ports/163634: [MAINTAINER-UPDATE] from www/privoxy 3.0.18 to 3.0.19

Fabian Keil fk at fabiankeil.de
Mon Dec 26 20:50:14 UTC 2011 

>Number:         163634
>Category:       ports
>Synopsis:       [MAINTAINER-UPDATE] from www/privoxy 3.0.18 to 3.0.19
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 26 20:50:13 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Fabian Keil
>Release:        HEAD
>Organization:
>Environment:
FreeBSD r500.local 10.0-CURRENT FreeBSD 10.0-CURRENT #386: Sat Dec 24 13:19:40 CET 2011     fk at r500.local:/usr/obj/usr/src/sys/ZOEY  amd64
>Description:
The attached patch updates www/privoxy from 3.0.18 to 3.0.19.

The announcement is available at:
http://www.privoxy.org/announce.txt

Quoting the important part:
#####
- Bug fixes:
  - Prevent a segmentation fault when de-chunking buffered content.
    It could be triggered by malicious web servers if Privoxy was
    configured to filter the content and running on a platform
    where SIZE_T_MAX isn't larger than UINT_MAX, which probably
    includes most 32-bit systems. On those platforms, all Privoxy
    versions before 3.0.19 appear to be affected.
    To be on the safe side, this bug should be presumed to allow
    code execution as proving that it doesn't seems unrealistic.
  - Do not expect a response from the SOCKS4/4A server until it
    got something to respond to. This regression was introduced
    in 3.0.18 and prevented the SOCKS4/4A negotiation from working.
    Reported by qqqqqw in #3459781.
######

>How-To-Repeat:

>Fix:


Patch attached with submission follows:

diff -ruN .zfs/snapshot/2011-12-25/www/privoxy/Makefile www/privoxy/Makefile
--- .zfs/snapshot/2011-12-25/www/privoxy/Makefile	2011-11-28 15:51:56.522890199 +0100
+++ www/privoxy/Makefile	2011-12-26 19:59:34.702548380 +0100
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	privoxy
-PORTVERSION=	3.0.18
+PORTVERSION=	3.0.19
 CATEGORIES=	www ipv6
 MASTER_SITES=	SF/ijbswa/Sources/${PORTVERSION}%20%28stable%29
 DISTNAME=	privoxy-${PORTVERSION}-stable-src
diff -ruN .zfs/snapshot/2011-12-25/www/privoxy/distinfo www/privoxy/distinfo
--- .zfs/snapshot/2011-12-25/www/privoxy/distinfo	2011-11-20 14:10:52.963476223 +0100
+++ www/privoxy/distinfo	2011-12-26 20:00:15.987546054 +0100
@@ -1,2 +1,2 @@
-SHA256 (privoxy-3.0.18-stable-src.tar.gz) = 81203c60d7862a531cc0438d740abc66a07d9c91a2df24357b36ba38d3104e27
-SIZE (privoxy-3.0.18-stable-src.tar.gz) = 1720020
+SHA256 (privoxy-3.0.19-stable-src.tar.gz) = 816e627b31caa3d9e71d0a8b83ac9ea7dcbeaaafef3c9a9c792696aa56255232
+SIZE (privoxy-3.0.19-stable-src.tar.gz) = 1722316


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list