From 62a44ce069317b638705dbf60ec808d48c45e94e Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Wed, 8 Dec 2021 12:15:42 +0100 Subject: www/privoxy: Update to 3.0.33 stable This update fixes a couple of security issues. Quoting the ChangeLog: - Security/Reliability: - cgi_error_no_template(): Encode the template name to prevent XSS (cross-side scripting) when Privoxy is configured to servce the user-manual itself. Commit 0e668e9409c. OVE-20211102-0001. CVE-2021-44543. Reported by: Artem Ivanov - get_url_spec_param(): Free memory of compiled pattern spec before bailing. Reported by Joshua Rogers (Opera) who also provided the fix. Commit 652b4b7cb0. OVE-20211201-0003. CVE-2021-44540. - process_encrypted_request_headers(): Free header memory when failing to get the request destination. Reported by Joshua Rogers (Opera) who also provided the fix. Commit 0509c58045. OVE-20211201-0002. CVE-2021-44541. - send_http_request(): Prevent memory leaks when handling errors Reported by Joshua Rogers (Opera) who also provided the fix. Commit c48d1d6d08. OVE-20211201-0001. CVE-2021-44542. The complete list of changes is available at: https://lists.privoxy.org/pipermail/privoxy-announce/2021-December/000009.html PR: 260290 MFH: 2021Q4 Security: 897e1962-5d5a-11ec-a3ed-040e3c3cf7e7 (cherry picked from commit dec093e215760204b994f01511820348f21cf1be) --- www/privoxy/Makefile | 2 +- www/privoxy/distinfo | 6 +++--- www/privoxy/pkg-plist | 3 ++- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/www/privoxy/Makefile b/www/privoxy/Makefile index ae5c43cbc020..5098eb1fd9a3 100644 --- a/www/privoxy/Makefile +++ b/www/privoxy/Makefile @@ -1,7 +1,7 @@ # Created by: John von Essen PORTNAME= privoxy -PORTVERSION= 3.0.32 +PORTVERSION= 3.0.33 CATEGORIES= www MASTER_SITES= https://www.privoxy.org/sf-download-mirror/Sources/${PORTVERSION}%20(stable)/ \ SF/ijbswa/Sources/${PORTVERSION}%20%28stable%29 diff --git a/www/privoxy/distinfo b/www/privoxy/distinfo index 24e554a0c73e..39fc2e3381d9 100644 --- a/www/privoxy/distinfo +++ b/www/privoxy/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1614278308 -SHA256 (privoxy-3.0.32-stable-src.tar.gz) = c61de4008c62445ec18f1f270407cbf2372eaba93beaccdc9e3238bb2defeed7 -SIZE (privoxy-3.0.32-stable-src.tar.gz) = 1834528 +TIMESTAMP = 1638962109 +SHA256 (privoxy-3.0.33-stable-src.tar.gz) = 04b104e70dac61561b9dd110684b250fafc8c13dbe437a60fae18ddd9a881fae +SIZE (privoxy-3.0.33-stable-src.tar.gz) = 1579540 diff --git a/www/privoxy/pkg-plist b/www/privoxy/pkg-plist index 01ae58dc3884..5e6e4ad311fa 100644 --- a/www/privoxy/pkg-plist +++ b/www/privoxy/pkg-plist @@ -23,7 +23,7 @@ etc/privoxy/templates/default etc/privoxy/templates/edit-actions-add-url-form etc/privoxy/templates/edit-actions-for-url etc/privoxy/templates/edit-actions-for-url-filter -etc/privoxy/templates/edit-actions-for-url-string-filter +etc/privoxy/templates/edit-actions-for-url-string-action etc/privoxy/templates/edit-actions-list etc/privoxy/templates/edit-actions-list-button etc/privoxy/templates/edit-actions-list-section @@ -45,6 +45,7 @@ etc/privoxy/templates/toggle etc/privoxy/templates/toggle-mini etc/privoxy/templates/untrusted etc/privoxy/templates/url-info-osd.xml +etc/privoxy/templates/wpad.dat %%PORTDOCS%%%%DOCSDIR%%/user-manual/actions-file.html %%PORTDOCS%%%%DOCSDIR%%/user-manual/appendix.html %%PORTDOCS%%%%DOCSDIR%%/user-manual/config.html -- cgit v1.2.3