update to 3.0.18
many fixes and improvements - see the ChangeLog file
one marked as security relevant:
If the redirect URL contains characters RFC 3986 doesn't permit,
they are (re)encoded. Not doing this makes Privoxy versions from
3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
attacks if the +fast-redirects{check-decoded-url} action is used.
This commit is contained in:
drochner
parent
90b5a265eb
commit
34bd591fa6
4 changed files with 20 additions and 20 deletions
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.44 2011/04/26 21:23:26 mjl Exp $
|
||||
# $NetBSD: Makefile,v 1.45 2011/12/07 16:13:51 drochner Exp $
|
||||
#
|
||||
|
||||
DISTNAME= ${PKGNAME_NOREV}-stable-src
|
||||
PKGNAME= privoxy-3.0.17
|
||||
PKGNAME= privoxy-3.0.18
|
||||
CATEGORIES= www
|
||||
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ijbswa/}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
$NetBSD: distinfo,v 1.17 2011/05/05 16:54:55 gdt Exp $
|
||||
$NetBSD: distinfo,v 1.18 2011/12/07 16:13:51 drochner Exp $
|
||||
|
||||
SHA1 (privoxy-3.0.17-stable-src.tar.gz) = cadef2eb8ec182278e092322d3d56f225cb69c93
|
||||
RMD160 (privoxy-3.0.17-stable-src.tar.gz) = 8e4acc60ca7e7be20a92e1aece92eecedd4d1997
|
||||
Size (privoxy-3.0.17-stable-src.tar.gz) = 1670102 bytes
|
||||
SHA1 (privoxy-3.0.18-stable-src.tar.gz) = ffc797c478f8acac4e4894f4a9cb8a400c87c67c
|
||||
RMD160 (privoxy-3.0.18-stable-src.tar.gz) = 5c5e5ac43b5b4e746ee0df0c9794bbfaa426d5f8
|
||||
Size (privoxy-3.0.18-stable-src.tar.gz) = 1720020 bytes
|
||||
SHA1 (patch-aa) = c263d2a4b9522a33613f82ab2bc18d5c2b554b21
|
||||
SHA1 (patch-ab) = ad56c9dfee23fc29c1422292c30b386e742befe4
|
||||
SHA1 (patch-ac) = e39ffe694462b952c5ad66ac577a0acbee0a1d9f
|
||||
SHA1 (patch-ab) = 6ab77caae5e6ac2b67c4c795af38db4da1310c61
|
||||
SHA1 (patch-ac) = 6b0f5c2b32108cf4366a9f7feaad8a5be634e2e9
|
||||
SHA1 (patch-ag) = 631b73e17d2f825ae6c2fa2d832db98e166030ba
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: patch-ab,v 1.7 2011/05/05 16:54:55 gdt Exp $
|
||||
$NetBSD: patch-ab,v 1.8 2011/12/07 16:13:51 drochner Exp $
|
||||
|
||||
Multiple changes.
|
||||
|
||||
|
|
@ -15,9 +15,9 @@ Multiple changes.
|
|||
Not pushed upstream; it's not clear that upstream supports DESTDIR
|
||||
at all.
|
||||
|
||||
--- GNUmakefile.in.orig 2010-02-20 12:53:30.000000000 +0000
|
||||
--- GNUmakefile.in.orig 2011-09-06 18:45:28.000000000 +0000
|
||||
+++ GNUmakefile.in
|
||||
@@ -85,7 +85,7 @@ INSTALL = @INSTALL@
|
||||
@@ -86,7 +86,7 @@ INSTALL = @INSTALL@
|
||||
# Binaries
|
||||
BIN_MODE = 0755
|
||||
# Support files, docs, etc.
|
||||
|
|
@ -26,7 +26,7 @@ Multiple changes.
|
|||
# Directory
|
||||
DIR_MODE = 0755
|
||||
# Files daemon writes to.
|
||||
@@ -788,16 +788,6 @@ install-strip:
|
||||
@@ -808,16 +808,6 @@ install-strip:
|
||||
# Perhaps the whole user/group validation should be done here, and simplified.
|
||||
PROGRAM_V = Privoxy $(VERSION) $(CODE_STATUS)
|
||||
install: CONF_DEST LOG_DEST PID_DEST check_doc GROUP_T
|
||||
|
|
@ -34,7 +34,7 @@ Multiple changes.
|
|||
- @if [ -n "$(USER)" ]; then \
|
||||
- $(ID) $(USER) >/dev/null || exit 1;\
|
||||
- fi
|
||||
- @# Test for valid group. FIXME. USER does not have to belong to GROUP
|
||||
- @# Test for valid group. FIXME. USER does not have to belong to GROUP
|
||||
- @# for file ownership purposes.
|
||||
-# if [ -n "$(GROUP_T)" ] && [ -n "$(USER)" ] && ! $(GROUPS) $(USER) | $(GREP) "\<$(GROUP_T)\>" >/dev/null; then \
|
||||
-# $(ECHO) Group $(GROUP_T) for User $(USER) is invalid && exit 1 ;\
|
||||
|
|
@ -43,7 +43,7 @@ Multiple changes.
|
|||
@$(ECHO) "Creating directories, and preparing $(PROGRAM_V) installation"
|
||||
$(CHMOD) $(DIR_MODE) $(MKDIR)
|
||||
@$(MKDIR) $(DESTDIR)$(SBIN_DEST) $(DESTDIR)$(prefix) $(DESTDIR)$(CONF_DEST) \
|
||||
@@ -865,48 +855,13 @@ install: CONF_DEST LOG_DEST PID_DEST che
|
||||
@@ -885,48 +875,13 @@ install: CONF_DEST LOG_DEST PID_DEST che
|
||||
$(INSTALL) $(INSTALL_T) $$i $(DESTDIR)$(CONF_DEST)/templates ;\
|
||||
done
|
||||
|
||||
|
|
@ -93,7 +93,7 @@ Multiple changes.
|
|||
$(ECHO) Installing $$i as $$i.new ;\
|
||||
$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\
|
||||
NEW=1;\
|
||||
@@ -918,36 +873,6 @@ install: CONF_DEST LOG_DEST PID_DEST che
|
||||
@@ -938,36 +893,6 @@ install: CONF_DEST LOG_DEST PID_DEST che
|
||||
$(CHMOD) $(RWD_MODE) $(DESTDIR)$(CONF_DEST)/*.new || exit 1 ;\
|
||||
$(ECHO) "Warning: Older config files are preserved. Check new versions for changes!" ;\
|
||||
fi ;\
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: patch-ac,v 1.1 2004/09/24 14:08:36 tv Exp $
|
||||
$NetBSD: patch-ac,v 1.2 2011/12/07 16:13:51 drochner Exp $
|
||||
|
||||
--- configure.in.orig 2004-01-30 04:26:03.000000000 -0500
|
||||
--- configure.in.orig 2011-11-13 16:53:45.000000000 +0000
|
||||
+++ configure.in
|
||||
@@ -563,29 +563,12 @@ if test "$EMXOS2" = yes; then
|
||||
@@ -164,29 +164,12 @@ if test "$EMXOS2" = yes; then
|
||||
|
||||
else
|
||||
|
||||
|
|
@ -32,10 +32,10 @@ $NetBSD: patch-ac,v 1.1 2004/09/24 14:08:36 tv Exp $
|
|||
],
|
||||
[
|
||||
if test $ID = no ; then
|
||||
@@ -602,27 +585,8 @@ else
|
||||
@@ -203,27 +186,8 @@ else
|
||||
AC_ARG_WITH(group,
|
||||
[ --with-group=privoxy Set group for privoxy],
|
||||
[
|
||||
[
|
||||
- if test "x$withval" != "xyes"; then
|
||||
- if test $BGROUPS = no ; then
|
||||
- AC_MSG_ERROR(There is no 'groups' program on this system)
|
||||
|
|
|
|||
Loading…
Reference in a new issue