X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ChangeLog;h=eb8db93880b0a987aa7bd9f2877d0c0277fc6fa9;hp=9f66a97c333bf373a7c24883ffcd51fe304c0710;hb=d486c52f2b5449a77d99ff836f51b29e7ca70717;hpb=e807796b088ae171406ada5fcbf0731f61572f8c

diff --git a/ChangeLog b/ChangeLog
index 9f66a97c..eb8db938 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -16,12 +16,36 @@ ChangeLog for Privoxy
 - Not enabling limit-connect now allows CONNECT requests to all ports.
   In previous versions it would only allow CONNECT requests to port 443.
   Use +limit-connect{443} if you think you need the old default behaviour.
+- The CGI editor gets turned off after three edit requests with invalid
+  file modification timestamps. This makes life harder for attackers
+  who can leverage browser bugs to send fake Referers and intend to
+  brute-force edit URLs.
+- Action settings for multiple patterns in the same section are
+  shared in memory. As a result these sections take up less space
+  (and are loaded slightly faster). Problem reported by Franz Schwartau.
+- Host information is gathered outside the main thread so it's less
+  likely to delay other incoming connections if the host is misconfigured.
+- New config option "hostname" to use a hostname other than
+  the one returned by the operating system. Useful to speed-up responses
+  for CGI requests on misconfigured systems. Requested by Max Khon.
+- The CGI editor supports the "disable all filters of this type"
+  directives "-client-header-filter", "-server-header-filter",
+  "-client-header-tagger" and "-server-header-tagger".
 - Fixed false-positives with the link-by-url filter and URLs that
   contain the pattern "/jump/".
 - The less-download-windows filter no longer messes
   "Content-Type: application/x-shockwave-flash" headers up.
 - In the show-url-info page's "Final results" section active and
   inactive actions are listed separately. Patch provided by Lee.
+- The GNUmakefile supports the DESTDIR variable. Patch for
+  the install target submitted by Radoslaw Zielinski.
+- The obsolete kill-popups action has been removed as the
+  PCRS-based popup filters can do the same and are less
+  unreliable.
+- The inspect-jpegs action has been removed.
+- The send-wafer and send-vanilla-wafer actions have been removed.
+  They weren't particular useful and their behaviour could be emulated
+  with add-header anyway.
 
 *** Version 3.0.8 ***