values above FD_SETSIZE are properly rejected. Previously they
could cause memory corruption in configurations that allowed
the limit to be reached.
+ - Proxy authentication headers are removed unless the new directive
+ enable-proxy-authentication-forwarding is used. Forwarding the
+ headers potentially allows malicious sites to trick the user
+ into providing them with login information.
+ Reported by Chris John Riley.
- Compiles on OS/2 again now that unistd.h is only included
on platforms that have it.
projects / privoxy.git / blobdiff