-
privoxy (3.0.21-7+deb8u1build0.14.04.1) trusty-security; urgency=medium
* fake sync from Debian
privoxy (3.0.21-7+deb8u1) trusty-security; urgency=high
* 40_CVE-2016-1982: Prevent invalid reads in case of corrupt
chunk-encoded content.
* 41_CVE-2016-1983: Remove empty Host headers in client requests.
Previously they would result in invalid reads.
privoxy (3.0.21-7) unstable; urgency=medium
* 37_CVE-2015-1380: denial of service.
* 38_CVE-2015-1381: multiple segmentation faults and memory leaks in the
pcrs code.
* 39_CVE-2015-1382: invalid read.
* These 3 patches Closes: #776490.
privoxy (3.0.21-5) unstable; urgency=low
* 34_CVE-2015-1030: Fix memory leak in rfc2553_connect_to(). CID 66382
* 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
only consists of one item. CID 66394.
* 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to
NULL in case of errors. Should make use-after-free in the caller less
likely. CID 66391, CID 66376.
* These 3 patches Closes: #775167.
privoxy (3.0.21-4) unstable; urgency=low
* Enable hardening=+all
* Hardcode PIDFile in privoxy.service, since this isn't allowed as
variable (Closes: #746262).
privoxy (3.0.21-3) unstable; urgency=low
* When starting via systemd, do not run daemon as root, and honour log
file configuration. Thanks to Carlos Maddela for providing a patch
(Closes: #745274)
-- Mike Salvatore <email address hidden> Fri, 14 Sep 2018 12:24:31 -0400
-
privoxy (3.0.21-2) unstable; urgency=low
* Use autotools-dev for arm64 compatibility (Closes: #727948).
* Depend on initscripts >= 2.87dsf-8, (Closes: #564563).
* Add systemd support (Thanks to Michael Stapelberg) (Closes: #639635).
* Upgrade to Standards-Version 3.9.5 (no changes).
-- Roland Rosenfeld <email address hidden> Sat, 12 Apr 2014 12:54:58 +0200
-
privoxy (3.0.21-1) unstable; urgency=low
* New upstream version 3.0.21-stable.
* This fixes CVE-2013-2503 (Closes: #702896).
* Update all patches.
* Upgrade to Standards-Version 3.9.4 (no changes).
-- Roland Rosenfeld <email address hidden> Fri, 05 Jul 2013 14:46:54 +0200