* [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29
@ 2020-11-30 7:12 Peter Korsgaard
2020-11-30 22:44 ` Peter Korsgaard
2020-12-11 21:30 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Peter Korsgaard @ 2020-11-30 7:12 UTC (permalink / raw)
To: buildroot
From the release notes:
- Security/Reliability:
- Fixed memory leaks when a response is buffered and the buffer
limit is reached or Privoxy is running out of memory.
Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
Sponsored by: Robert Klemme
- Fixed a memory leak in the show-status CGI handler when
no action files are configured. Commit c62254a686.
OVE-20201118-0002.
Sponsored by: Robert Klemme
- Fixed a memory leak in the show-status CGI handler when
no filter files are configured. Commit 1b1370f7a8a.
OVE-20201118-0003.
Sponsored by: Robert Klemme
- Fixes a memory leak when client tags are active.
Commit 245e1cf32. OVE-20201118-0004.
Sponsored by: Robert Klemme
- Fixed a memory leak if multiple filters are executed
and the last one is skipped due to a pcre error.
Commit 5cfb7bc8fe. OVE-20201118-0005.
- Prevent an unlikely dereference of a NULL-pointer that
could result in a crash if accept-intercepted-requests
was enabled, Privoxy failed to get the request destination
from the Host header and a memory allocation failed.
Commit 7530132349. CID 267165. OVE-20201118-0006.
- Fixed memory leaks in the client-tags CGI handler when
client tags are configured and memory allocations fail.
Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
- Fixed memory leaks in the show-status CGI handler when memory
allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
CID 305233. OVE-20201118-0008.
For more details, see the announcement:
https://www.openwall.com/lists/oss-security/2020/11/29/1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
package/privoxy/privoxy.hash | 8 ++++----
package/privoxy/privoxy.mk | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/package/privoxy/privoxy.hash b/package/privoxy/privoxy.hash
index 84daf5c611..850208dd9f 100644
--- a/package/privoxy/privoxy.hash
+++ b/package/privoxy/privoxy.hash
@@ -1,6 +1,6 @@
-# From http://sourceforge.net/projects/ijbswa/files/Sources/3.0.28%20%28stable%29/
-md5 c7e8900d5aff33d9a5fc37ac28154f21 privoxy-3.0.28-stable-src.tar.gz
-sha1 fa8f9f355a48afe94afcaef31c5404b2294c1043 privoxy-3.0.28-stable-src.tar.gz
+# From http://sourceforge.net/projects/ijbswa/files/Sources/3.0.28%20%29stable%29/
+md5 493a3a643247e6c8bc60725e9993d4ee privoxy-3.0.29-stable-src.tar.gz
+sha1 59873a122729b1b03e1d202d663036d2b5fa1120 privoxy-3.0.29-stable-src.tar.gz
# Locally computed
-sha256 b5d78cc036aaadb3b7cf860e9d598d7332af468926a26e2d56167f1cb6f2824a privoxy-3.0.28-stable-src.tar.gz
+sha256 25c6069efdaf577d47c257da63b03cd6d063fb790e19cc39603d82e5db72489d privoxy-3.0.29-stable-src.tar.gz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 LICENSE
diff --git a/package/privoxy/privoxy.mk b/package/privoxy/privoxy.mk
index f12d015efa..3cf1dc9754 100644
--- a/package/privoxy/privoxy.mk
+++ b/package/privoxy/privoxy.mk
@@ -4,7 +4,7 @@
#
################################################################################
-PRIVOXY_VERSION = 3.0.28
+PRIVOXY_VERSION = 3.0.29
PRIVOXY_SITE = http://downloads.sourceforge.net/project/ijbswa/Sources/$(PRIVOXY_VERSION)%20%28stable%29
PRIVOXY_SOURCE = privoxy-$(PRIVOXY_VERSION)-stable-src.tar.gz
# configure not shipped
--
2.20.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29
2020-11-30 7:12 [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29 Peter Korsgaard
@ 2020-11-30 22:44 ` Peter Korsgaard
2020-12-11 21:30 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2020-11-30 22:44 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> From the release notes:
> - Security/Reliability:
> - Fixed memory leaks when a response is buffered and the buffer
> limit is reached or Privoxy is running out of memory.
> Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
> Sponsored by: Robert Klemme
> - Fixed a memory leak in the show-status CGI handler when
> no action files are configured. Commit c62254a686.
> OVE-20201118-0002.
> Sponsored by: Robert Klemme
> - Fixed a memory leak in the show-status CGI handler when
> no filter files are configured. Commit 1b1370f7a8a.
> OVE-20201118-0003.
> Sponsored by: Robert Klemme
> - Fixes a memory leak when client tags are active.
> Commit 245e1cf32. OVE-20201118-0004.
> Sponsored by: Robert Klemme
> - Fixed a memory leak if multiple filters are executed
> and the last one is skipped due to a pcre error.
> Commit 5cfb7bc8fe. OVE-20201118-0005.
> - Prevent an unlikely dereference of a NULL-pointer that
> could result in a crash if accept-intercepted-requests
> was enabled, Privoxy failed to get the request destination
> from the Host header and a memory allocation failed.
> Commit 7530132349. CID 267165. OVE-20201118-0006.
> - Fixed memory leaks in the client-tags CGI handler when
> client tags are configured and memory allocations fail.
> Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
> - Fixed memory leaks in the show-status CGI handler when memory
> allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
> CID 305233. OVE-20201118-0008.
> For more details, see the announcement:
> https://www.openwall.com/lists/oss-security/2020/11/29/1
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29
2020-11-30 7:12 [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29 Peter Korsgaard
2020-11-30 22:44 ` Peter Korsgaard
@ 2020-12-11 21:30 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2020-12-11 21:30 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> From the release notes:
> - Security/Reliability:
> - Fixed memory leaks when a response is buffered and the buffer
> limit is reached or Privoxy is running out of memory.
> Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
> Sponsored by: Robert Klemme
> - Fixed a memory leak in the show-status CGI handler when
> no action files are configured. Commit c62254a686.
> OVE-20201118-0002.
> Sponsored by: Robert Klemme
> - Fixed a memory leak in the show-status CGI handler when
> no filter files are configured. Commit 1b1370f7a8a.
> OVE-20201118-0003.
> Sponsored by: Robert Klemme
> - Fixes a memory leak when client tags are active.
> Commit 245e1cf32. OVE-20201118-0004.
> Sponsored by: Robert Klemme
> - Fixed a memory leak if multiple filters are executed
> and the last one is skipped due to a pcre error.
> Commit 5cfb7bc8fe. OVE-20201118-0005.
> - Prevent an unlikely dereference of a NULL-pointer that
> could result in a crash if accept-intercepted-requests
> was enabled, Privoxy failed to get the request destination
> from the Host header and a memory allocation failed.
> Commit 7530132349. CID 267165. OVE-20201118-0006.
> - Fixed memory leaks in the client-tags CGI handler when
> client tags are configured and memory allocations fail.
> Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
> - Fixed memory leaks in the show-status CGI handler when memory
> allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
> CID 305233. OVE-20201118-0008.
> For more details, see the announcement:
> https://www.openwall.com/lists/oss-security/2020/11/29/1
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2020.02.x and 2020.08.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-12-11 21:30 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-30 7:12 [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29 Peter Korsgaard
2020-11-30 22:44 ` Peter Korsgaard
2020-12-11 21:30 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.