From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] privoxy: Update to 3.0.24
Date: Sun, 24 Jan 2016 19:42:55 +0000
Message-ID: <1453664575.585.132.camel@ipfire.org>
In-Reply-To: <1453594308-7026-1-git-send-email-matthias.fischer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============1746023798491462425=="
List-Id: <development.lists.ipfire.org>

--===============1746023798491462425==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

Hi,

there is no privoxy in IPFire :)

What branch is this patch for?

-Michael

On Sun, 2016-01-24 at 01:11 +0100, Matthias Fischer wrote:
> Changelog - in short:
> - Security fixes (denial of service):
>   - Prevent invalid reads in case of corrupt chunk-encoded content.
>     CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer.
>   - Remove empty Host headers in client requests.
>     Previously they would result in invalid reads. CVE-2016-1983.
>     Bug discovered with afl-fuzz and AddressSanitizer.
> 
> Also several bug fixes as well as general, action file, and
> documentation improvements.
> 
> For details see:
> http://www.privoxy.org/announce.txt
> 
> Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
> ---
>  lfs/privoxy | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/lfs/privoxy b/lfs/privoxy
> index bc4848a..de650a2 100644
> --- a/lfs/privoxy
> +++ b/lfs/privoxy
> @@ -1,7 +1,7 @@
>  ####################################################################
> ###########
>  #                                                                   
>           #
>  # IPFire.org - A linux based firewall                               
>           #
> -# Copyright (C) 2007-2015  IPFire Team  <info(a)ipfire.org>           
>           #
> +# Copyright (C) 2007-2016  IPFire Team  <info(a)ipfire.org>           
>           #
>  #                                                                   
>           #
>  # This program is free software: you can redistribute it and/or
> modify        #
>  # it under the terms of the GNU General Public License as published
> by        #
> @@ -24,14 +24,14 @@
>  
>  include Config
>  
> -VER        = 3.0.23
> +VER        = 3.0.24
>  THISAPP    = privoxy-$(VER)
>  DL_FILE    = $(THISAPP)-stable-src.tar.gz
>  DL_FROM    = $(URL_IPFIRE)
>  DIR_APP    = $(DIR_SRC)/$(THISAPP)
>  TARGET     = $(DIR_INFO)/$(THISAPP)
>  PROG       = privoxy
> -PAK_VER    = 2
> +PAK_VER    = 3
>  
>  DEPS       = ""
>  
> @@ -43,7 +43,7 @@ objects = $(DL_FILE)
>  
>  $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>  
> -$(DL_FILE)_MD5 = bbe47d5ff1a54d9f9fc93a160532697f
> +$(DL_FILE)_MD5 = 44a47d1a5000db8cccd61ace0e25e7f7
>  
>  install : $(TARGET)
>  
> @@ -53,7 +53,7 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects))
>  
>  md5 : $(subst %,%_MD5,$(objects))
>  
> -dist:
> +dist: 
>  	$(PAK)
>  
>  ####################################################################
> ###########

--===============1746023798491462425==
Content-Type: application/pgp-signature
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="signature.asc"
MIME-Version: 1.0

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjEKCmlRSWNCQUFC
Q2dBR0JRSldwU2svQUFvSkVJQjU4UDl2a0FrSHRMUVFBSzlWVERqV09GOExFVW54ZUdhelN4RHIK
RklDcHBEeHdONE5XVU95aGRGOHZLdzlLUW1qTG9NRVY4Q2pPQ2wxdXlaREk2T2lhdnR6ckJxZloy
Vlp2WWIwQwpWUXRTamJBSTNCLzhsQmNVN2ZmbnZFdjNTblZLNXp1bFVwNXZCR0pweXRDbWVWL0xZ
bzJhYktZaU8xT0JwYnpWCnF2WkdEcks5S2ZTSFRQRlFlbVVvQ1pQY0xaSk1tVnp1UWtRR1ZhT1Ry
Q2tvRmRVbmlNSUdlaTJRY29Calg1WloKYlhzbkN1QUdmTzJUaURneFkzdmtCQlhweDNaWlhzVW9S
TXU4ZGs5dmZ4d3B2czVwTWM5OHlaRG12cG5VaU92Nwo3UGs5WjFhYWhFWm05WXpJblZLNDBFQUo0
d1ErMWpWUi9CRDhHdFdCSk9QeFQ0SVQ2b0Zxa2M3aTFGR3ZIaG05CjZzdURMdTVMSzdDZVRrYTdU
L1N0b3VoOTk0djdnVzFWaHZNOTM1bi9BemlnNWJUZ0ExSmdRWDFCUkpIRWZlZ3kKOG5XYjFPd3Zq
bEdzZHN5Qm9vZmxzaHRhTGFUaG80Nklxei9FQS85TWZ2Sm1kblhJcE4rbDhWbmlBNXVibXI4Zgov
SzNDNlBuQSt0T3hDOXRMZlJ4WlZlNkVCYmZzckFaZTQ1WkVpeVc5MTFod1BmVkRQazNPNERuRytx
QXdabEJDCkZBQlZqWWVTU0hKaEVXWWRNV25QdEFjVDBYdEt4WFluY244dmJSUTZQcGdhV0RiSkd4
R3ZneXVjQ3dPUS9ScjEKeHpqNnRJQm9GYWdWTHZJY1ozWjZRRmd2bFpUbmo5d1NPenJGY2lSRURQ
b21TRzF1V2VaMzRSaXlCVmJVNm55SQpQS1RNd0hnbTdkSHA4MHM1WmM0Qgo9aTJ2bAotLS0tLUVO
RCBQR1AgU0lHTkFUVVJFLS0tLS0K

--===============1746023798491462425==--