Change log for privoxy package in Ubuntu

privoxy (3.0.34-3ubuntu2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- William Grant <email address hidden>  Mon, 01 Apr 2024 18:15:19 +1100

Available diffs

• diff from 3.0.34-3ubuntu1 to 3.0.34-3ubuntu2 (336 bytes)

privoxy (3.0.34-3ubuntu1) noble; urgency=medium

  * debian/apparmor/usr.sbin.privoxy: attempt on fixing the denial on
    containers (LP: #2058866).

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Tue, 26 Mar 2024 17:16:43 +0100

Available diffs

• diff from 3.0.34-2 (in Debian) to 3.0.34-3ubuntu1 (5.2 KiB)
• diff from 3.0.34-3build1 to 3.0.34-3ubuntu1 (680 bytes)

privoxy (3.0.34-3build1) noble; urgency=medium

  * No-change rebuild against mbedtls t64.

 -- Matthias Klose <email address hidden>  Sun, 17 Mar 2024 18:19:17 +0100

Available diffs

• diff from 3.0.34-3 (in Debian) to 3.0.34-3build1 (337 bytes)

privoxy (3.0.34-3) unstable; urgency=medium

  * 35_pcre2-support: Update patch based on upstream GIT.
  * 36_pcre2-patternfix: Fix using anchored pattern in pcre2.

 -- Roland Rosenfeld <email address hidden>  Sun, 27 Aug 2023 16:20:57 +0200

privoxy (3.0.34-2) unstable; urgency=medium

  * Add ro debconf translation.  Thanks to Remus-Gabriel Chelu
    (Closes: #1033443).
  * 35_pcre2-support: Build with libpcre2-dev instead of obsolete pcre3
    (Closes: #999981).

 -- Roland Rosenfeld <email address hidden>  Fri, 30 Jun 2023 09:28:22 +0200

Available diffs

• diff from 3.0.34-1 to 3.0.34-2 (10.2 KiB)

privoxy (3.0.34-1) unstable; urgency=medium

  * New upstream version 3.0.34.
  * The following patches are now incorporated upstream: 35_gif_deanimate,
    36_pending_tls, 37_https_connect.

 -- Roland Rosenfeld <email address hidden>  Sun, 05 Feb 2023 10:41:26 +0100

Available diffs

• diff from 3.0.33-4 to 3.0.34-1 (76.0 KiB)

privoxy (3.0.33-4) unstable; urgency=medium

  * Add it debconf translation.  Thanks to Ceppo <email address hidden>
    (Closes: #1024071).
  * Update to Standards-Version 4.6.2 (no changes).
  * Remove lsb-base dependency, since it is essential.
  * 35_gif_deanimate: Tolerate multiple image extensions in a row.
  * 36_pending_tls: Check for pending TLS data from the client before
    checking if data is available on the connection.
  * 37_https_connect: Reject https URLs without CONNECT request.
  * d/maintscript: fix version numbers.

 -- Roland Rosenfeld <email address hidden>  Sat, 28 Jan 2023 15:46:54 +0100

Available diffs

• diff from 3.0.33-3 to 3.0.33-4 (3.3 KiB)

privoxy (3.0.28-2ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2021-44540.patch: fixed the  get_url_spec_param()
      by freeing memory of compiled pattern spec before bailing.
    - CVE-2021-44540
  * SECURITY UPDATE: XSS
    - debian/patches/CVE-2021-44543.patch: fixed the cgi_error_no_template()
      by encoding the template name.
    - CVE-2021-44543

 -- Amir Naseredini <email address hidden>  Mon, 23 Jan 2023 11:22:07 +0000

Available diffs

• diff from 3.0.28-2ubuntu0.1 to 3.0.28-2ubuntu0.2 (1.4 KiB)

privoxy (3.0.26-5ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2021-44540.patch: fixed the  get_url_spec_param()
      by freeing memory of compiled pattern spec before bailing.
    - CVE-2021-44540
  * SECURITY UPDATE: XSS
    - debian/patches/CVE-2021-44543.patch: fixed the cgi_error_no_template()
      by encoding the template name.
    - CVE-2021-44543

 -- Amir Naseredini <email address hidden>  Thu, 19 Jan 2023 11:16:20 +0000

Available diffs

• diff from 3.0.26-5ubuntu0.1 to 3.0.26-5ubuntu0.3 (1.5 KiB)
• diff from 3.0.26-5ubuntu0.2 to 3.0.26-5ubuntu0.3 (1.2 KiB)

privoxy (3.0.33-3) unstable; urgency=medium

  * d/tests/conditional-defines: ignore 32-bit time_t on 32bit systems.

 -- Roland Rosenfeld <email address hidden>  Sun, 25 Sep 2022 19:49:17 +0200

Available diffs

• diff from 3.0.33-1build1 (in Ubuntu) to 3.0.33-3 (3.7 KiB)

privoxy (3.0.33-1build1) jammy; urgency=medium

  * No-change rebuild against libmbedcrypto7

 -- Steve Langasek <email address hidden>  Fri, 18 Feb 2022 23:46:29 +0000

Available diffs

• diff from 3.0.33-1 (in Debian) to 3.0.33-1build1 (508 bytes)

privoxy (3.0.33-1) unstable; urgency=medium

  * New upstream version 3.0.33.
  * Adapt all patches to new version.
  * Remove pcre dir from copyright and debian/source/lintian-overrides.
  * Undo lintian override for bug 992465.

 -- Roland Rosenfeld <email address hidden>  Wed, 08 Dec 2021 16:29:31 +0100

Available diffs

• diff from 3.0.32-3 to 3.0.33-1 (373.0 KiB)

privoxy (3.0.32-3) unstable; urgency=medium

  * d/maintscript: Remove orphaned /etc/privoxy/(standard|global).action
    (Closes: #990157).
  * No longer "rm /etc/privoxy" on purge.
  * postrm: optimize ucf purge of /etc/privoxy/config*
  * Update to Standards-Version 4.6.0 (no changes).
  * Use "command -v" instead of deprecated "which" in postrm.
  * Override lintian bug 992465 (usr/lib/systemd outside /lib).
  * debian/control: update Build-Depends for cross builds.

 -- Roland Rosenfeld <email address hidden>  Fri, 27 Aug 2021 13:26:25 +0200

Available diffs

• diff from 3.0.32-2 to 3.0.32-3 (1.1 KiB)

privoxy (3.0.32-2) unstable; urgency=medium

  * Work around apparmor failure in testsuite (Closes: #986258).
  * apparmor: Allow multiple instances using /run/privoxy*.pid
  * README.Debian: add information about apparmor.

 -- Roland Rosenfeld <email address hidden>  Sat, 03 Apr 2021 11:17:39 +0200

Available diffs

• diff from 3.0.29-1 to 3.0.32-2 (180.7 KiB)
• diff from 3.0.32-1ubuntu1 (in Ubuntu) to 3.0.32-2 (1.6 KiB)

privoxy (3.0.32-1ubuntu1) hirsute; urgency=medium

  * debian/tests/privoxy-regression-test: disable the apparmor profile when
    testing the package.

 -- Brian Murray <email address hidden>  Thu, 01 Apr 2021 14:11:57 -0700

Available diffs

• diff from 3.0.32-1 (in Debian) to 3.0.32-1ubuntu1 (824 bytes)

privoxy (3.0.28-3ubuntu0.1) groovy-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/38_CVE-2021-20217.patch: Prevent an assertion by a
      crafted CGI request.
    - CVE-2021-20217
  * SECURITY UPDATE: Memory leak
    - debian/patches/40_CVE-2021-20216.patch: Fix a memory leak.
    - debian/patches/41_CVE-2020-35502.patch: Fixed memory leaks when a
      response is buffered and the buffer limit is reached or Privoxy is
      running out of memory.
    - debian/patches/42_CVE-2021-20209.patch: Fixed a memory leak in the
      show-status CGI handler when no action files are configured.
    - debian/patches/43_CVE-2021-20210.patch: Fixed a memory leak in the show-status
      CGI handler when no filter files are configured.
    - debian/patches/44_CVE-2021-20211.patch: Fixes a memory leak when client tags
      are active.
    - debian/patches/45_CVE-2021-20212.patch: Fixed a memory leak if multiple
      filters are executed and the last one is skipped due to a pcre error.
    - debian/patches/48_CVE-2021-20215.patch: Fixed memory leaks in the show-status
      CGI handler when memory allocations fail.
    - debian/patches/53_CVE-2021-20214.patch: Plug memory leaks.
    - CVE-2021-20216
    - CVE-2020-35502
    - CVE-2021-20209
    - CVE-2021-20210
    - CVE-2021-20211
    - CVE-2021-20212
    - CVE-2021-20215
    - CVE-2021-20214
  * SECURITY UPDATE: Denial of Service
    - debian/patches/46_CVE-2021-20213.patch: Prevent an unlikely dereference of a
      NULL-pointer that could result in a crash if accept-intercepted-requests
      was enabled.
    - debian/patches/49_CVE-2021-20272.patch: Remove an assertion that could be
      triggered with a crafted CGI request.
    - debian/patches/50_CVE-2021-20273.patch: Overrule invalid image types.
      Prevents a crash with a crafted CGI request if Privoxy is toggled off.
    - debian/patches/51_CVE-2021-20275.patch: Prevent invalid read of size two.
    - debian/patches/52_CVE-2021-20276.patch: Obsolete pcre: Prevent invalid memory
      accesses.
    - CVE-2021-20213
    - CVE-2021-20272
    - CVE-2021-20273
    - CVE-2021-20275
    - CVE-2021-20276
  * Fix detection of insufficient data: debian/patches/39_decompress_iob.patch

 -- Eduardo Barretto <email address hidden>  Thu, 18 Mar 2021 17:26:38 +0100

Available diffs

• diff from 3.0.28-3 (in Debian) to 3.0.28-3ubuntu0.1 (6.4 KiB)

privoxy (3.0.28-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/38_CVE-2021-20217.patch: Prevent an assertion by a
      crafted CGI request.
    - CVE-2021-20217
  * SECURITY UPDATE: Memory leak
    - debian/patches/40_CVE-2021-20216.patch: Fix a memory leak.
    - debian/patches/41_CVE-2020-35502.patch: Fixed memory leaks when a
      response is buffered and the buffer limit is reached or Privoxy is
      running out of memory.
    - debian/patches/42_CVE-2021-20209.patch: Fixed a memory leak in the
      show-status CGI handler when no action files are configured.
    - debian/patches/43_CVE-2021-20210.patch: Fixed a memory leak in the show-status
      CGI handler when no filter files are configured.
    - debian/patches/44_CVE-2021-20211.patch: Fixes a memory leak when client tags
      are active.
    - debian/patches/45_CVE-2021-20212.patch: Fixed a memory leak if multiple
      filters are executed and the last one is skipped due to a pcre error.
    - debian/patches/48_CVE-2021-20215.patch: Fixed memory leaks in the show-status
      CGI handler when memory allocations fail.
    - debian/patches/53_CVE-2021-20214.patch: Plug memory leaks.
    - CVE-2021-20216
    - CVE-2020-35502
    - CVE-2021-20209
    - CVE-2021-20210
    - CVE-2021-20211
    - CVE-2021-20212
    - CVE-2021-20215
    - CVE-2021-20214
  * SECURITY UPDATE: Denial of Service
    - debian/patches/46_CVE-2021-20213.patch: Prevent an unlikely dereference of a
      NULL-pointer that could result in a crash if accept-intercepted-requests
      was enabled.
    - debian/patches/49_CVE-2021-20272.patch: Remove an assertion that could be
      triggered with a crafted CGI request.
    - debian/patches/50_CVE-2021-20273.patch: Overrule invalid image types.
      Prevents a crash with a crafted CGI request if Privoxy is toggled off.
    - debian/patches/51_CVE-2021-20275.patch: Prevent invalid read of size two.
    - debian/patches/52_CVE-2021-20276.patch: Obsolete pcre: Prevent invalid memory
      accesses.
    - CVE-2021-20213
    - CVE-2021-20272
    - CVE-2021-20273
    - CVE-2021-20275
    - CVE-2021-20276
  * Fix detection of insufficient data: debian/patches/39_decompress_iob.patch

 -- Eduardo Barretto <email address hidden>  Thu, 18 Mar 2021 18:01:17 +0100

Available diffs

• diff from 3.0.28-2 (in Debian) to 3.0.28-2ubuntu0.1 (6.4 KiB)

privoxy (3.0.26-5ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/38_CVE-2021-20217.patch: Prevent an assertion by a
      crafted CGI request.
    - CVE-2021-20217
  * SECURITY UPDATE: Memory leak
    - debian/patches/40_CVE-2021-20216.patch: Fix a memory leak.
    - debian/patches/41_CVE-2020-35502.patch: Fixed memory leaks when a
      response is buffered and the buffer limit is reached or Privoxy is
      running out of memory.
    - debian/patches/42_CVE-2021-20209.patch: Fixed a memory leak in the
      show-status CGI handler when no action files are configured.
    - debian/patches/43_CVE-2021-20210.patch: Fixed a memory leak in the show-status
      CGI handler when no filter files are configured.
    - debian/patches/44_CVE-2021-20211.patch: Fixes a memory leak when client tags
      are active.
    - debian/patches/45_CVE-2021-20212.patch: Fixed a memory leak if multiple
      filters are executed and the last one is skipped due to a pcre error.
    - debian/patches/48_CVE-2021-20215.patch: Fixed memory leaks in the show-status
      CGI handler when memory allocations fail.
    - CVE-2021-20216
    - CVE-2020-35502
    - CVE-2021-20209
    - CVE-2021-20210
    - CVE-2021-20211
    - CVE-2021-20212
    - CVE-2021-20215
  * SECURITY UPDATE: Denial of Service
    - debian/patches/46_CVE-2021-20213.patch: Prevent an unlikely dereference of a
      NULL-pointer that could result in a crash if accept-intercepted-requests
      was enabled.
    - debian/patches/49_CVE-2021-20272.patch: Remove an assertion that could be
      triggered with a crafted CGI request.
    - debian/patches/50_CVE-2021-20273.patch: Overrule invalid image types.
      Prevents a crash with a crafted CGI request if Privoxy is toggled off.
    - debian/patches/51_CVE-2021-20275.patch: Prevent invalid read of size two.
    - debian/patches/52_CVE-2021-20276.patch: Obsolete pcre: Prevent invalid memory
      accesses.
    - CVE-2021-20213
    - CVE-2021-20272
    - CVE-2021-20273
    - CVE-2021-20275
    - CVE-2021-20276
  * Fix detection of insufficient data: debian/patches/39_decompress_iob.patch

 -- Eduardo Barretto <email address hidden>  Tue, 16 Mar 2021 15:51:43 +0100

Available diffs

• diff from 3.0.26-5 (in Debian) to 3.0.26-5ubuntu0.1 (6.0 KiB)

privoxy (3.0.24-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Buffer overflow
    - debian/patches/38_CVE-2021-20217.patch: Prevent an assertion by a
      crafted CGI request.
    - CVE-2021-20217
  * SECURITY UPDATE: Memory leak
    - debian/patches/40_CVE-2021-20216.patch: Fix a memory leak.
    - debian/patches/41_CVE-2020-35502.patch: Fixed memory leaks when a
      response is buffered and the buffer limit is reached or Privoxy is
      running out of memory.
    - debian/patches/42_CVE-2021-20209.patch: Fixed a memory leak in the
      show-status CGI handler when no action files are configured.
    - debian/patches/43_CVE-2021-20210.patch: Fixed a memory leak in the show-status
      CGI handler when no filter files are configured.
    - debian/patches/45_CVE-2021-20212.patch: Fixed a memory leak if multiple
      filters are executed and the last one is skipped due to a pcre error.
    - debian/patches/48_CVE-2021-20215.patch: Fixed memory leaks in the show-status
      CGI handler when memory allocations fail.
    - CVE-2021-20216
    - CVE-2020-35502
    - CVE-2021-20209
    - CVE-2021-20210
    - CVE-2021-20212
    - CVE-2021-20215
  * SECURITY UPDATE: Denial of Service
    - debian/patches/46_CVE-2021-20213.patch: Prevent an unlikely dereference of a
      NULL-pointer that could result in a crash if accept-intercepted-requests
      was enabled.
    - debian/patches/49_CVE-2021-20272.patch: Remove an assertion that could be
      triggered with a crafted CGI request.
    - debian/patches/50_CVE-2021-20273.patch: Overrule invalid image types.
      Prevents a crash with a crafted CGI request if Privoxy is toggled off.
    - debian/patches/51_CVE-2021-20275.patch: Prevent invalid read of size two.
    - debian/patches/52_CVE-2021-20276.patch: Obsolete pcre: Prevent invalid memory
      accesses.
    - CVE-2021-20213
    - CVE-2021-20272
    - CVE-2021-20273
    - CVE-2021-20275
    - CVE-2021-20276
  * Fix detection of insufficient data: debian/patches/39_decompress_iob.patch

 -- Eduardo Barretto <email address hidden>  Wed, 17 Mar 2021 17:28:00 +0100

Available diffs

• diff from 3.0.24-1 (in Debian) to 3.0.24-1ubuntu0.1 (5.8 KiB)

privoxy (3.0.32-1) unstable; urgency=medium

  * New upstream release 3.0.32.
  * Adapt all patches to new version.

 -- Roland Rosenfeld <email address hidden>  Thu, 25 Feb 2021 22:18:54 +0100

Available diffs

• diff from 3.0.31-1 to 3.0.32-1 (47.1 KiB)

privoxy (3.0.31-1) unstable; urgency=medium

  * New upstream release 3.0.31.
  * Support nodoc build option.

 -- Roland Rosenfeld <email address hidden>  Sat, 30 Jan 2021 21:40:46 +0100

Available diffs

• diff from 3.0.30-1 to 3.0.31-1 (9.2 KiB)

privoxy (3.0.30-1) unstable; urgency=medium

  * New upstream release 3.0.30.
  * Update all patches to new version.
  * 15_mansection8, 35_man-spelling, 39_show-status and 40_redirect-ssl
    are now incorporated upstream.
  * Optimize debian/rules clean to restore pristine state.

 -- Roland Rosenfeld <email address hidden>  Thu, 28 Jan 2021 22:00:05 +0100

Available diffs

• diff from 3.0.29-2 to 3.0.30-1 (174.4 KiB)

privoxy (3.0.29-2) unstable; urgency=medium

  * Use --enable-extended-statistics and --enable-pcre-host-patterns.
  * 39_show-status: Add new features to show-status page.
  * Remove 38_SOURCE_DATE_EPOCH, since upstream honors it when set.
  * Upgrade to Standards-Version 4.5.1 (no changes).
  * 40_redirect-ssl: Check the actual URL when https inspecting requests.
  * Add apparmor profile usr.sbin.privoxy.

 -- Roland Rosenfeld <email address hidden>  Sun, 17 Jan 2021 13:10:33 +0100

Available diffs

• diff from 3.0.29-1 to 3.0.29-2 (3.5 KiB)

privoxy (3.0.29-1) unstable; urgency=medium

  * New upstream release 3.0.29.
  * Update all patches to new version.
  * 36_trusted-cgi-referer-example and 37_ppedit-tests403 are now
    incorporated upstream.
  * d/copyright: Update to new upstream version.
  * d/copyright: use ./ prefix to upstream filenames, because orig.tar.gz
    is build with a ./ prefix.
  * Upgrade to debhelper v13.
  * Rebuild privoxy-man-page.html.
  * 38_SOURCE_DATE_EPOCH: Remove hardcoded SOURCE_DATE_EPOCH from
    configure.in but use the date from debian/changelog.
  * Remove 05_defaut_action since this is no longer needed.
  * Tag all patches with Forwarded header.
  * debian/watch: Cleanup and update to version 4.
  * Compile --with-mbedtls to allow https-inspection.
  * Adapt TLS/SSL settings to Debian FHS.
  * Generate dirs with correct permissions for https-inspection.
  * Delete https-inspection certs on purge.
  * Expire https-inspection certs after 90 days.
  * Compile --with-brotli to enable support for brotli decompression.

 -- Roland Rosenfeld <email address hidden>  Sun, 29 Nov 2020 14:22:27 +0100

Available diffs

• diff from 3.0.28-3 to 3.0.29-1 (236.0 KiB)

privoxy (3.0.28-3) unstable; urgency=medium

  * Add buildlog to salsa-ci test pipeline.
  * d/salsa-ci.yml stripped down using pipline-jobs.yml
  * Build-depend on debhelper-compat (= 12) instead of using d/compat.
  * Upgrade to Standards-Version 4.5.0 (no changes).
  * Add upstream metadata.
  * privoxy.service: run After=network-online.target, this fixes
    LP#1870101.

 -- Roland Rosenfeld <email address hidden>  Thu, 02 Apr 2020 18:04:44 +0200

Available diffs

• diff from 3.0.28-2 to 3.0.28-3 (1.5 KiB)

privoxy (3.0.28-2) unstable; urgency=medium

  * d/tests/privoxy-regression-test: Remove tmpdir on exit.
  * 36_trusted-cgi-referer-example: Comment trusted-cgi-referer pointing
    to example.org
  * d/maintscript: Remove orphaned /etc/privoxy/templates/show-version
    (Closes: #918110).
  * 37_ppedit-tests403: Update a bunch of regression tests that have to
    expect status code 403 now.
  * Enable enable-edit-actions in privoxy-regression-test again.
  * Upgrade to debhelper v12.
  * Update (minimal) upstream signing key.
  * Add Pre-Depends: ${misc:Pre-Depends} for --skip-systemd-native.

 -- Roland Rosenfeld <email address hidden>  Sun, 06 Jan 2019 13:07:14 +0100

Available diffs

• diff from 3.0.28-1 to 3.0.28-2 (5.2 KiB)

privoxy (3.0.28-1) unstable; urgency=medium

  [ Roland Rosenfeld ]
  * Add es debconf translation.  Thanks to Jonathan Bustillos (Closes: #903863).
  * 38_connection_close: Don't add a "Connection" header for CONNECT requests.

  [ Ondřej Nový ]
  * d/tests: Use AUTOPKGTEST_TMP instead of ADTTMP
  * d/watch: Use https protocol

  [ Roland Rosenfeld ]
  * d/tests: Fix leftover ADTTMP.
  * Add salsa CI pipeline in debian/gitlab-ci.yml.
  * New upstream version 3.0.28.
  * Adapt all patches to new version (06_8bit_manual is implemented in a
    better way upstream now, 36_openspopenjade is replaced by some
    autoconf code, 37_adventofcode and 38_connection_close are included
    upstream).
  * Update debian/copyright.
  * Upgrade to Standards-Version 4.3.0 (Declare Rules-Requires-Root: no).
  * Move PID file from /var/run to /run.
  * Undo voodoo to remove CVS tags from configs since upstream uses git
    now.
  * Disable enable-edit-actions in privoxy-regression-test, since the test
    seems to be broken (does not use referrer, which is required here).

 -- Roland Rosenfeld <email address hidden>  Mon, 31 Dec 2018 16:52:27 +0100

Available diffs

• diff from 3.0.26-6 to 3.0.28-1 (499.7 KiB)

privoxy (3.0.21-7+deb8u1build0.14.04.1) trusty-security; urgency=medium

  * fake sync from Debian

Available diffs

• diff from 3.0.21-2 (in Debian) to 3.0.21-7+deb8u1build0.14.04.1 (5.6 KiB)

privoxy (3.0.26-6) unstable; urgency=medium

  * Fix typo in patch description.
  * postinst: avoid using chown -R.
  * Move source.lintian-overrides to soure/lintian-overrides.
  * Add Vcs-headers pointing to salsa.
  * Upgrade to Standards-Version 4.1.4 (no changes).

 -- Roland Rosenfeld <email address hidden>  Sun, 29 Apr 2018 11:57:47 +0200

Available diffs

• diff from 3.0.26-5 to 3.0.26-6 (1.1 KiB)

privoxy (3.0.26-5) unstable; urgency=medium

  * Add ru debconf translation.  Thanks to Lev Lamberov (Closes: #883110).
  * Optimize patches for gbp pq.
  * Upgrade to Standards-Version 4.1.3 (no changes).
  * Upgrade to debhelper v11 (remove systemd from dh call).

 -- Roland Rosenfeld <email address hidden>  Sat, 20 Jan 2018 12:49:42 +0100

Available diffs

• diff from 3.0.26-4 to 3.0.26-5 (3.4 KiB)

privoxy (3.0.26-4) unstable; urgency=medium

  * Add pt debconf translation.  Thanks to Rui Branco (Closes: #858743).
  * Add description top 36_openspopenjade.patch.
  * Upgrade to debhelper v10 and remove dh-systemd build dependency.
  * debhelper v10 replaces autotools-dev.
  * Remove Testsuite header, since this is automatically added.
  * Upgrade to Standards-Version 4.1.1
    - change copyrights-format to https.

 -- Roland Rosenfeld <email address hidden>  Wed, 01 Nov 2017 10:45:49 +0100

Available diffs

• diff from 3.0.26-3 to 3.0.26-4 (2.0 KiB)

privoxy (3.0.26-3) unstable; urgency=medium

  * Add da debconf translation.  Thanks to Joe Dalton (Closes: #850876).
  * 37_adventofcode: unlock adventofcode.com (Closes: #848211).

 -- Roland Rosenfeld <email address hidden>  Wed, 11 Jan 2017 22:24:55 +0100

Available diffs

• diff from 3.0.26-2 to 3.0.26-3 (1.3 KiB)

privoxy (3.0.26-2) unstable; urgency=medium

  * Add db_stop to postinst, since upgrade fails otherwise in some
    situations (Closes: #835409).
  * Replace sp and jade with opensp and openjade.  Thanks to Neil Roeth
    for providing a patch (Closes: #837207).

 -- Roland Rosenfeld <email address hidden>  Sat, 10 Sep 2016 08:48:35 +0200

Available diffs

• diff from 3.0.25-2 to 3.0.26-2 (330.0 KiB)

privoxy (3.0.25-2) unstable; urgency=medium

  * Add pt_BR debconf translation.  Thanks to Adriano Rafael Gomes
    (Closes: #827327).
  * Symlink p_doc.css to user-manual.
  * Install regression-tests.action.
  * Enable autopkgtest and run privoxy-regression-test.pl.
  * Install privoxy-regression-test and man page to binary package.
  * Updated debian/copyright to catch all copyright variants.
  * Remove outdated stuff from README.Debian.
  * 36_listen-nohost: Fix crashes with "listen-addr :8118" (Closes: #834941).

 -- Roland Rosenfeld <email address hidden>  Tue, 23 Aug 2016 09:27:34 +0200

Available diffs

• diff from 3.0.25-1 to 3.0.25-2 (5.1 KiB)

privoxy (3.0.25-1) unstable; urgency=medium

  * New upstream version 3.0.25 (beta).
  * Adapt all patches to new upstream version.
  * Update debian/copyright to new privoxy home.
  * Add sv debconf translation.  Thanks to Jonatan Nyberg (Closes: #824913).
  * Add fr debconf translation.  Thanks to Steve Petruzzello (Closes: #825478).
  * Add nl debconf translation.  Thanks to Frans Spiesschaert (Closes: #825691).
  * privoxy.service: Run after network.target (Closes: #825358).

 -- Roland Rosenfeld <email address hidden>  Sat, 28 May 2016 23:13:56 +0200

Available diffs

• diff from 3.0.24-2 to 3.0.25-1 (112.9 KiB)

privoxy (3.0.24-2) unstable; urgency=medium

  * Upgrade Standards-Version to 3.9.8 (no changes).
  * Add -p to QUILT_DIFF_OPTS.
  * Add Documentation key to privoxy.service.
  * 35_man-spelling: Fix spelling error in privoxy-log-parser(1).
  * Add debconf and ucf support to make listen-address configurable.
    Thanks to James Valleroy for providing the code (Closes: #798219).
  * Remove 28_listen_localhost, but listen on 127.0.0.1:8118 and
    [::1]:8118 by default, since otherwise privoxy listens only on IPv6
    (Closes: #518010, #557443).
  * Change several URLs from http to https.

 -- Roland Rosenfeld <email address hidden>  Sun, 01 May 2016 14:21:22 +0200

Available diffs

• diff from 3.0.24-1 to 3.0.24-2 (7.4 KiB)

privoxy (3.0.21-7+deb8u1build0.15.04.1) vivid-security; urgency=medium

  * fake sync from Debian

Available diffs

• diff from 3.0.21-7 (in Debian) to 3.0.21-7+deb8u1build0.15.04.1 (1.8 KiB)

privoxy (3.0.24-1) unstable; urgency=medium

  * New upstream version 3.0.24.
  * This fixes CVE-2016-1982 and CVE-2016-1983.
  * Adapt all patches to new upstream version.

 -- Roland Rosenfeld <email address hidden>  Fri, 22 Jan 2016 16:08:05 +0100

Available diffs

• diff from 3.0.23-5 to 3.0.24-1 (38.8 KiB)

privoxy (3.0.23-5) unstable; urgency=medium

  * Remove /lib/init/vars.sh from init script since it is no longer used.
    As a consequence remove initscripts dependency (Closes: #804961).
  * --enable-external-filters (Closes: #805296).

 -- Roland Rosenfeld <email address hidden>  Mon, 16 Nov 2015 21:05:41 +0100

Available diffs

• diff from 3.0.23-4 to 3.0.23-5 (836 bytes)

privoxy (3.0.23-4) unstable; urgency=medium

  * Add rotate option to init.d script.
  * Change logrotate to use rotate option (Closes: #783399).
  * privoxy.service: define SuccessExitStatus=15.
  * Set locales to C.UTF-8 for doc generation to make build reproducible.
  * Run wrap-and-sort.
  * 34_system-docbook2man: Use Debian docbook2man-spec.pl (from
    docbook-utils) instead of local copy, to make package reproducible.
  * Stop runing "make man2html", since this overrides "make man", which
    should work reproducible.

 -- Roland Rosenfeld <email address hidden>  Sat, 19 Sep 2015 15:05:41 +0200

Available diffs

• diff from 3.0.23-3 to 3.0.23-4 (2.6 KiB)

privoxy (3.0.23-3) unstable; urgency=medium


  * Since there are no new bugs found, this goes to unstable now.
  * Depend on perl-base instead of full perl.

 -- Roland Rosenfeld <email address hidden>  Sun, 26 Apr 2015 11:01:08 +0200

Available diffs

• diff from 3.0.21-7 to 3.0.23-3 (162.8 KiB)

privoxy (3.0.21-7) unstable; urgency=medium


  * 37_CVE-2015-1380: denial of service.
  * 38_CVE-2015-1381: multiple segmentation faults and memory leaks in the
    pcrs code.
  * 39_CVE-2015-1382: invalid read.
  * These 3 patches Closes: #776490.

 -- Roland Rosenfeld <email address hidden>  Wed, 28 Jan 2015 19:46:42 +0100

Available diffs

• diff from 3.0.21-5 to 3.0.21-7 (2.7 KiB)

privoxy (3.0.21-5) unstable; urgency=low


  * 34_CVE-2015-1030: Fix memory leak in rfc2553_connect_to().  CID 66382
  * 35_CVE-2015-1031-CID66394: unmap(): Prevent use-after-free if the map 
    only consists of one item.  CID 66394.
  * 36_CVE-2015-1031-CID66376: pcrs_execute(): Consistently set *result to
    NULL in case of errors.  Should make use-after-free in the caller less
    likely.  CID 66391, CID 66376.
  * These 3 patches Closes: #775167.
  
 -- Roland Rosenfeld <email address hidden>  Mon, 12 Jan 2015 08:44:23 +0100

Available diffs

• diff from 3.0.21-4 to 3.0.21-5 (1.7 KiB)

privoxy (3.0.21-4) unstable; urgency=low


  * Enable hardening=+all
  * Hardcode PIDFile in privoxy.service, since this isn't allowed as
    variable (Closes: #746262).

 -- Roland Rosenfeld <email address hidden>  Sat, 10 May 2014 14:19:03 +0200

Available diffs

• diff from 3.0.21-3 to 3.0.21-4 (662 bytes)

privoxy (3.0.21-3) unstable; urgency=low


  * When starting via systemd, do not run daemon as root, and honour log
    file configuration. Thanks to Carlos Maddela for providing a patch
    (Closes: #745274)

 -- Roland Rosenfeld <email address hidden>  Mon, 21 Apr 2014 17:24:01 +0200

Available diffs

• diff from 3.0.21-2 to 3.0.21-3 (683 bytes)

privoxy (3.0.21-2) unstable; urgency=low


  * Use autotools-dev for arm64 compatibility (Closes: #727948).
  * Depend on initscripts >= 2.87dsf-8, (Closes: #564563).
  * Add systemd support (Thanks to Michael Stapelberg) (Closes: #639635).
  * Upgrade to Standards-Version 3.9.5 (no changes).

 -- Roland Rosenfeld <email address hidden>  Sat, 12 Apr 2014 12:54:58 +0200

Available diffs

• diff from 3.0.21-1 to 3.0.21-2 (1.2 KiB)

privoxy (3.0.21-1) unstable; urgency=low


  * New upstream version 3.0.21-stable.
  * This fixes CVE-2013-2503 (Closes: #702896).
  * Update all patches.
  * Upgrade to Standards-Version 3.9.4 (no changes).

 -- Roland Rosenfeld <email address hidden>  Fri, 05 Jul 2013 14:46:54 +0200

Available diffs

• diff from 3.0.20-1 to 3.0.21-1 (90.3 KiB)

privoxy (3.0.20-1) unstable; urgency=low


  * New upstream version 3.0.20-beta.
  * Update all patches.
  * Remove 29_typos, which is incorporated upstream now.
  * 33_manpage_hyphen: Replace all -- in man page by \-\- to make lintian
    happy.

 -- Roland Rosenfeld <email address hidden>  Thu, 24 Jan 2013 17:40:51 +0100

Available diffs

• diff from 3.0.19-2 to 3.0.20-1 (281.6 KiB)

privoxy (3.0.19-2) unstable; urgency=low


  * Migrate from dpatch to 3.0 (quilt) format.
  * Reformat all patches.
  * Change build depenency from dpatch to debhelper (>= 9).
  * Change debian/compat to "9".
  * Complete rewrite of debian/rules.
  * Now uses hardening via debhelper.
  * Remove README.source.
  * Update to Standards-Version 3.9.3 (no changes).

 -- Roland Rosenfeld <email address hidden>  Fri, 18 May 2012 21:24:55 +0200

Available diffs

• diff from 3.0.19-1 to 3.0.19-2 (7.6 KiB)

privoxy (3.0.19-1) unstable; urgency=low


  * New upstream version 3.0.19-stable.
  * Adapt all patches to new version.

 -- Roland Rosenfeld <email address hidden>  Tue, 27 Dec 2011 11:19:53 +0100

Available diffs

• diff from 3.0.18-1 (in Ubuntu) to 3.0.19-1 (26.4 KiB)

privoxy (3.0.18-1) unstable; urgency=low

  * New upstream version 3.0.18-stable.
  * Adapt all patches to new version.
  * Add build-targets build-arch and build-indep.
  * Upgrade to Standards-Version 3.9.2 (no changes).
  * 29_typo: most old typos are fixed now, but lintian found new ones.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  05 Dec 2011 11:03:32 +0000

Available diffs

• diff from 3.0.17-1 to 3.0.18-1 (591.9 KiB)

privoxy (3.0.17-1) unstable; urgency=low

  * New upstream version 3.0.17-stable (Closes: #611016).
  * Adapt all patches to the new version.
  * Add debian/source/format (1.0).
  * 29_typos: fix spelling of resource in privoxy-log-parser(1) man page.
  * Upgrade to Standards-Version 3.9.1 (no changes).
  * Add $named to Required-Start/Stop in init script. Thanks to Nikolaus
    Schulz <email address hidden> (Closes: #539405, #582710)
  * Install /etc/privoxy/user.filter
 -- Micah Gersten <email address hidden>   Tue,  22 Mar 2011 11:01:19 +0000

Available diffs

• diff from 3.0.16-1 to 3.0.17-1 (76.3 KiB)

privoxy (3.0.16-1) unstable; urgency=low

  * New upstream version 3.0.16-stable.
  * Adapt all patches to the new version.
  * 30_localhost_fixup: removed, since this should no longer be necessary.
  * 31_handle-as-empty-doc-returns-ok: now included upstream.
  * 32_bind_fixup: Work around bind problems on startup (Closes: #534735).
 -- Ubuntu Archive Auto-Sync <email address hidden>   Wed,  19 May 2010 09:21:01 +0100

Available diffs

• diff from 3.0.15-3 to 3.0.16-1 (68.3 KiB)

privoxy (3.0.15-3) unstable; urgency=low

  * Add Build-Dependency on docbook because docbook-xml which may be
    chained via docbook-dsssl as an alternative to docbook may not be
    enough on a unclean build environment. This should now also build on
    the mips buildd.
  * 31_handle-as-empty-doc-returns-ok: Patch from SourceForge that work2
    around Firefox bug to wait forever if proxy returns a failure status
    code in response to the CONNECT (Closes: #561126).

Available diffs

• diff from 3.0.13-1 to 3.0.15-3 (108.8 KiB)

privoxy (3.0.13-1) unstable; urgency=low

  * New upstream version 3.0.13-beta.
  * Adapted all patches to the new upstream version.
  * Removed 03_ipv6, because IPv6 is now supported upstream.
  * Upgrade to Standards-Version 3.8.1 (no changes)
  * Fix matcha-all.action typo in debian/postinst (Closes: #534270).

 -- Charlie_Smotherman (porthose) <email address hidden>   Mon,  06 Jul 2009 18:46:55 +0100

Available diffs

• diff from 3.0.12-2 to 3.0.13-1 (241.1 KiB)

privoxy (3.0.12-2) unstable; urgency=low

  * 03_ipv6: Use s6_addr instead of in6_u, which is not portable.

Available diffs

• diff from 3.0.9-1 to 3.0.12-2 (413.8 KiB)

privoxy (3.0.9-1) unstable; urgency=low

  * New upstream version 3.0.9-beta.
  * Upgrade all patches to new version:
    - 20_makefile_fixup included upstream.
  * The new version doesn't support PDF documentation any more, so remove
    it from the Debian package.
    -> Stop Build-Depending on htmldoc.
  * The new version doesn't support text/plain documentation any more, so
    remove it from the Debian package.
  * Upgrade to Standards-Version 3.8.0 (no changes)
  * Move documentation from doc-base section Apps/Net to Network/Web Browsing.
  * chown user:group instead of user.group in postinst to be more compatible.
  * 05_defaut_action: unblock qa.debian.org/popcon.php (Closes: #479525).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Wed,  05 Nov 2008 10:46:11 +0000

Available diffs

• diff from 3.0.8-1 to 3.0.9-1 (617.0 KiB)

privoxy (3.0.8-1) unstable; urgency=low

  * New upstream release 3.0.8-stable.
  * Upgrade all patches to new version.

privoxy (3.0.7-1) unstable; urgency=low

  * New upstream version 3.0.7-beta.
  * Adapt all patches to new version.
  * Enable new zlib feature (Closes: #368448):
    - build-depend on zlib1g-dev
    - disable prevent-compression in 25_standard_medium.dpatch
  * Remove 28_pcre_returncode.dpatch, which is now applied upstream.
  * Remove 23_fix_faq_id.dpatch, which is now applied upstream.
  * Fix Homepage header in control file.
  * 05_defaut_action: disable filter{js-annoyances} for
    http://www.memo.de/ (Closes: #441256).
  * Update debian/watch file based on an idea of Raphael Geissert.
    (Closes: #449643)

 -- Ubuntu Archive Auto-Sync <email address hidden>   Wed,  12 Dec 2007 09:53:37 +0000

privoxy (3.0.6-4) unstable; urgency=low

  * Set "enable-remote-http-toggle 0" by default because otherwise
    requests may be able to bypass filtering by setting "X-Filter: No"
    headers using some strange javascript code.
  * Disable default logging of every GET/POST/CONNECT request to protect
    your privacy a bit more.
  * 05_defaut_action: Stop blocking Andorra ccTLD (.ad) (Closes: #445461).
  * Run make clean/distclean only if GNUmakefile exists in debian/rules.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  23 Oct 2007 18:25:55 +0100

privoxy (3.0.6-3) unstable; urgency=low

  * According to http://wiki.debian.org/AccountHandlingInMaintainerScripts
    removing system users in postrm isn't a good idea. So the removal of
    user privoxy in postrm was disabled and deluser/adduser of existing
    user in postinst was also removed. This should avoid problems with
    purging privoxy if passwd package isn't intalled (Closes: #417015).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  21 May 2007 09:36:13 +0100

privoxy (3.0.6-2) unstable; urgency=medium

  * 28_pcre_returncode: Don't crash if pcre returns an error code that
    pcrs didn't expect (Closes: #404284).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Fri,  27 Apr 2007 01:09:53 +0100

privoxy (3.0.6-1~edgy1) edgy-backports; urgency=low

  * Automated backport upload; no source changes.

privoxy (3.0.6-1) unstable; urgency=low

  * New upstream release 3.0.6.
    - remove 28_usermanual_slash.dpatch, which is already included
      upstream now.
  * README.Debian: mention that privoxy has to be used as HTTP proxy to
    access http://p.p/ URLs (Closes: #398162).

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  28 Nov 2006 08:53:11 +0000

privoxy (3.0.5-beta-3) unstable; urgency=medium

  * Disable the IPv6 patch, because this is seems to have too many bugs
    for a release right now.  
    - This reopens #179461.
    - This solves the problem, that "listen-address :8118" listens on
      localhost only (Closes: #391600).
    - This solves the problem, that regex pattern at front of hostname
      is ignored (Closes: #393605). 
  * Use /usr/share/dpatch/dpatch.make in debian/rules instead of adding
    the content by hand.
  * Extended version of 26_edit_only_writable.dpatch by Fabian Keil.  Now
    shows a message, that the file is write protected.  See SF#1564026.

privoxy (3.0.3-2-1) unstable; urgency=low

  * New upstream version 3.0.3-2.
  * Add debian/watch file.
  * Remove parts of 13_memory.dpatch, which seem to be free too much
    memory (Closes: #353110, #354611).

privoxy (3.0.3-5) unstable; urgency=low


  * Redirect output of restart script in logrotate to /dev/null
    (Closes: #314868).
  * Upgrade to Standards-Version 3.6.2:
    - Recommends: doc-base
  * Build-Depends on autotools-dev and copy config.guess and config.sub
    from there on every build (Closes: #332767).
  * After dechunking remove the "chunked"-header instead of replacing it
    by an d"identity" header. Thanks to Michael Shields for reporting this
    (Closes: #318683).
  * Update address of FSF in copyright file.

 -- Roland Rosenfeld <email address hidden>  Sun,  9 Oct 2005 13:44:55 +0200

privoxy (3.0.3-4ubuntu2) breezy; urgency=low


  * logrotate: output to /dev/null
    * Thanks to David Mandelberg for the patch

 -- Barry deFreese <email address hidden>  Mon, 10 Oct 2005 21:55:10 -0400

privoxy (3.0.3-3) unstable; urgency=low


  * Now really remove multiproxy.org from all documentation, not only from
    the config file (Closes: #198953). 

 -- Roland Rosenfeld <email address hidden>  Sun, 15 Feb 2004 23:11:29 +0100