privoxy for Debian
==================
-- enable-edit-actions and enable-remote-toggle are disabled in the
- Debian package for security reasons, because these options allow
- every user of your privoxy to change its configuration. If you still
- want to use these features, you can enable them in
- /etc/privoxy/config and do a "/etc/init.d/privoxy restart".
+- enable-edit-actions, enable-remote-toggle, and
+ enable-remote-http-toggle are disabled in the Debian package for
+ security reasons, because these options allow every user of your
+ privoxy to change its configuration. Except this there exist
+ exploits using Java and/or JavaScript that tell your browser to send
+ out requests for disabling the proxy or the filtering, which may
+ compromise your anonymity. If you still want to use these features,
+ you can enable them in /etc/privoxy/config and do a
+ "/etc/init.d/privoxy restart".
+
+- Comment "debug 1" from default configuration, so GET/POST/CONNECT
+ requests are no longer logged by default to protect your privacy a
+ bit more.
- Experimental IPv6 support patch is available in the source package
but currently disabled because of too many side effects and bugs.
editable again.
Roland Rosenfeld <roland@debian.org>
-$Id: README.Debian,v 1.6 2006-11-12 11:34:59 roland Exp $
+$Id: README.Debian,v 1.7 2007-10-21 10:07:04 roland Exp $
-privoxy (3.0.7~CSV20071014-0.1) UNRELEASED; urgency=low
+privoxy (3.0.7~CSV20071021-0.1) UNRELEASED; urgency=low
- * CVS as of 2007-10-14.
+ * CVS as of 2007-10-21.
* Enable new zlib feature (Closes: #368448):
- build-depend on zlib1g-dev
- disable prevent-compression in 25_standard_medium.dpatch
doesn't like these.
* 32_faq_ulinkfix: Fix ulink parameter.
- -- Roland Rosenfeld <roland@debian.org> Sun, 14 Oct 2007 17:45:59 +0200
+ -- Roland Rosenfeld <roland@debian.org> Sun, 21 Oct 2007 14:05:00 +0200
+
+privoxy (3.0.6-4) unstable; urgency=low
+
+ * Set "enable-remote-http-toggle 0" by default because otherwise
+ requests may be able to bypass filtering by setting "X-Filter: No"
+ headers using some strange javascript code.
+ * Disable default logging of every GET/POST/CONNECT request to protect
+ your privacy a bit more.
+ * 05_defaut_action: Stop blocking Andorra ccTLD (.ad) (Closes: #445461).
+ * Run make clean/distclean only if GNUmakefile exists in debian/rules.
+
+ -- Roland Rosenfeld <roland@debian.org> Sun, 21 Oct 2007 12:47:51 +0200
privoxy (3.0.6-3) unstable; urgency=low
diff -urNad privoxy~/default.action.master privoxy/default.action.master
--- privoxy~/default.action.master
+++ privoxy/default.action.master
-@@ -1823,6 +1823,11 @@
+@@ -598,6 +598,8 @@
+ .*[epu]ad*.
+ county*.
+ countr*.
++#MASTER# Do not block Andorra ccTLD:
++.ad
+
+ #############################################################################
+ # Generic block patterns by path:
+@@ -1823,6 +1825,11 @@
{+filter{tiny-textforms} +prevent-compression}
.sourceforge.net/tracker
#
# 2.3. actionsfile
+@@ -575,7 +575,7 @@
+ # If you want to use CLF (Common Log Format), you should set
+ # "debug 512" ONLY and not enable anything else.
+ #
+-debug 1 # show each GET/POST/CONNECT request
++#debug 1 # show each GET/POST/CONNECT request
+ debug 4096 # Startup banner and warnings
+ debug 8192 # Errors - *we highly recommended enabling this*
+
@@ -735,7 +735,7 @@
# Note that you must have compiled Privoxy with support for this
# feature, otherwise this option has no effect.
#
# 4.4. enable-remote-http-toggle
+@@ -770,7 +770,7 @@
+ # untrustworthy clients and want to enforce filtering, you will
+ # have to disable this option, otherwise you can ignore it.
+ #
+-enable-remote-http-toggle 1
++enable-remote-http-toggle 0
+
+ #
+ # 4.5. enable-edit-actions
@@ -803,7 +803,7 @@
# Note that you must have compiled Privoxy with support for this
# feature, otherwise this option has no effect.
#!/usr/bin/make -f
#
-# (C) 2002-2006 Roland Rosenfeld <roland@debian.org>, based on
+# (C) 2002-2007 Roland Rosenfeld <roland@debian.org>, based on
# Sample debian/rules that uses debhelper.
# This file is public domain software, originally written by Joey Hess.
dh_testroot
rm -f build-stamp configure-stamp
- -$(MAKE) clean
- -$(MAKE) distclean
+ [ ! -f GNUmakefile ] || $(MAKE) clean
+ [ ! -f GNUmakefile ] || $(MAKE) distclean
rm -f configure config.h GNUmakefile
rm -f privoxy.8