diff options
author | Fabian Keil <fk@fabiankeil.de> | 2021-12-08 11:15:42 +0000 |
---|---|---|
committer | Neel Chauhan <nc@FreeBSD.org> | 2021-12-15 04:04:55 +0000 |
commit | 62a44ce069317b638705dbf60ec808d48c45e94e (patch) | |
tree | 86a8ede9af8d1ff116aa79462c2f2dbf010e9e58 | |
parent | de8b1d4f6c80763ae3563e5037028c73abdbf51d (diff) | |
download | ports-62a44ce069317b638705dbf60ec808d48c45e94e.tar.gz ports-62a44ce069317b638705dbf60ec808d48c45e94e.zip |
www/privoxy: Update to 3.0.33 stable
This update fixes a couple of security issues. Quoting the ChangeLog:
- Security/Reliability:
- cgi_error_no_template(): Encode the template name to prevent
XSS (cross-side scripting) when Privoxy is configured to servce
the user-manual itself.
Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543.
Reported by: Artem Ivanov
- get_url_spec_param(): Free memory of compiled pattern spec
before bailing.
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540.
- process_encrypted_request_headers(): Free header memory when
failing to get the request destination.
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541.
- send_http_request(): Prevent memory leaks when handling errors
Reported by Joshua Rogers (Opera) who also provided the fix.
Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542.
The complete list of changes is available at:
https://lists.privoxy.org/pipermail/privoxy-announce/2021-December/000009.html
PR: 260290
MFH: 2021Q4
Security: 897e1962-5d5a-11ec-a3ed-040e3c3cf7e7
(cherry picked from commit dec093e215760204b994f01511820348f21cf1be)
-rw-r--r-- | www/privoxy/Makefile | 2 | ||||
-rw-r--r-- | www/privoxy/distinfo | 6 | ||||
-rw-r--r-- | www/privoxy/pkg-plist | 3 |
3 files changed, 6 insertions, 5 deletions
diff --git a/www/privoxy/Makefile b/www/privoxy/Makefile index ae5c43cbc020..5098eb1fd9a3 100644 --- a/www/privoxy/Makefile +++ b/www/privoxy/Makefile @@ -1,7 +1,7 @@ # Created by: John von Essen PORTNAME= privoxy -PORTVERSION= 3.0.32 +PORTVERSION= 3.0.33 CATEGORIES= www MASTER_SITES= https://www.privoxy.org/sf-download-mirror/Sources/${PORTVERSION}%20(stable)/ \ SF/ijbswa/Sources/${PORTVERSION}%20%28stable%29 diff --git a/www/privoxy/distinfo b/www/privoxy/distinfo index 24e554a0c73e..39fc2e3381d9 100644 --- a/www/privoxy/distinfo +++ b/www/privoxy/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1614278308 -SHA256 (privoxy-3.0.32-stable-src.tar.gz) = c61de4008c62445ec18f1f270407cbf2372eaba93beaccdc9e3238bb2defeed7 -SIZE (privoxy-3.0.32-stable-src.tar.gz) = 1834528 +TIMESTAMP = 1638962109 +SHA256 (privoxy-3.0.33-stable-src.tar.gz) = 04b104e70dac61561b9dd110684b250fafc8c13dbe437a60fae18ddd9a881fae +SIZE (privoxy-3.0.33-stable-src.tar.gz) = 1579540 diff --git a/www/privoxy/pkg-plist b/www/privoxy/pkg-plist index 01ae58dc3884..5e6e4ad311fa 100644 --- a/www/privoxy/pkg-plist +++ b/www/privoxy/pkg-plist @@ -23,7 +23,7 @@ etc/privoxy/templates/default etc/privoxy/templates/edit-actions-add-url-form etc/privoxy/templates/edit-actions-for-url etc/privoxy/templates/edit-actions-for-url-filter -etc/privoxy/templates/edit-actions-for-url-string-filter +etc/privoxy/templates/edit-actions-for-url-string-action etc/privoxy/templates/edit-actions-list etc/privoxy/templates/edit-actions-list-button etc/privoxy/templates/edit-actions-list-section @@ -45,6 +45,7 @@ etc/privoxy/templates/toggle etc/privoxy/templates/toggle-mini etc/privoxy/templates/untrusted etc/privoxy/templates/url-info-osd.xml +etc/privoxy/templates/wpad.dat %%PORTDOCS%%%%DOCSDIR%%/user-manual/actions-file.html %%PORTDOCS%%%%DOCSDIR%%/user-manual/appendix.html %%PORTDOCS%%%%DOCSDIR%%/user-manual/config.html |