From patchwork Mon Nov 30 07:12:43 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 1408050
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.136; helo=silver.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=none (p=none dis=none) header.from=korsgaard.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=bjO/QAnl;
	dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4CkxJs6bXnz9sTR
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Mon, 30 Nov 2020 18:12:59 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id 801D72279B;
	Mon, 30 Nov 2020 07:12:56 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id fGGrVqvAxpIr; Mon, 30 Nov 2020 07:12:54 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id D893122654;
	Mon, 30 Nov 2020 07:12:53 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
 by ash.osuosl.org (Postfix) with ESMTP id 2D5031BF4E5
 for <buildroot@lists.busybox.net>; Mon, 30 Nov 2020 07:12:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by hemlock.osuosl.org (Postfix) with ESMTP id 29C8487324
 for <buildroot@lists.busybox.net>; Mon, 30 Nov 2020 07:12:52 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
 by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Mm0mOXnRKm1d for <buildroot@lists.busybox.net>;
 Mon, 30 Nov 2020 07:12:49 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-ed1-f67.google.com (mail-ed1-f67.google.com
 [209.85.208.67])
 by hemlock.osuosl.org (Postfix) with ESMTPS id 223C187322
 for <buildroot@buildroot.org>; Mon, 30 Nov 2020 07:12:49 +0000 (UTC)
Received: by mail-ed1-f67.google.com with SMTP id c7so6753153edv.6
 for <buildroot@buildroot.org>; Sun, 29 Nov 2020 23:12:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=sender:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=I6VKAeon591RsQyw4NY+ETLeB35Cn0fGIJqKXEpOlqM=;
 b=bjO/QAnlvLhglFovdNvO8GyswriCt8rGKVliaJ6H2r4DxJwpTCnElwDVy0g567s12h
 kc1PLU9K1xkQgU4H1Qd3A1meOvvgpIqOuQK6tMgLjR9WqNz3FqjbqBBq6dr2gto83XcJ
 OwzXsYTAqNcIunh1lVYRIaD3TCJx8c//5o2TYYnJF4E4CDT0nCCS9noKDSra+Rb7k73M
 dZQkcxteLU6CtzQBuxwwQJwNyCW7iOmc3FMAQbBIdn2q4SpdHi4ZX/gPWqRBQ+TLxhA8
 QhjrvtR96V7ypQ1mFG2J9Yre1T6PEupZWBIPzyottk9mmQdB4hsm0EQfKEPLuYwVJng5
 xj2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
 :mime-version:content-transfer-encoding;
 bh=I6VKAeon591RsQyw4NY+ETLeB35Cn0fGIJqKXEpOlqM=;
 b=Rmtk/OveA8wnZre5d87jwLf8hsyZj6vFyLGLcFwLWCtG6aP9hCRLzlgAF5fBUt937c
 XtOVTZztFj+DC+PXTVwLq3xzjdEZXQpjD/T7g2yG8R8sVlzUwtiWRKFQf6sp1gbh1M4n
 5UlMnO0MaV02Wao8tOlV3V9To+GWOxOaQ8fhtq0SXgIEZsC9WvUpFH6mtNyPiQVtqUYU
 MeYB6LPLF/hn3oXlWbKfpvI34+sya0eiPbqTmzic+adYNYwA9tHDFRYMAcdsen4QjMkF
 WZ8519voOZpwjREHdw7jPdzQOuZ8U3m9gH2EGGeG1AD6LLZzTcr/tR2CjGSxnjcOgj/G
 QB5g==
X-Gm-Message-State: AOAM530Oy+/60hAVq2UlsS8Fr5rLCUr3dZX7SztSpc5DmuoHI70rePCE
 0LhksZMQ7vap2xbimnsxOMfLlOtV1Z0=
X-Google-Smtp-Source: 
 ABdhPJz0G5cYnYAI5WXX1J+WwG2pkkW6tYcUwolDMvuhi+rQhqmVUkexIS+rLJTkNwATe61XXUFFLg==
X-Received: by 2002:a05:6402:3089:: with SMTP id
 de9mr20147722edb.100.1606720366946;
 Sun, 29 Nov 2020 23:12:46 -0800 (PST)
Received: from dell.be.48ers.dk (d51A5BC31.access.telenet.be. [81.165.188.49])
 by smtp.gmail.com with ESMTPSA id
 h12sm6352746eja.113.2020.11.29.23.12.46
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sun, 29 Nov 2020 23:12:46 -0800 (PST)
Received: from peko by dell.be.48ers.dk with local (Exim 4.92)
 (envelope-from <peko@dell.be.48ers.dk>)
 id 1kjdMb-0000W9-J3; Mon, 30 Nov 2020 08:12:45 +0100
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org
Date: Mon, 30 Nov 2020 08:12:43 +0100
Message-Id: <20201130071244.1933-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/privoxy: security bump to version 3.0.29
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Peter Korsgaard <peter@korsgaard.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

From the release notes:

- Security/Reliability:
  - Fixed memory leaks when a response is buffered and the buffer
    limit is reached or Privoxy is running out of memory.
    Commits bbd53f1010b and 4490d451f9b. OVE-20201118-0001.
    Sponsored by: Robert Klemme
  - Fixed a memory leak in the show-status CGI handler when
    no action files are configured. Commit c62254a686.
    OVE-20201118-0002.
    Sponsored by: Robert Klemme
  - Fixed a memory leak in the show-status CGI handler when
    no filter files are configured. Commit 1b1370f7a8a.
    OVE-20201118-0003.
    Sponsored by: Robert Klemme
  - Fixes a memory leak when client tags are active.
    Commit 245e1cf32. OVE-20201118-0004.
    Sponsored by: Robert Klemme
  - Fixed a memory leak if multiple filters are executed
    and the last one is skipped due to a pcre error.
    Commit 5cfb7bc8fe. OVE-20201118-0005.
  - Prevent an unlikely dereference of a NULL-pointer that
    could result in a crash if accept-intercepted-requests
    was enabled, Privoxy failed to get the request destination
    from the Host header and a memory allocation failed.
    Commit 7530132349. CID 267165. OVE-20201118-0006.
  - Fixed memory leaks in the client-tags CGI handler when
    client tags are configured and memory allocations fail.
    Commit cf5640eb2a. CID 267168. OVE-20201118-0007.
  - Fixed memory leaks in the show-status CGI handler when memory
    allocations fail. Commit 064eac5fd0 and commit fdee85c0bf3.
    CID 305233. OVE-20201118-0008.

For more details, see the announcement:
https://www.openwall.com/lists/oss-security/2020/11/29/1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/privoxy/privoxy.hash | 8 ++++----
 package/privoxy/privoxy.mk   | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package/privoxy/privoxy.hash b/package/privoxy/privoxy.hash
index 84daf5c611..850208dd9f 100644
--- a/package/privoxy/privoxy.hash
+++ b/package/privoxy/privoxy.hash
@@ -1,6 +1,6 @@
-# From http://sourceforge.net/projects/ijbswa/files/Sources/3.0.28%20%28stable%29/
-md5  c7e8900d5aff33d9a5fc37ac28154f21  privoxy-3.0.28-stable-src.tar.gz
-sha1  fa8f9f355a48afe94afcaef31c5404b2294c1043  privoxy-3.0.28-stable-src.tar.gz
+# From http://sourceforge.net/projects/ijbswa/files/Sources/3.0.28%20%29stable%29/
+md5  493a3a643247e6c8bc60725e9993d4ee  privoxy-3.0.29-stable-src.tar.gz
+sha1  59873a122729b1b03e1d202d663036d2b5fa1120  privoxy-3.0.29-stable-src.tar.gz
 # Locally computed
-sha256  b5d78cc036aaadb3b7cf860e9d598d7332af468926a26e2d56167f1cb6f2824a  privoxy-3.0.28-stable-src.tar.gz
+sha256  25c6069efdaf577d47c257da63b03cd6d063fb790e19cc39603d82e5db72489d  privoxy-3.0.29-stable-src.tar.gz
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  LICENSE
diff --git a/package/privoxy/privoxy.mk b/package/privoxy/privoxy.mk
index f12d015efa..3cf1dc9754 100644
--- a/package/privoxy/privoxy.mk
+++ b/package/privoxy/privoxy.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-PRIVOXY_VERSION = 3.0.28
+PRIVOXY_VERSION = 3.0.29
 PRIVOXY_SITE = http://downloads.sourceforge.net/project/ijbswa/Sources/$(PRIVOXY_VERSION)%20%28stable%29
 PRIVOXY_SOURCE = privoxy-$(PRIVOXY_VERSION)-stable-src.tar.gz
 # configure not shipped