From: Fabian Keil Date: Sat, 30 Jan 2021 16:46:55 +0000 (+0100) Subject: Update announcement for Privoxy 3.0.31 stable X-Git-Tag: v_3_0_31~3 X-Git-Url: http://www.privoxy.org/gitweb/user-manual/quickstart.html?a=commitdiff_plain;h=f1863beb4049af34709fda1019e81bcb906c1610;p=privoxy.git Update announcement for Privoxy 3.0.31 stable --- diff --git a/doc/webserver/announce.txt b/doc/webserver/announce.txt index 21908e1b..3eb98eb6 100644 --- a/doc/webserver/announce.txt +++ b/doc/webserver/announce.txt @@ -1,8 +1,24 @@ - Announcing Privoxy 3.0.30 stable + Announcing Privoxy 3.0.31 stable -------------------------------------------------------------------- -Privoxy 3.0.30 stable fixes a couple of bugs and introduces -a few new features. +Privoxy 3.0.31 fixes two security issues that were discovered while +preparing the 3.0.30 release. The issues also affect earlier Privoxy +releases. + +-------------------------------------------------------------------- +ChangeLog for Privoxy 3.0.31 +-------------------------------------------------------------------- +- Security/Reliability: + - Prevent an assertion from getting triggered by a crafted CGI request. + Commit 5bba5b89193fa. OVE-20210130-0001. + Reported by: Joshua Rogers (Opera) + - Fixed a memory leak when decompression fails "unexpectedly". + Commit f431d61740cc0. OVE-20210128-0001. + +- Bug fixes: + - Fixed detection of insufficient data for decompression. + Previously Privoxy could try to decompress a partly + uninitialized buffer. -------------------------------------------------------------------- ChangeLog for Privoxy 3.0.30