From 3b1aa5679211bfdff57aa46cad375ed988ed385a Mon Sep 17 00:00:00 2001 From: Roland Rosenfeld Date: Sun, 21 Oct 2007 12:10:44 +0000 Subject: [PATCH] Merge changes from Debian revision 3.0.6-4. --- debian/README.Debian | 20 ++++++++++++++------ debian/changelog | 18 +++++++++++++++--- debian/patches/05_defaut_action.dpatch | 11 ++++++++++- debian/patches/14_config.dpatch | 18 ++++++++++++++++++ debian/rules | 6 +++--- 5 files changed, 60 insertions(+), 13 deletions(-) diff --git a/debian/README.Debian b/debian/README.Debian index 5506000c..7074d3ba 100644 --- a/debian/README.Debian +++ b/debian/README.Debian @@ -1,11 +1,19 @@ privoxy for Debian ================== -- enable-edit-actions and enable-remote-toggle are disabled in the - Debian package for security reasons, because these options allow - every user of your privoxy to change its configuration. If you still - want to use these features, you can enable them in - /etc/privoxy/config and do a "/etc/init.d/privoxy restart". +- enable-edit-actions, enable-remote-toggle, and + enable-remote-http-toggle are disabled in the Debian package for + security reasons, because these options allow every user of your + privoxy to change its configuration. Except this there exist + exploits using Java and/or JavaScript that tell your browser to send + out requests for disabling the proxy or the filtering, which may + compromise your anonymity. If you still want to use these features, + you can enable them in /etc/privoxy/config and do a + "/etc/init.d/privoxy restart". + +- Comment "debug 1" from default configuration, so GET/POST/CONNECT + requests are no longer logged by default to protect your privacy a + bit more. - Experimental IPv6 support patch is available in the source package but currently disabled because of too many side effects and bugs. @@ -43,4 +51,4 @@ privoxy for Debian editable again. Roland Rosenfeld -$Id: README.Debian,v 1.6 2006-11-12 11:34:59 roland Exp $ +$Id: README.Debian,v 1.7 2007-10-21 10:07:04 roland Exp $ diff --git a/debian/changelog b/debian/changelog index 95e4ab7d..c87ca191 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,6 @@ -privoxy (3.0.7~CSV20071014-0.1) UNRELEASED; urgency=low +privoxy (3.0.7~CSV20071021-0.1) UNRELEASED; urgency=low - * CVS as of 2007-10-14. + * CVS as of 2007-10-21. * Enable new zlib feature (Closes: #368448): - build-depend on zlib1g-dev - disable prevent-compression in 25_standard_medium.dpatch @@ -12,7 +12,19 @@ privoxy (3.0.7~CSV20071014-0.1) UNRELEASED; urgency=low doesn't like these. * 32_faq_ulinkfix: Fix ulink parameter. - -- Roland Rosenfeld Sun, 14 Oct 2007 17:45:59 +0200 + -- Roland Rosenfeld Sun, 21 Oct 2007 14:05:00 +0200 + +privoxy (3.0.6-4) unstable; urgency=low + + * Set "enable-remote-http-toggle 0" by default because otherwise + requests may be able to bypass filtering by setting "X-Filter: No" + headers using some strange javascript code. + * Disable default logging of every GET/POST/CONNECT request to protect + your privacy a bit more. + * 05_defaut_action: Stop blocking Andorra ccTLD (.ad) (Closes: #445461). + * Run make clean/distclean only if GNUmakefile exists in debian/rules. + + -- Roland Rosenfeld Sun, 21 Oct 2007 12:47:51 +0200 privoxy (3.0.6-3) unstable; urgency=low diff --git a/debian/patches/05_defaut_action.dpatch b/debian/patches/05_defaut_action.dpatch index a77e3007..9194b972 100644 --- a/debian/patches/05_defaut_action.dpatch +++ b/debian/patches/05_defaut_action.dpatch @@ -8,7 +8,16 @@ diff -urNad privoxy~/default.action.master privoxy/default.action.master --- privoxy~/default.action.master +++ privoxy/default.action.master -@@ -1823,6 +1823,11 @@ +@@ -598,6 +598,8 @@ + .*[epu]ad*. + county*. + countr*. ++#MASTER# Do not block Andorra ccTLD: ++.ad + + ############################################################################# + # Generic block patterns by path: +@@ -1823,6 +1825,11 @@ {+filter{tiny-textforms} +prevent-compression} .sourceforge.net/tracker diff --git a/debian/patches/14_config.dpatch b/debian/patches/14_config.dpatch index 76240b89..ec358695 100644 --- a/debian/patches/14_config.dpatch +++ b/debian/patches/14_config.dpatch @@ -52,6 +52,15 @@ diff -urNad privoxy~/config privoxy/config # # 2.3. actionsfile +@@ -575,7 +575,7 @@ + # If you want to use CLF (Common Log Format), you should set + # "debug 512" ONLY and not enable anything else. + # +-debug 1 # show each GET/POST/CONNECT request ++#debug 1 # show each GET/POST/CONNECT request + debug 4096 # Startup banner and warnings + debug 8192 # Errors - *we highly recommended enabling this* + @@ -735,7 +735,7 @@ # Note that you must have compiled Privoxy with support for this # feature, otherwise this option has no effect. @@ -61,6 +70,15 @@ diff -urNad privoxy~/config privoxy/config # # 4.4. enable-remote-http-toggle +@@ -770,7 +770,7 @@ + # untrustworthy clients and want to enforce filtering, you will + # have to disable this option, otherwise you can ignore it. + # +-enable-remote-http-toggle 1 ++enable-remote-http-toggle 0 + + # + # 4.5. enable-edit-actions @@ -803,7 +803,7 @@ # Note that you must have compiled Privoxy with support for this # feature, otherwise this option has no effect. diff --git a/debian/rules b/debian/rules index 6e7ada55..a8422365 100755 --- a/debian/rules +++ b/debian/rules @@ -1,6 +1,6 @@ #!/usr/bin/make -f # -# (C) 2002-2006 Roland Rosenfeld , based on +# (C) 2002-2007 Roland Rosenfeld , based on # Sample debian/rules that uses debhelper. # This file is public domain software, originally written by Joey Hess. @@ -57,8 +57,8 @@ clean1: dh_testroot rm -f build-stamp configure-stamp - -$(MAKE) clean - -$(MAKE) distclean + [ ! -f GNUmakefile ] || $(MAKE) clean + [ ! -f GNUmakefile ] || $(MAKE) distclean rm -f configure config.h GNUmakefile rm -f privoxy.8 -- 2.39.2