Subject: CVS commit: pkgsrc/www/privoxy
From: Matthias Drochner
Date: 2011-12-07 17:13:51
Message id: 20111207161351.EF1A5175DD@cvs.netbsd.org
Log Message:
update to 3.0.18
many fixes and improvements - see the ChangeLog file
one marked as security relevant:
If the redirect URL contains characters RFC 3986 doesn't permit,
they are (re)encoded. Not doing this makes Privoxy versions from
3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
attacks if the +fast-redirects{check-decoded-url} action is used.
Files:
RevisionActionfile
1.45modifypkgsrc/www/privoxy/Makefile
1.18modifypkgsrc/www/privoxy/distinfo
1.8modifypkgsrc/www/privoxy/patches/patch-ab
1.2modifypkgsrc/www/privoxy/patches/patch-ac