*** Version 3.0.18 Stable ***
- Bug fixes:
+ - If the redirect URL contains characters RFC 3986 doesn't permit,
+ they are (re)encoded. Not doing this makes Privoxy versions from
+ 3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
+ attacks if the +fast-redirects{check-decoded-url} action is used.
- Fix a logic bug that could cause Privoxy to reuse a server
socket after it got tainted by a server-header-tagger-induced
block that was triggered before the whole server response had
This file belongs into
ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
- $Id: user-manual.sgml,v 2.139 2011/11/18 16:49:29 fabiankeil Exp $
+ $Id: user-manual.sgml,v 2.140 2011/11/19 15:18:02 fabiankeil Exp $
Copyright (C) 2001-2011 Privoxy Developers http://www.privoxy.org/
See LICENSE.
</subscript>
</pubdate>
-<pubdate>$Id: user-manual.sgml,v 2.139 2011/11/18 16:49:29 fabiankeil Exp $</pubdate>
+<pubdate>$Id: user-manual.sgml,v 2.140 2011/11/19 15:18:02 fabiankeil Exp $</pubdate>
<!--
<para>
Bug fixes:
<itemizedlist>
+ <listitem>
+ <para>
+ If the redirect URL contains characters RFC 3986 doesn't permit,
+ they are (re)encoded. Not doing this makes Privoxy versions from
+ 3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
+ attacks if the +fast-redirects{check-decoded-url} action is used.
+ </para>
+ </listitem>
<listitem>
<para>
Fix a logic bug that could cause Privoxy to reuse a server
USA
$Log: user-manual.sgml,v $
+ Revision 2.140 2011/11/19 15:18:02 fabiankeil
+ Update ChangeLog
+
Revision 2.139 2011/11/18 16:49:29 fabiankeil
Update ChangeLog
<p>Bug fixes:</p>
<ul>
+ <li>
+ <p>If the redirect URL contains characters RFC 3986 doesn't
+ permit, they are (re)encoded. Not doing this makes Privoxy
+ versions from 3.0.5 to 3.0.17 susceptible to HTTP response
+ splitting (CWE-113) attacks if the
+ +fast-redirects{check-decoded-url} action is used.</p>
+ </li>
+
<li>
<p>Fix a logic bug that could cause Privoxy to reuse a server
socket after it got tainted by a server-header-tagger-induced