+*** Version 3.0.12 (UNRELEASED) ***
+
+- The socket-timeout option now also works on platforms whose
+ select() implementation modifies the timeout structure.
+ Previously the timeout was triggered even if the connection
+ didn't stall. Reported by cyberpatrol.
+- The Connection: keep-alive code properly deals with files
+ larger than 2GB. Previously the connection was closed too
+ early.
+- The content length for files above 2GB is logged correctly.
+- The user-manual directive on the show-status page links to
+ the documentation location specified with the directive,
+ not to the Privoxy website.
+- The show-status page prints warnings about invalid directives
+ on the same line as the directives themselves.
+- Fixed several justified (but harmless) compiler warnings,
+ mostly on 64 bit platforms.
+- The mingw32 version explicitly requests the default charset
+ to prevent display problems with some fonts available on more
+ recent Windows versions. Patch by Burberry.
+- The mingw32 version uses the Privoxy icon in the alt-tab
+ windows. Patch by Burberry.
+- The timestamp and the thread id is omitted in the "Fatal error"
+ message box on mingw32.
+- Fixed two related mingw32-only buffer overflows. Triggering
+ them required control over the configuration file, therefore
+ this isn't seen as a security issue.
+- In verbose mode, or if the new option --show-skipped-tests
+ is used, Privoxy-Regression-Test logs skipped tests and the
+ skip reason.
+
+*** Version 3.0.11 ***
+
+- On most platforms, outgoing connections can be kept alive and
+ reused if the server supports it. Whether or not this improves
+ things depends on the connection.
+- When dropping privileges, membership in supplementary groups
+ is given up as well. Not doing that can lead to Privoxy running
+ with more rights than necessary and violates the principle of
+ least privilege. Users of the --user option are advised to update.
+ Thanks to Matthias Drochner for reporting the problem,
+ providing the initial patch and testing the final version.
+- Passing invalid users or groups with the --user option
+ didn't lead to program exit. Regression introduced in 3.0.7.
+- The match all section has been moved from default.action
+ to a new file called match-all.action. As a result the
+ default.action no longer needs to be touched by the user
+ and can be safely overwritten by updates.
+- The standard.action file has been removed. Its content
+ is now part of the default.action file.
+- In some situations the logged content length was slightly too low.