious
+ that Tor is involved and that the whole website (and not
+ just the homepage) is available as onion service.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Streamline the "More information" section on the homepage further
+ by additionally ditching the link to the 'See also' section
+ of the user manual. The section contains mostly links that are
+ directly reachable from the homepage already and the rest is
+ not significant enough to get a link from the homepage.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Change the add-header{} example to set the DNT header
+ and use a complete section to make copy and pasting
+ more convenient.
+ Add a comment to make it obvious that adding the
+ header is not recommended for obvious reasons.
+ Using the DNT header as example was suggested by
+ Leo Wzukw.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Streamline the support-and-service template
+ Instead of linking to the various support trackers
+ (whose URLs hopefully change soon), link to the
+ contact section of the user manual to increase the
+ chances that users actually read it.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Add a FAQ entry for tainted sockets.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ More sections in the documentation have stable URLs now.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ FAQ: Explain why 'ping config.privoxy.org' is not expected
+ to reach a local Privoxy installation.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Note that donations done through Zwiebelfreunde e.V. currently
+ can't be checked automatically.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Updated section regarding starting Privoxy under OS X.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Use dedicated start instructions for FreeBSD and ElectroBSD.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Removed release instructions for AIX. They haven't been working
+ for years and unsurprisingly nobody seems to care.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Removed obsolete reference to the solaris-dist target.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Updated the release instructions for FreeBSD.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Removed unfinished release instructions for Amiga OS and HP-UX 11.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Added a pointer to the Cygwin Time Machine for getting the last release of
+ Cygwin version 1.5 to use for building Privoxy on Windows.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Various typos have been fixed.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Infrastructure improvements:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ The website is no longer hosted at SourceForge and
+ can be reached through https now.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The mailing lists at SourceForge have been deprecated,
+ you can subscribe to the new ones at: https://lists.privoxy.org/
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Migrating the remaining services from SourceForge is
+ work in progress (TODO list item #53).
+ </para>
+ </listitem>
+ </itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Build system improvements:
+ </para>
<itemizedlist>
<listitem>
<para>
- The 'Would you like to donate?' section now also contains
- a "Paypal" address.
+ Add configure argument to optimistically redefine FD_SETSIZE
+ with the intent to change the maximum number of client
+ connections Privoxy can handle. Only works with some libcs.
+ Sponsored by Robert Klemme.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Let the tarball-dist target skip files in ".git".
</para>
</listitem>
<listitem>
<para>
- The list of supported operating systems has been updated.
+ Let the tarball-dist target work in cwds other than current.
</para>
</listitem>
<listitem>
<para>
- The existence of the SF support and feature trackers has been
- deemphasized because they have been broken for months.
- Most of the time the mailing lists still work.
+ Make the 'clean' target faster when run from a git repository.
</para>
</listitem>
<listitem>
<para>
- The claim that default.action updates are sometimes released
- on their own has been removed. It hasn't happened in years.
+ Include tools in the generic distribution.
</para>
</listitem>
<listitem>
<para>
- Explicitly mention that Tor's port may deviate from the default
- when using a bundle. Requested by Andrew on ijbswa-users@.
+ Let the gen-dist target work in cwds other than current.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Sort find output that is used for distribution tarballs
+ to get reproducible results.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Don't add '-src' to the name of the tar ball generated by the
+ gen-dist target. The package isn't a source distribution but a
+ binary package.
+ While at it, use a variable for the name to reduce the chances
+ that the various references get out of sync and fix the gen-upload
+ target which was looking in the wrong directory.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Add regression-tests.action to the files that are distributed.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ The gen-dist target which was broken since 2002 (r1.92) has been fixed.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove genclspec.sh which has been obsolete since 2009.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove obsolete reference to Redhat spec file.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Remove the obsolete announce target which has been commented out years ago.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Let rsync skip files if the checksums match.
</para>
</listitem>
</itemizedlist>
+ </listitem>
+ <listitem>
+ <para>
+ Privoxy-Regression-Test:
</para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Add a "Default level offset" directive which can be used to
+ change the default level by a given value.
+ This directive affects all tests located after it until the end
+ of the file or a another "Default level offset" directive is reached.
+ The purpose of this directive is to make it more convenient to skip
+ similar tests in a given file without having to remove or disable
+ the tests completely.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Let test level 17 depend on FEATURE_64_BIT_TIME_T
+ instead of FEATURE_PTHREAD which has no direct connection
+ to the time_t size.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Fix indentation in perldoc examples.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Don't overlook directives in the first line of the action file.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Bump version to 0.7.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Fix detection of the Privoxy version now that https://
+ is used for the website.
+ </para>
+ </listitem>
+ </itemizedlist>
</listitem>
</itemizedlist>
-</para>
+