Security UPDATE www/privoxy

Thu, 04 Feb 2021 09:40:01 -0800 

A newer version of privoxy is available, which addresses 2 CVE's:

CVE-2021-20217
Prevent an assertion from getting triggered by a crafted CGI request.

CVE-2021-20216
Fixed a memory leak when decompression fails "unexpectedly".

Lightly run tested on amd64.

I think it makes sense to backport this update to 6.8.

Comments, OK?


diff --git Makefile Makefile
index 7a4eaea8135..5a78a32cb51 100644
--- Makefile
+++ Makefile
@@ -2,7 +2,7 @@
 
 COMMENT=       web proxy with advanced filtering capabilities
 
-V=             3.0.29
+V=             3.0.31
 DISTNAME=      privoxy-${V}-stable
 PKGNAME=       privoxy-${V}
 CATEGORIES=    www
@@ -16,6 +16,7 @@ WANTLIB += c crypto pcre pcreposix pthread ssl z
 
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ijbswa/}
 EXTRACT_SUFX=  -src.tar.gz
+FIX_EXTRACT_PERMISSIONS=       Yes
 
 # there are tests which can be run with tools/privoxy-regression-test.pl
 # they require privoxy to be running, and http_proxy=http://127.0.0.1:8118/
diff --git distinfo distinfo
index a2fcc27dfab..dc802138e1a 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (privoxy-3.0.29-stable-src.tar.gz) = 
JcYGnv2vV31HwlfaY7A81tBj+3kOGcw5YD2C5dtySJ0=
-SIZE (privoxy-3.0.29-stable-src.tar.gz) = 1830550
+SHA256 (privoxy-3.0.31-stable-src.tar.gz) = 
B3cpo6rHkiKk6NiKZQ2QKNFv1LDWA42o9fXkcSDQBOs=
+SIZE (privoxy-3.0.31-stable-src.tar.gz) = 1839901
diff --git pkg/PLIST pkg/PLIST
index 69363c61998..c303dbc7a60 100644
--- pkg/PLIST
+++ pkg/PLIST
@@ -6,7 +6,7 @@ bin/privoxy-log-parser.pl
 bin/privoxy-regression-test.pl
 bin/uagen.pl
 bin/url-pattern-translator.pl
-@man man/man1/privoxy.1
+@man man/man8/privoxy.8
 @bin sbin/privoxy
 share/doc/privoxy/
 share/doc/privoxy/AUTHORS
@@ -32,7 +32,6 @@ share/doc/privoxy/faq/index.html
 share/doc/privoxy/faq/installation.html
 share/doc/privoxy/faq/misc.html
 share/doc/privoxy/faq/trouble.html
-share/doc/privoxy/images/
 share/doc/privoxy/index.html
 share/doc/privoxy/man-page/
 share/doc/privoxy/man-page/privoxy-man-page.html
@@ -191,6 +190,7 @@ share/examples/privoxy/templates/edit-actions-for-url-filter
 @sample ${SYSCONFDIR}/privoxy/templates/edit-actions-for-url-filter
 @owner
 @group
+share/examples/privoxy/templates/edit-actions-for-url-string-filter
 share/examples/privoxy/templates/edit-actions-list
 @owner _privoxy
 @group _privoxy

Reply via email to