ChangeLog cosmetics

[privoxy.git] / ChangeLog

diff --git a/ChangeLog b/ChangeLog
index ebcfd22..c7d89a5 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,18 @@
 --------------------------------------------------------------------
 ChangeLog for Privoxy
 --------------------------------------------------------------------
-*** Version 3.0.21 UNRELEASED ***
+*** Version 3.0.21 stable ***
 
 - Bug fixes:
+  - On POSIX-like platforms, network sockets with file descriptor
+    values above FD_SETSIZE are properly rejected. Previously they
+    could cause memory corruption in configurations that allowed
+    the limit to be reached.
+  - Proxy authentication headers are removed unless the new directive
+    enable-proxy-authentication-forwarding is used. Forwarding the
+    headers potentially allows malicious sites to trick the user
+    into providing them with login information.
+    Reported by Chris John Riley.
   - Compiles on OS/2 again now that unistd.h is only included
     on platforms that have it.
 
@@ -13,6 +22,8 @@ ChangeLog for Privoxy
     NULL pointers in debug builds have been relocated.
   - Added an LSB info block to the generic start script.
     Based on a patch from Natxo Asenjo.
+  - The max-client-connections default has been changed to 128
+    which should be more than enough for most setups.
 
 - Action file improvements:
   - Block rover.ebay./ar.*\&adtype= instead of "/.*\&adtype=" which
@@ -20,6 +31,8 @@ ChangeLog for Privoxy
     Reported by u302320 in #360284, additional feedback from Adam Piggott.
   - Unblock '.advrider.com/' and '/.*ADVrider'.
     Anonymously reported in #3603636.
+  - Stop blocking '/js/slider\.js'.
+    Reported by Adam Piggott in #3606635 and _lvm in #2791160.
 
 - Filter file improvements:
   - Added an iframes filter.