Privoxy full changelog

Privoxy Full Change Log

Privoxy 3.0.28 released Sep 16, 2019 (New Release)

Fixed misplaced parentheses.
Changed two regression tests to depend on config directive enable-remote-toggle instead of FEATURE_TOGGLE.

Privoxy 3.0.26 released Sep 19, 2016 (New Release)

Bug fixes:
Fixed crashes with "listen-addr :8118" (SF Bug #902). The regression was introduced in 3.0.25 beta and reported by Marvin Renich in Debian bug #834941.

Privoxy 3.0.24 released Jan 25, 2016 (New Release)

Prevent invalid reads in case of corrupt chunk-encoded content. CVE-2016-1982.
Remove empty Host headers in client requests. Previously they would result in invalid reads. CVE-2016-1983.

Privoxy 3.0.23 released Feb 11, 2015 (New Release)

Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled (the default) they could previously cause Privoxy to abort(). Reported by Matthew Daley.
Fixed multiple segmentation faults and memory leaks in the pcrs code. This fix also increases the chances that an invalid pcrs command is rejected as such. Previously some invalid commands would be loaded without error. Note that Privoxy's pcrs sources (action and filter files) are considered trustworthy input and should not be writable by untrusted third-parties.
Fixed an 'invalid read' bug which could at least theoretically cause Privoxy to crash. So far, no crashes have been observed.

Privoxy 3.0.21 released Mar 11, 2013 (New Release)

Privoxy 3.0.19 released Dec 29, 2011 (New Release)

Privoxy 3.0.18 released Nov 22, 2011 (New Release)

Bug fixes:
· If a generated redirect URL contains characters RFC 3986 doesn't permit, they are (re)encoded. Not doing this makes Privoxy versions from 3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113) attacks if the +fast-redirects{check-decoded-url} action is used. - Fix a logic bug that could cause Privoxy to reuse a server socket after it got tainted by a server-header-tagger-induced block that was triggered before the whole server response had been read. If keep-alive was enabled and the request following the blocked one was to the same host and using the same forwarding settings, Privoxy would send it on the tainted server socket. While the server would simply treat it as a pipelined request, Privoxy would later on fail to properly parse the server's response as it would try to parse the unread data from the first response as server headers for the second one. Regression introduced in 3.0.17.

Privoxy 3.0.17 released Nov 16, 2010 (New Release)

· In case of missing server data, no error message is send to the client if the request arrived on a reused connection. The client is then supposed to silently retry the request without bothering the user. This should significantly reduce the frequency of the "No server or forwarder data received" error message many users reported.
· More reliable detection of prematurely closed client sockets with keep-alive enabled.
· FEATURE_CONNECTION_KEEP_ALIVE is decoupled from FEATURE_CONNECTION_SHARING and now available on all platforms.
· Improved handling of POST requests on reused connections.
· Should fix problems with stalled connections after submitting form data with some browser configurations.
· Fixed various latency calculation issues.
· Allows the client to pass NTLM authentication requests to a forwarding proxy. This was already assumed and hinted to work in 3.0.13 beta but actually didn't. Now it's confirmed to work with IE, Firefox and Chrome.

Privoxy 3.0.16 released May 14, 2010 (New Release)

Privoxy 3.0.28 Free Download Notice

Top 4 Download periodically updates software information of Privoxy 3.0.28 full version from the publisher.

Using warez, crack, patches, serial numbers, registration codes, key generator, pirate key, keymaker or keygen for Privoxy key is illegal and prevent future development of Privoxy. Download links are directly from publisher's website, Privoxy torrent files or shared files from free file sharing, including Rapidshare, MegaUpload, HellShare, HotFile, FileServe, YouSendIt, SendSpace, DepositFiles, Letitbit, MailBigFile, are not allowed!