Ubuntu
privoxy package

Change logs for privoxy source package in Trusty

  1. Trusty (14.04)
  2. Change log 
  • privoxy (3.0.21-7+deb8u1build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

privoxy (3.0.21-7+deb8u1) trusty-security; urgency=high

  * 40_CVE-2016-1982: Prevent invalid reads in case of corrupt
    chunk-encoded content.
  * 41_CVE-2016-1983: Remove empty Host headers in client requests.
    Previously they would result in invalid reads.

privoxy (3.0.21-7) unstable; urgency=medium

  * 37_CVE-2015-1380: denial of service.
  * 38_CVE-2015-1381: multiple segmentation faults and memory leaks in the
    pcrs code.
  * 39_CVE-2015-1382: invalid read.
  * These 3 patches Closes: #776490.

privoxy (3.0.21-5) unstable; urgency=low

  * 34_CVE-2015-1030: Fix memory leak in rfc2553_connect_to().  CID 66382
  * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map
    only consists of one item.  CID 66394.
  * 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to
    NULL in case of errors.  Should make use-after-free in the caller less
    likely.  CID 66391, CID 66376.
  * These 3 patches Closes: #775167.

privoxy (3.0.21-4) unstable; urgency=low

  * Enable hardening=+all
  * Hardcode PIDFile in privoxy.service, since this isn't allowed as
    variable (Closes: #746262).

privoxy (3.0.21-3) unstable; urgency=low

  * When starting via systemd, do not run daemon as root, and honour log
    file configuration. Thanks to Carlos Maddela for providing a patch
    (Closes: #745274)

 -- Mike Salvatore <email address hidden>  Fri, 14 Sep 2018 12:24:31 -0400
  • privoxy (3.0.21-2) unstable; urgency=low


  * Use autotools-dev for arm64 compatibility (Closes: #727948).
  * Depend on initscripts >= 2.87dsf-8, (Closes: #564563).
  * Add systemd support (Thanks to Michael Stapelberg) (Closes: #639635).
  * Upgrade to Standards-Version 3.9.5 (no changes).

 -- Roland Rosenfeld <email address hidden>  Sat, 12 Apr 2014 12:54:58 +0200
  • privoxy (3.0.21-1) unstable; urgency=low


  * New upstream version 3.0.21-stable.
  * This fixes CVE-2013-2503 (Closes: #702896).
  * Update all patches.
  * Upgrade to Standards-Version 3.9.4 (no changes).

 -- Roland Rosenfeld <email address hidden>  Fri, 05 Jul 2013 14:46:54 +0200