Privoxy 3.0.23 stable is a bug-fix release, some of the fixed bugs are security issues (CVE requests pending): Bug fixes: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled (the default) they could previously cause Privoxy to abort(). Reported by Matthew Daley. Fixed multiple segmentation faults and memory leaks in the pcrs code. This fix also increases the chances that an invalid pcrs command is rejected as such. Previously some invalid commands would be loaded without error. Note that Privoxy's pcrs sources (action and filter files) are considered trustworthy input and should not be writable by untrusted third-parties. Fixed an 'invalid read' bug which could at least theoretically cause Privoxy to crash. So far, no crashes have been observed. Compiles with --disable-force again. Reported by Kay Raven. Client requests with body that can't be delivered no longer cause pipelined requests behind them to be rejected as invalid. Reported by Basil Hussain. General improvements: If a pcrs command is rejected as invalid, Privoxy now logs the cause of the problem as text. Previously the pcrs error code was logged. The tests are less likely to cause false positives. Action file improvements: '.sify.com/' is no longer blocked. Apparently it is not actually a pure tracking site (anymore?). Reported by Andrew on ijbswa-users@. Unblock banners on .amnesty.de/ which aren't ads. Documentation improvements: The 'Would you like to donate?' section now also contains a "Paypal" address. The list of supported operating systems has been updated. The existence of the SF support and feature trackers has been deemphasized because they have been broken for months. Most of the time the mailing lists still work. The claim that default.action updates are sometimes released on their own has been removed. It hasn't happened in years. Explicitly mention that Tor's port may deviate from the default when using a bundle. Requested by Andrew on ijbswa-users@.