Update to privoxy-3.0.31

Fixes two CVE's: CVE-2021-20217 Prevent an assertion from getting triggered by a crafted CGI request. CVE-2021-20216 Fixed a memory leak when decompression fails "unexpectedly". Feedback and OK from sthen@
2021-02-04 19:23:58 +00:00 · 2021-02-04 19:23:58 +00:00 · d441b48f00
commit d441b48f00
parent e5555e594c
4 changed files with 23 additions and 8 deletions
--- a/www/privoxy/Makefile
+++ b/www/privoxy/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.39 2021/01/15 17:26:04 kmos Exp $
+# $OpenBSD: Makefile,v 1.40 2021/02/04 19:23:58 bket Exp $

 COMMENT=	web proxy with advanced filtering capabilities

-V=		3.0.29
+V=		3.0.31
 DISTNAME=	privoxy-${V}-stable
 PKGNAME=	privoxy-${V}
 CATEGORIES=	www
@ -16,6 +16,7 @@ WANTLIB += c crypto pcre pcreposix pthread ssl z

 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=ijbswa/}
 EXTRACT_SUFX=	-src.tar.gz
+FIX_EXTRACT_PERMISSIONS=	Yes

 # there are tests which can be run with tools/privoxy-regression-test.pl
 # they require privoxy to be running, and http_proxy=http://127.0.0.1:8118/
--- a/www/privoxy/distinfo
+++ b/www/privoxy/distinfo
@ -1,2 +1,2 @@
-SHA256 (privoxy-3.0.29-stable-src.tar.gz) = JcYGnv2vV31HwlfaY7A81tBj+3kOGcw5YD2C5dtySJ0=
-SIZE (privoxy-3.0.29-stable-src.tar.gz) = 1830550
+SHA256 (privoxy-3.0.31-stable-src.tar.gz) = B3cpo6rHkiKk6NiKZQ2QKNFv1LDWA42o9fXkcSDQBOs=
+SIZE (privoxy-3.0.31-stable-src.tar.gz) = 1839901
--- a/www/privoxy/patches/patch-GNUmakefile_in
+++ b/www/privoxy/patches/patch-GNUmakefile_in
@ -1,4 +1,4 @@
-$OpenBSD: patch-GNUmakefile_in,v 1.11 2020/11/29 19:08:14 sthen Exp $
+$OpenBSD: patch-GNUmakefile_in,v 1.12 2021/02/04 19:23:58 bket Exp $

 Index: GNUmakefile.in
 --- GNUmakefile.in.orig
@ -12,3 +12,12 @@ Index: GNUmakefile.in
 
 
 #############################################################################
+@@ -968,7 +968,7 @@ install: CONF_DEST LOG_DEST PID_DEST check_doc GROUP_T
+ 			$(RM) $(DESTDIR)$(CONF_DEST)/$$i ;\
+ 			$(ECHO) Installing fresh $$i;\
+ 			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\
+-		elif [ -s "$(CONF_DEST)/$$i" ]; then \
+		elif [ -s "$(DESTDIR)$(CONF_DEST)/$$i" ]; then \
+ 			$(ECHO) Installing $$i as $$i.new ;\
+ 			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\
+ 			NEW=1;\
--- a/www/privoxy/pkg/PLIST
+++ b/www/privoxy/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.14 2020/11/29 19:08:14 sthen Exp $
+@comment $OpenBSD: PLIST,v 1.15 2021/02/04 19:23:58 bket Exp $
@newgroup _privoxy:516
@newuser _privoxy:516:_privoxy:daemon:Privoxy Account:/var/privoxy:/sbin/nologin
@rcscript ${RCDIR}/privoxy
@ -6,7 +6,7 @@ bin/privoxy-log-parser.pl
 bin/privoxy-regression-test.pl
 bin/uagen.pl
 bin/url-pattern-translator.pl
-@man man/man1/privoxy.1
+@man man/man8/privoxy.8
@bin sbin/privoxy
 share/doc/privoxy/
 share/doc/privoxy/AUTHORS
@ -32,7 +32,6 @@ share/doc/privoxy/faq/index.html
 share/doc/privoxy/faq/installation.html
 share/doc/privoxy/faq/misc.html
 share/doc/privoxy/faq/trouble.html
-share/doc/privoxy/images/
 share/doc/privoxy/index.html
 share/doc/privoxy/man-page/
 share/doc/privoxy/man-page/privoxy-man-page.html
@ -191,6 +190,12 @@ share/examples/privoxy/templates/edit-actions-for-url-filter
@sample ${SYSCONFDIR}/privoxy/templates/edit-actions-for-url-filter
@owner
@group
+share/examples/privoxy/templates/edit-actions-for-url-string-filter
+@owner _privoxy
+@group _privoxy
+@sample ${SYSCONFDIR}/privoxy/templates/edit-actions-for-url-string-filter
+@owner
+@group
 share/examples/privoxy/templates/edit-actions-list
@owner _privoxy
@group _privoxy