- Announcing Privoxy 3.0.30 stable
+ Announcing Privoxy 3.0.31 stable
--------------------------------------------------------------------
-Privoxy 3.0.30 stable fixes a couple of bugs and introduces
-a few new features.
+Privoxy 3.0.31 fixes two security issues that were discovered while
+preparing the 3.0.30 release. The issues also affect earlier Privoxy
+releases.
+
+--------------------------------------------------------------------
+ChangeLog for Privoxy 3.0.31
+--------------------------------------------------------------------
+- Security/Reliability:
+ - Prevent an assertion from getting triggered by a crafted CGI request.
+ Commit 5bba5b89193fa. OVE-20210130-0001.
+ Reported by: Joshua Rogers (Opera)
+ - Fixed a memory leak when decompression fails "unexpectedly".
+ Commit f431d61740cc0. OVE-20210128-0001.
+
+- Bug fixes:
+ - Fixed detection of insufficient data for decompression.
+ Previously Privoxy could try to decompress a partly
+ uninitialized buffer.
--------------------------------------------------------------------
ChangeLog for Privoxy 3.0.30
projects / privoxy.git / blobdiff