X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=doc%2Fwebserver%2Fuser-manual%2Fwhatsnew.html;h=4ee9af9c3faf32560c640a84e11782bcdc7fb448;hp=b501f163a23846ee1e5496c8b73450d2fcd9ccdb;hb=1ced0af6010e7bec3b2594046a6b9b27f7b0559e;hpb=00ff6723cacb0c08cbf3f1044e8639a89ebc23d7 diff --git a/doc/webserver/user-manual/whatsnew.html b/doc/webserver/user-manual/whatsnew.html index b501f163..4ee9af9c 100644 --- a/doc/webserver/user-manual/whatsnew.html +++ b/doc/webserver/user-manual/whatsnew.html @@ -1,523 +1,238 @@ -
There are many improvements and new features in Privoxy 3.0.4 - :
Mulitiple filter files can now be specifed in config. This allows for - locally defined filters that can be maintained separately from the filters as - supplied by the developers. -
- There are a number of new actions: -
redirect -
In addition, fast-redirects - has been significantly improved with enhanced syntax. -
And hide-referrer - has a new option, conditional block. -
MS-Windows versions can now be - installed and - started as a Windows service. -
config has two new options: - enable-remote-http-toggle, - and forwarded-connect-retries. -
And there is improved handling of the user-manual - option, for placing documentation and help files on the local system. -
Actions files problems and suggestions are now being directed to: http://sourceforge.net/tracker/?group_id=11118&atid=460288. - Please use this to report such configuration related problems as missed - ads, sites that don't function properly due to one action or another, - innocent images being blocked, etc. -
In addition, there are various bug fixes and significant enhancements, including - error pages should no longer be cached if the problem is fixed, better DNS - error handling, and various logging improvements. -
A quick list of things to be aware of before upgrading from earlier - versions of Privoxy:
- Some installers may remove earlier versions completely, including - configuration files. Save any important configuration files! -
- On the other hand, some installers may not overwrite any existing configuration - files, thinking you will want to do that. You may want to manually check - your saved files against the newer versions to see if the improvements have - merit, or whether there are new options that you may want to consider. - There are a number of new features, but most won't be available unless - these features are incorporated into your configuration somehow. -
See the full documentation on - fast-redirects - which has changed syntax, and may require adjustments to local configs. -
The jarfile, cookie logger, is off by default now. -
- What constitutes a "default" configuration has changed, - and you may want to review which actions are "on" by - default. This is primarily a matter of emphasis, but some features - you may have been used to, may now be "off" by default. -
- Some installers may not automatically start - Privoxy after installation. -
Privoxy 3.0.23 stable is a bug-fix + release, some of the fixed bugs are security issues (CVE requests + pending):
+ +Bug fixes:
+ +Fixed a DoS issue in case of client requests with incorrect + chunk-encoded body. When compiled with assertions enabled (the + default) they could previously cause Privoxy to abort(). Reported + by Matthew Daley.
+Fixed multiple segmentation faults and memory leaks in the + pcrs code. This fix also increases the chances that an invalid + pcrs command is rejected as such. Previously some invalid + commands would be loaded without error. Note that Privoxy's pcrs + sources (action and filter files) are considered trustworthy + input and should not be writable by untrusted third-parties.
+Fixed an 'invalid read' bug which could at least theoretically + cause Privoxy to crash. So far, no crashes have been + observed.
+Compiles with --disable-force again. Reported by Kai + Raven.
+Client requests with body that can't be delivered no longer + cause pipelined requests behind them to be rejected as invalid. + Reported by Basil Hussain.
+General improvements:
+ +If a pcrs command is rejected as invalid, Privoxy now logs the + cause of the problem as text. Previously the pcrs error code was + logged.
+The tests are less likely to cause false positives.
+Action file improvements:
+ +'.sify.com/' is no longer blocked. Apparently it is not + actually a pure tracking site (anymore?). Reported by Andrew on + ijbswa-users@.
+Unblock banners on .amnesty.de/ which aren't ads.
+Documentation improvements:
+ +The 'Would you like to donate?' section now also contains a + "Paypal" address.
+The list of supported operating systems has been updated.
+The existence of the SF support and feature trackers has been + deemphasized because they have been broken for months. Most of + the time the mailing lists still work.
+The claim that default.action updates are sometimes released + on their own has been removed. It hasn't happened in years.
+Explicitly mention that Tor's port may deviate from the + default when using a bundle. Requested by Andrew on + ijbswa-users@.
+A quick list of things to be aware of before upgrading from earlier + versions of Privoxy:
+ +The recommended way to upgrade Privoxy is to backup your old configuration + files, install the new ones, verify that Privoxy is working correctly and finally merge + back your changes using diff and + maybe patch.
+ +There are a number of new features in each Privoxy release and most of them have to be + explicitly enabled in the configuration files. Old configuration + files obviously don't do that and due to syntax changes using old + configuration files with a new Privoxy isn't always possible anyway.
+Note that some installers remove earlier versions completely, + including configuration files, therefore you should really save any + important configuration files!
+On the other hand, other installers don't overwrite existing + configuration files, thinking you will want to do that + yourself.
+In the default configuration only fatal errors are logged now. + You can change that in the debug + section of the configuration file. You may also want to enable + more verbose logging until you verified that the new Privoxy version is working as expected.
+Three other config file settings are now off by default: + enable-remote-toggle, + enable-remote-http-toggle, + and enable-edit-actions. If you + use or want these, you will need to explicitly enable them, and be + aware of the security issues involved.
+