X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fwebserver%2Fannounce.txt;h=c56d0d1172ef9950ecaffe87085f86b4ec55bb79;hb=61a5d3fc15169d9f6b0c21e3a56d893f4d672eb4;hp=efaacd945da96c9383c6fce86a729dad40fd41ad;hpb=e70516eff50a1c3bd6002e2ec89ad12c7195afda;p=privoxy.git diff --git a/doc/webserver/announce.txt b/doc/webserver/announce.txt index efaacd94..c56d0d11 100644 --- a/doc/webserver/announce.txt +++ b/doc/webserver/announce.txt @@ -1,146 +1,306 @@ - Announcing Privoxy v.3.0.11 ------------------------------------------------------------------ - -3.0.11 is a stable release which includes many enhancements but no major -new features. The most prominent new feature is "keep-alive" support for -outgoing connections. + Announcing Privoxy 3.0.33 stable +-------------------------------------------------------------------- -See http://www.privoxy.org/3.0.11/user-manual/whatsnew.html for details. +Privoxy 3.0.33 fixes an XSS issue, multiple DoS issues and a +couple of other bugs. The issues also affect earlier Privoxy releases. +Privoxy 3.0.33 also comes with a couple of general improvements and +new features. -------------------------------------------------------------------- -ChangeLog for Privoxy +ChangeLog for Privoxy 3.0.33 -------------------------------------------------------------------- +- Security/Reliability: + - cgi_error_no_template(): Encode the template name to prevent + XSS (cross-site scripting) when Privoxy is configured to servce + the user-manual itself. + Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543. + Reported by: Artem Ivanov + - get_url_spec_param(): Free memory of compiled pattern spec + before bailing. + Reported by Joshua Rogers (Opera) who also provided the fix. + Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540. + - process_encrypted_request_headers(): Free header memory when + failing to get the request destination. + Reported by Joshua Rogers (Opera) who also provided the fix. + Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541. + - send_http_request(): Prevent memory leaks when handling errors + Reported by Joshua Rogers (Opera) who also provided the fix. + Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542. + +- Bug fixes: + - handle_established_connection(): Skip the poll()/select() calls + if TLS data is pending on the server socket. The TLS library may + have already consumed all the data from the server response in + which case poll() and select() will not detect that data is + available to be read. + Fixes SF bug #926 reported by Wen Yue. + - continue_https_chat(): Update csp->server_connection.request_sent + after sending the request to make sure the latency is calculated + correctly. Previously https connections were not reused after + timeout seconds after the first request made on the connection. + - free_pattern_spec(): Don't try to free an invalid pointer + when unloading an action file with a TAG pattern while + Privoxy has been compiled without FEATURE_PCRE_HOST_PATTERNS. + Closes: SF patch request #147. Patch by Maxim Antonov. + - Adjust build_request_line() to create a CONNECT request line when + https-inspecting and forwarding to a HTTP proxy. + Fixes SF bug #925 reported by Wen Yue. + - load_config(): Add a space that was missing in a log message. + - read_http_request_body(): Fix two error messages that used an + incorrect variable. + - If the the response is chunk-encoded, ignore the Content-Length + header sent by the server. + Allows to load https://redmine.lighttpd.net/ with filtering enabled. + +- General improvements: + - Allow to edit the add-header action through the CGI editor by + generalizing the code that got added with the suppress-tag action. + Closes SF patch request #146. Patch by Maxim Antonov. + - Add a CGI handler for /wpad.dat that returns a + Proxy Auto-Configuration (PAC) file. + Among other things, it can be used to instruct clients + through DHCP to use Privoxy as proxy. + For example with the dnsmasq option: + dhcp-option=252,http://config.privoxy.org/wpad.dat + Initial patch by Richard Schneidt. + - Don't log the applied actions in process_encrypted_request() + Log them in continue_https_chat() instead to mirror chat(). + Prevents the applied actions from getting logged twice + for the first request on an https-inspected connection. + - OpenSSL generate_host_certificate(): Use config.privoxy.org as Common Name + Org and Org Unit if the real host name is too long to get accepted by OpenSSL. + Clients should only care about the Subject Alternative Name + anyway and we can continue to use the real host name for it. + Reported by Miles Wen on privoxy-users@. + - Establish the TLS connection with the client earlier and decide + how to route the request afterwards. This allows to change the + forwarding settings based on information from the https-inspected + request, for example the path. + - listen_loop(): When shutting down gracefully, close listening ports + before waiting for the threads to exit. Allows to start a second + Privoxy with the same config file while the first Privoxy is still + running. + - serve(): Close the client socket as well if the server socket + for an inspected connection has been closed. Privoxy currently + can't establish a new server connection when the client socket + is reused and would drop the connection in continue_https_chat() + anyway. + - Don't disable redirect checkers in redirect_url(). + Disable them in handle_established_connection() instead. + Doing it in redirect_url() prevented the +redirect{} and + +fast-redirects{} actions from being logged with LOG_LEVEL_ACTIONS. + - handle_established_connection(): Slightly improve a comment. + - handle_established_connection(): Fix a comment. + - socks5_connect(): Fix indentation. + - handle_established_connection(): Improve an error message. + - create_pattern_spec(): Fix ifdef indentation. + - Fix comment typos. + - process_encrypted_request(): Improve a log message. + The function only processes request headers and there + may still be unread request body data left to process. + - chat(): Log the applied actions before deciding how to forward the request. + - parse_time_header(): Silence a coverity complaint when building without assertions. + - receive_encrypted_request_headers(): Improve a log message. + - mbedTLS get_ciphersuites_from_string(): Use strlcpy() instead of strncpy(). + Previously the terminating NUL wasn't copied which resulted + in a compiler warning. This didn't cause actual problems as + the target buffer was initialized by zalloc_or_die() so the + last byte of the target buffer was NUL already. + Actually copying the terminating NUL seems clearer, though. + - Remove compiler warnings. "log_error(LOG_LEVEL_FATAL, ..." + doesn't return but apparently the compiler doesn't know that. + Get rid of several "this statement may fall through + [-Wimplicit-fallthrough=]" warnings. + - Store the PEM certificate in a dynamically allocated buffer + when https-inspecting. Should prevent errors like: + 2021-03-16 22:36:19.148 7f47bbfff700 Error: X509 PEM cert len 16694 is larger than buffer len 16383 + As a bonus it should slightly reduce the memory usage as most + certificates are smaller than the previously used fixed buffer. + Reported by: Wen Yue + - OpenSSL generate_host_certificate(): Fix two error messsages. + - Improve description of handle_established_connection() + - OpenSSL ssl_store_cert(): Translate EVP_PKEY_EC to a string. + - OpenSSL ssl_store_cert(): Remove pointless variable initialization. + - OpenSSL ssl_store_cert(): Initialize pointer with NULL instead of 0. + +- Action file improvements: + - Disable fast-redirects for .microsoftonline.com/. + - Disable fast-redirects for idp.springer.com/. + - Disable fast-redirects for .zeit.de/zustimmung. + - Unblock adv-archiv.dfn-cert.de/. + - Block requests to eu-tlp01.kameleoon.eu/. + - Block requests to fpa-events.arstechnica.com/. + - Unblock nlnet.nl/. + - Unblock adguard.com/. + +- Privoxy-Log-Parser: + - Highlight 'Socket timeout 3 reached: http://127.0.0.1:20000/no-filter/chunked-content/36'. + - Improve documentation for inactivity-detection mode. + - Detect date changes when looking for inactivity. + - Add a --passed-request-statistics-threshold option + that can be set to get statistics for requests that + were passed. + - Add a "inactivity detection" mode which can be useful + for debugging purposes. + - Bump version to 0.9.4. + - Only run print_intro() and print_outro() when syntax highlighting. + - Rephrase a sentence in the documentation. + - Highlight 'Client socket 7 is no longer usable. The server socket has been closed.'. + - Clarify --statistics output by explicitly mentioning that + the status codes sent by the server may differ from the ones + in "debug 512" messages. + - Fix typo in the --statistics output. + - Remove an unused variable. + - Highlight 'The peer notified us that the connection on socket 11 is going to be closed'. + +- Privoxy-Regression-Test: + - Remove duplicated word in a comment. + +- regression-tests.action: + - Add fetch test for http://p.p/wpad.dat. + - Bump for-privoxy-version to 3.0.33 which introduced the wpad.dat support. + - Add more tests for the '/send-banner' code. + - Add test for OVE-20210203-0001. + - Add a test for CVE-2021-20217. -*** Version 3.0.11 *** - -- On most platforms, outgoing connections can be kept alive and - reused if the server supports it. Whether or not this improves - things depends on the connection. -- When dropping privileges, membership in supplementary groups - is given up as well. Not doing that can lead to Privoxy running - with more rights than necessary and violates the principle of - least privilege. Users of the --user option are advised to update. - Thanks to Matthias Drochner for reporting the problem, - providing the initial patch and testing the final version. -- Passing invalid users or groups with the --user option - didn't lead to program exit. Regression introduced in 3.0.7. -- The match all section has been moved from default.action - to a new file called match-all.action. As a result the - default.action no longer needs to be touched by the user - and can be safely overwritten by updates. -- The standard.action file has been removed. Its content - is now part of the default.action file. -- In some situations the logged content length was slightly too low. -- Crunched requests are logged with their own log level. - If you used "debug 1" in the past, you'll probably want - to additionally enable "debug 1024", otherwise only passed - requests will be logged. If you only care about crunched - requests, simply replace "debug 1" with "debug 1024". -- The crunch reason has been moved to the beginning of the - crunch message. For HTTP URLs, the protocol is logged as well. -- Log messages are shortened by printing the thread id on its - own (as opposed to putting it inside the string "Privoxy()"). -- The config option socket-timeout has been added to control - the time Privoxy waits for data to arrive on a socket. -- Support for remote toggling is controlled by the configure - option --disable-toggle only. In previous versions it also - depended on the action editor and thus configuring with the - --disable-editor option would disable remote toggling support - as well. -- Requests with invalid HTTP versions are rejected. -- The template symbol @date@ can be used to include a date(1)-like - time string. Initial patch submitted by Endre Szabo. -- Responses from shoutcast servers are accepted again. - Problem reported and fix suggested by Stefan. -- The hide-forwarded-for-headers action has been replaced with - the change-x-forwarded-for{} action which can also be used to - add X-Forwarded-For headers. The latter functionality already - existed in Privoxy versions prior to 3.0.7 but has been removed - as it was often used unintentionally (by not using the - hide-forwarded-for-headers action). -- A "clear log" view option was added to the mingw32 version - to clear out all of the lines in the Privoxy log window. - Based on a patch submitted by T Ford. -- The mingw32 version uses "critical sections" now, which prevents - log message corruption under load. As a side effect, the - "no thread-safe PRNG" warning could be removed as well. -- The mingw32 version's task bar icon is crossed out and - the color changed to gray if Privoxy is toggled off. +- uagen: + - Bump generated Firefox version to 91 (ESR). + - Bump version to 1.2.3. + - Bump copyright. + +- Build system: + - configure: Bump SOURCE_DATE_EPOCH. + - GNUmakefile.in: Fix typo. + - configure: Add another warning in case --disable-pthread + is used while POSIX threads are available. + Various features don't even compile when not using threads. + - Add configure option to enable MemorySanitizer. + - Add configure option to enable UndefinedBehaviorSanitizer. + - Add configure option to enable AddressSanitizer. + - Bump copyright. + - Add a configure option to disable pcre JIT compilation. + While JIT compilation makes filtering faster it can + cause false-positive valgrind complaints. + As reported by Gwyn Ciesla in SF bug 924 it also can + cause problems when the SELinux policy does not grant + Privoxy "execmem" privileges. + - configure: Remove obsolete RPM_BASE check. + +- Windows build system: + - Update the build script to use mbed tls version 2.6.11. + - Update build script to use the final 8.45 pcre library. + - Put all the '--enable-xxx' options in the configure call together. + +- macOS build system: + - The OSXPackageBuilder repository has been updated and + can be used to create macOS packages again. + +- Documentation: + - contacting: Remove obsolete reference to announce.sgml. + - contacting: Request that the browser cache is cleared before + producing a log file for submission. + - Sponsor FAQ: Note that Privoxy users may follow sponsor links + without Referer header set. + - newfeatures: Clarify that https inspection also allows to + filter https responses. + - developer-manual: Mention that announce.txt should be updated + when doing a release. + - config: Explicitly mention that the CGI pages disclosing the + ca-password can be blocked and upgrade the disclosure paragraphs + to a warning. + - Put all the requested debug options in the config file. + Section 11.1 of the Privoxy user manual lists all the debug + options that should be enabled when reporting problems or requesting support. + Make it easier for users to do the right thing by having all those + options present in the config. + - Update TODO list item #184 to note that WolfSSL support will + (hopefully) appear after the 3.0.34 release. + - Update max-client-connections's description. + On modern systems other than Windows Privoxy should + use poll() in which case the FD_SETSIZE value isn't + releveant. + - Add a warning that the socket-timeout does not apply + to operations done by TLS libraries. + - Make documentation slightly less "offensive" for some people + by avoiding the word "hell". ----------------------------------------------------------------- About Privoxy: ----------------------------------------------------------------- -Privoxy is a web proxy with advanced filtering capabilities for -protecting privacy, modifying web page data, managing cookies, -controlling access, and removing ads, banners, pop-ups and other -obnoxious Internet junk. Privoxy has a very flexible -configuration and can be customized to suit individual needs -and tastes. Privoxy has application for both stand-alone systems -and multi-user networks. +Privoxy is a non-caching web proxy with advanced filtering capabilities for +enhancing privacy, modifying web page data and HTTP headers, controlling +access, and removing ads and other obnoxious Internet junk. Privoxy has a +flexible configuration and can be customized to suit individual needs and +tastes. It has application for both stand-alone systems and multi-user +networks. -Privoxy is based on Internet Junkbuster (tm). +Privoxy is Free Software and licensed under the GNU GPLv2. -At present, Privoxy is known to run on Windows(95, 98, ME, 2000, -XP, Vista), Linux (Ubuntu, RedHat, SuSE, Debian, Fedora, Gentoo and -others), Mac OSX, OS/2, AmigaOS, FreeBSD, NetBSD, OpenBSD, Solaris, and -various other flavors of Unix. +Our TODO list is rather long. Helping hands and donations are welcome: -In addition to the core features of ad blocking and cookie management, Privoxy provides many supplemental features, that give the end-user more control, more privacy and more freedom: + * https://www.privoxy.org/participate + * https://www.privoxy.org/donate - * Can keep outgoing connections alive and reuse them later on. +At present, Privoxy is known to run on Windows 95 and later versions +(98, ME, 2000, XP, Vista, Windows 7, Windows 10 etc.), GNU/Linux +(RedHat, SuSE, Debian, Fedora, Gentoo, Slackware and others), +Mac OS X (10.4 and upwards on PPC and Intel processors), Haiku, +DragonFly, ElectroBSD, FreeBSD, NetBSD, OpenBSD, Solaris, +and various other flavors of Unix. - * Supports tagging which allows to change the behaviour based on client - and server headers. +In addition to the core features of ad blocking and cookie management, +Privoxy provides many supplemental features, that give the end-user +more control, more privacy and more freedom: - * Can be run as an "intercepting" proxy, which obviates the need to - configure browsers individually. + * Supports "Connection: keep-alive". Outgoing connections can be kept + alive independently from the client. Currently not available on all + platforms. - * Sophisticated actions and filters for manipulating both server and - client headers. + * Supports IPv6, provided the operating system does so too, + and the configure script detects it. - * Can be chained with other proxies. + * Supports tagging which allows to change the behaviour based on client + and server headers. - * Integrated browser based configuration and control utility at - http://config.privoxy.org/ (shortcut: http://p.p/). Browser-based - tracing of rule and filter effects. Remote toggling. + * Supports https inspection which allows to filter https requests. - * Web page filtering (text replacements, removes banners based on size, - invisible "web-bugs", JavaScript and HTML annoyances, pop-up windows, - etc.) + * Can be run as an "intercepting" proxy, which obviates the need to + configure browsers individually. - * Modularized configuration that allows for standard settings and user - settings to reside in separate files, so that installing updated actions - files won't overwrite individual user settings. + * Sophisticated actions and filters for manipulating both server and + client headers. - * Support for Perl Compatible Regular Expressions in the configuration - files, and a more sophisticated and flexible configuration syntax. + * Can be chained with other proxies. - * Improved cookie management features (e.g. session based cookies). + * Integrated browser based configuration and control utility at + http://config.privoxy.org/ (shortcut: http://p.p/). Browser-based + tracing of rule and filter effects. Remote toggling. - * GIF de-animation. + * Web page filtering (text replacements, removes banners based on size, + invisible "web-bugs" and HTML annoyances, etc.) - * Bypass many click-tracking scripts (avoids script redirection). + * Modularized configuration that allows for standard settings and user + settings to reside in separate files, so that installing updated actions + files won't overwrite individual user settings. - * Multi-threaded (POSIX and native threads). + * Support for Perl Compatible Regular Expressions in the configuration + files, and a more sophisticated and flexible configuration syntax. - * User-customizable HTML templates for most proxy-generated pages (e.g. - "blocked" page). + * GIF de-animation. - * Auto-detection and re-reading of config file changes. + * Bypass many click-tracking scripts (avoids script redirection). - * Improved signal handling, and a true daemon mode (Unix). - - * Every feature now controllable on a per-site or per-location basis, - configuration more powerful and versatile over-all. + * User-customizable HTML templates for most proxy-generated pages (e.g. + "blocked" page). + + * Auto-detection and re-reading of config file changes. + * Most features are controllable on a per-site or per-location basis. -Download location: - http://sourceforge.net/project/showfiles.php?group_id=11118 - -Home Page: - http://www.privoxy.org/ +Home Page: + https://www.privoxy.org/ - - Privoxy Developers + - Privoxy Developers