Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package privoxy for openSUSE:Factory checked in at 2023-02-13 16:41:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/privoxy (Old) and /work/SRC/openSUSE:Factory/.privoxy.new.1848 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "privoxy" Mon Feb 13 16:41:20 2023 rev:58 rq:1065418 version:3.0.34 Changes: -------- --- /work/SRC/openSUSE:Factory/privoxy/privoxy.changes 2022-10-31 10:45:18.289036652 +0100 +++ /work/SRC/openSUSE:Factory/.privoxy.new.1848/privoxy.changes 2023-02-13 16:43:19.400225189 +0100 @@ -1,0 +2,109 @@ +Sun Feb 12 10:55:54 UTC 2023 - Carsten Ziepke <kiel...@gmail.com> + +- Update to version 3.0.34: + Bug fixes: + * Improve the handling of chunk-encoded responses by buffering + the data even if filters are disabled and properly keeping track + of where the various chunks are supposed to start and end. + Previously Privoxy would merely check the last bytes received + to see if they looked like the last-chunk. This failed to work + if the last-chunk wasn't received in one read and could also + result in actual data being misdetected as last-chunk. + Should fix: SF support request #1739. + * remove_chunked_transfer_coding(): Refuse to de-chunk invalid + data. Previously the data could get corrupted even further. + Now we simply pass the unmodified data to the client. + * gif_deanimate(): Tolerate multiple image extensions in a row. + This allows to deanimate all the gifs on: + https://commons.wikimedia.org/wiki/Category:Animated_smilies + Fixes SF bug #795 reported by Celejar. + * OpenSSL generate_host_certificate(): Use X509_get_subject_name() + instead of X509_get_issuer_name() to get the issuer for + generated website certificates so there are no warnings in the + browser when using an intermediate CA certificate instead of a + self-signed root certificate. + * can_filter_request_body(): Fix a log message that contained a + spurious u. + * handle_established_connection(): Check for pending TLS data + from the client before checking if data is available on the + connection. The TLS library may have already consumed all the + data from the client response in which case poll() and select() + will not detect that data is available to be read. + * ssl_send_certificate_error(): Don't crash if there's no + certificate information available. This is only relevant when + Privoxy is built with wolfSSL 5.0.0 or later (code not yet + published). Earlier wolfSSL versions or the other TLS backends + don't seem to trigger the crash. + * socks5_connect(): Add support for target hosts specified as + IPv4 address. Previously the IP address was sent as domain. + General improvements: + * Add a client-body-tagger action which creates tags based on + the content of the request body. + * When client-body filters are enabled, buffer the whole request + before opening a connection to the server. + Makes it less likely that the server connection times out + and we don't open a connection if the buffering fails anyway. + * Add periods to a couple of log messages. + * accept_connection(): Add missing space to a log message. + * Initialize ca-related defaults with strdup_or_die() so errors + aren't silently ignored. + * make_path: Use malloc_or_die() in cases where allocation errors + were already fatal anyway. + * handle_established_connection(): Improve an error message slightly. + * receive_client_request(): Reject https URLs without CONNECT request. + * Include all requests in the statistics if mutexes are available. + Previously in case of reused connections only the last request got + counted. The statistics still aren't perfect but it's an improvement. + * Add read_socks_reply() and start using it in socks5_connect() + to apply the socket timeout more consistently. + * socks5_connect(): Deal with domain names in the socks reply + * Add a filter for bundeswehr.de that hides the cookie and + privacy info banner. + Action file improvements: + * Disable filter{banners-by-size} for .freiheitsfoo.de/. + * Disable filter{banners-by-size} for freebsdfoundation.org/. + * Disable fast-redirects for consent.youtube.com/. + * Block requests to ups.xplosion.de/. + * Block requests for elsa.memoinsights.com/t. + * Fix a typo in a test. + * Disable fast-redirects for launchpad.net/. + * Unblock .eff.org/. + * Stop unblocking .org/.*(image|banner) which appears to be too generous + * Unblock adfd.org/. + * Disable filter{banners-by-link} for .eff.org/. + * Block requests to odb.outbrain.com/. + * Disable fast-redirects for .gandi.net/. + * Disable fast-redirects{} for .onion/.*/status/. + * Disable fast-redirects{} for twitter.com/.*/status/. + * Unblock pinkstinks.de/. + * Disable fast-redirects for .hagalil.com/. + Privoxy-Log-Parser: + * Bump version to 0.9.5. + * Highlight more log messages. + * Highlight the Crunch reason only once. Previously the "crunch reason" + could also be highlighted when the URL contained a matching string. + The real crunch reason only occurs once per line, so there's no need + to continue looking for it after it has been found once. + While at it, add a comment with an example log line. + uagen: + * Bump version to 1.2.4. + * Update BROWSER_VERSION and BROWSER_REVISION to 102.0 + to match the User-Agent of the current Firefox ESR. + * Explicitly document that changing the 'Gecko token' is suspicious. + * Consistently use a lower-case 'c' as copyright symbol. + * Bump copyright. + * Add 'aarch64' as Linux architecture. + Build system: + * Makefile: Add a 'dok' target that depends on the 'error' target + to show the "You are not using GNU make or did nor run configure" + message. + * configure: Fix --with-msan option. + Documentation: + * Add OpenSSL to the list of libraries that may be licensed under the + Apache 2.0 license in which case the linked Privoxy binary has to be + distributed under the GPLv3 or later. + * config: Fix the documented ca-directory default value. + * Update developer manual with new macOS packaging instructions. +- Add missingok to privoxy.logrotate.systemd + +------------------------------------------------------------------- Old: ---- privoxy-3.0.33-stable-src.tar.gz privoxy-3.0.33-stable-src.tar.gz.asc New: ---- privoxy-3.0.34-stable-src.tar.gz privoxy-3.0.34-stable-src.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ privoxy.spec ++++++ --- /var/tmp/diff_new_pack.tm9o6B/_old 2023-02-13 16:43:19.868227946 +0100 +++ /var/tmp/diff_new_pack.tm9o6B/_new 2023-02-13 16:43:19.872227970 +0100 @@ -1,7 +1,7 @@ # # spec file for package privoxy # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define chroot %{_localstatedir}/lib/privoxy Name: privoxy -Version: 3.0.33 +Version: 3.0.34 Release: 0 Summary: The Internet Junkbuster - HTTP Proxy Server License: GPL-3.0-or-later ++++++ privoxy-3.0.33-stable-src.tar.gz -> privoxy-3.0.34-stable-src.tar.gz ++++++ ++++ 7403 lines of diff (skipped) ++++++ privoxy.logrotate.systemd ++++++ --- /var/tmp/diff_new_pack.tm9o6B/_old 2023-02-13 16:43:20.168229714 +0100 +++ /var/tmp/diff_new_pack.tm9o6B/_new 2023-02-13 16:43:20.172229737 +0100 @@ -8,6 +8,7 @@ size 4M #maxage 365 postrotate + missingok /usr/bin/systemctl reload privoxy endscript } @@ -22,6 +23,7 @@ size 4M #maxage 365 postrotate + missingok /usr/bin/systemctl reload privoxy endscript }