On Thu 04/02/2021 18:08, Stuart Henderson wrote:
> On 2021/02/04 18:39, Bjorn Ketelaars wrote:
> > A newer version of privoxy is available, which addresses 2 CVE's:
> >
> > CVE-2021-20217
> > Prevent an assertion from getting triggered by a crafted CGI request.
> >
> > CVE-2021-20216
> > Fixed a memory leak when decompression fails "unexpectedly".
> >
> > Lightly run tested on amd64.
> >
> > I think it makes sense to backport this update to 6.8.
> >
> > Comments, OK?
>
> There's a missing $(DESTDIR) on line 971 of GNUmakefile.in that breaks
> packaging if privoxy is already installed
>
> > @group
> > +share/examples/privoxy/templates/edit-actions-for-url-string-filter
>
> That one needs an @sample adding too
>
> > share/examples/privoxy/templates/edit-actions-list
> > @owner _privoxy
> > @group _privoxy
Thanks you for the feedback. New diff:
diff --git Makefile Makefile
index 7a4eaea8135..5a78a32cb51 100644
--- Makefile
+++ Makefile
@@ -2,7 +2,7 @@
COMMENT= web proxy with advanced filtering capabilities
-V= 3.0.29
+V= 3.0.31
DISTNAME= privoxy-${V}-stable
PKGNAME= privoxy-${V}
CATEGORIES=www
@@ -16,6 +16,7 @@ WANTLIB += c crypto pcre pcreposix pthread ssl z
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=ijbswa/}
EXTRACT_SUFX= -src.tar.gz
+FIX_EXTRACT_PERMISSIONS= Yes
# there are tests which can be run with tools/privoxy-regression-test.pl
# they require privoxy to be running, and http_proxy=http://127.0.0.1:8118/
diff --git distinfo distinfo
index a2fcc27dfab..dc802138e1a 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (privoxy-3.0.29-stable-src.tar.gz) =
JcYGnv2vV31HwlfaY7A81tBj+3kOGcw5YD2C5dtySJ0=
-SIZE (privoxy-3.0.29-stable-src.tar.gz) = 1830550
+SHA256 (privoxy-3.0.31-stable-src.tar.gz) =
B3cpo6rHkiKk6NiKZQ2QKNFv1LDWA42o9fXkcSDQBOs=
+SIZE (privoxy-3.0.31-stable-src.tar.gz) = 1839901
diff --git patches/patch-GNUmakefile_in patches/patch-GNUmakefile_in
index c82ff15d249..ca289ca00e9 100644
--- patches/patch-GNUmakefile_in
+++ patches/patch-GNUmakefile_in
@@ -12,3 +12,12 @@ Index: GNUmakefile.in
#
+@@ -968,7 +968,7 @@ install: CONF_DEST LOG_DEST PID_DEST check_doc GROUP_T
+ $(RM) $(DESTDIR)$(CONF_DEST)/$$i ;\
+ $(ECHO) Installing fresh $$i;\
+ $(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) ||
exit 1;\
+- elif [ -s "$(CONF_DEST)/$$i" ]; then \
++ elif [ -s "$(DESTDIR)$(CONF_DEST)/$$i" ]; then \
+ $(ECHO) Installing $$i as $$i.new ;\
+ $(INSTALL) $$INSTALL_CONF $$i
$(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\
+ NEW=1;\
diff --git pkg/PLIST pkg/PLIST
index 69363c61998..26f328642a1 100644
--- pkg/PLIST
+++ pkg/PLIST
@@ -6,7 +6,7 @@ bin/privoxy-log-parser.pl
bin/privoxy-regression-test.pl
bin/uagen.pl
bin/url-pattern-translator.pl
-@man man/man1/privoxy.1
+@man man/man8/privoxy.8
@bin sbin/privoxy
share/doc/privoxy/
share/doc/privoxy/AUTHORS
@@ -32,7 +32,6 @@ share/doc/privoxy/faq/index.html
share/doc/privoxy/faq/installation.html
share/doc/privoxy/faq/misc.html
share/doc/privoxy/faq/trouble.html
-share/doc/privoxy/images/
share/doc/privoxy/index.html
share/doc/privoxy/man-page/
share/doc/privoxy/man-page/privoxy-man-page.html
@@ -191,6 +190,12 @@
share/examples/privoxy/templates/edit-actions-for-url-filter
@sample ${SYSCONFDIR}/privoxy/templates/edit-actions-for-url-filter
@owner
@group
+share/examples/privoxy/templates/edit-actions-for-url-string-filter
+@owner _privoxy
+@group _privoxy
+@sample ${SYSCONFDIR}/privoxy/templates/edit-actions-for-url-string-filter
+@owner
+@group
share/examples/privoxy/templates/edit-actions-list
@owner _privoxy
@group _privoxy