[ Windows > WWW > その他Web関連 ]

Pc   Privoxy


タイトル Privoxy
URL http://www.privoxy.org/
バージョン 3.0.26   3.0.25   3.0.24   3.0.19   3.0.18   3.0.17   3.0.16   3.0.15   3.0.14   3.0.13   3.0.12  
更新日 2016/08/30
追加日 2013/08/17
種別 フリーソフト
説明 広告除去など優れたフィルタリング能力を持つオープンソースのWebプロキシ。







2016/08/30 ver 3.0.26

Announcing Privoxy 3.0.26 stable
Privoxy 3.0.26 stable is a bug-fix release for the previously
released 3.0.25 beta which introduced client-specific tags and
included a couple of minor improvements.
- Fixed crashes with "listen-addr :8118" (SF Bug #902).
The regression was introduced in 3.0.25 beta and reported
by Marvin Renich in Debian bug #834941.
- General improvements:
- Log when privoxy is toggled on or off via cgi interface.
- Highlight the "Info: Now toggled " on/off log message
in the Windows log viewer.
- Highlight the loading actions/filter file log message
in the Windows log viewer.
- Mention client-specific tags on the toggle page as a
potentionally more appropriate alternative.
- Documentation improvements:
- Update download section on the homepage.
The downloads are available from the website now.
- Add sponsor FAQ.

2016/06/04 ver 3.0.25

Announcing Privoxy 3.0.25 beta
Privoxy 3.0.25 beta introduces client-specific tags and includes
a couple of minor improvements. It will be followed by a stable
release in the near future.
- Always use the current toggle state for new requests.
Previously new requests on reused connections inherited
the toggle state from the previous request even though
the toggle state could have changed.
Reported by Robert Klemme.
- Fixed two buffer-overflows in the (deprecated) static
pcre code. These bugs are not considered security issues
as the input is trusted.
Found with afl-fuzz and ASAN.
- Added support for client-specific tags which allow Privoxy
admins to pre-define tags that are set for all requests from
clients that previously opted in through the CGI interface.
They are useful in multi-user setups where admins may
want to allow users to disable certain actions and filters
for themselves without affecting others.

2016/01/28 ver 3.0.24

Announcing Privoxy 3.0.24 stable
Privoxy 3.0.24 stable contains a couple of new features but is
mainly a bug-fix release. Two of the fixed bugs are security issues
and may be used to remotely trigger crashes on platforms that
carefully check memory accesses (most don't).
- Security fixes (denial of service):
- Prevent invalid reads in case of corrupt chunk-encoded content.
CVE-2016-1982. Bug discovered with afl-fuzz and AddressSanitizer.
- Remove empty Host headers in client requests.
Previously they would result in invalid reads. CVE-2016-1983.
Bug discovered with afl-fuzz and AddressSanitizer.
- When using socks5t, send the request body optimistically as well.
Previously the request body wasn't guaranteed to be sent at all
and the error message incorrectly blamed the server.
Fixes #1686 reported by Peter M端ller and G4JC.
- Fixed buffer scaling in execute_external_filter() that could lead
to crashes. Submitted by Yang Xia in #892.
- Fixed crashes when executing external filters on platforms like
Mac OS X. Reported by Jonathan McKenzie on ijbswa-users@.

2011/12/27 ver 3.0.19

Announcing Privoxy v.3.0.19 stable
This is a bug-fix release for the previously released
Privoxy 3.0.18. One of the fixes addresses a security issue.
*** Version 3.0.19 Stable ***
- Bug fixes:
- Prevent a segmentation fault when de-chunking buffered content.
It could be triggered by malicious web servers if Privoxy was
configured to filter the content and running on a platform
where SIZE_T_MAX isn't larger than UINT_MAX, which probably
includes most 32-bit systems. On those platforms, all Privoxy
versions before 3.0.19 appear to be affected.
To be on the safe side, this bug should be presumed to allow
code execution as proving that it doesn't seems unrealistic.
- Do not expect a response from the SOCKS4/4A server until it
got something to respond to. This regression was introduced
in 3.0.18 and prevented the SOCKS4/4A negotiation from working.
Reported by qqqqqw in #3459781.
- General improvements:

2011/11/21 ver 3.0.18

Announcing Privoxy v.3.0.18 stable
This is mainly a bug-fix release for the previously released
Privoxy 3.0.17. One of the fixes addresses a security issue.
*** Version 3.0.18 stable ***
- Bug fixes:
- If the redirect URL contains characters RFC 3986 doesn't permit,
they are (re)encoded. Not doing this makes Privoxy versions from
3.0.5 to 3.0.17 susceptible to HTTP response splitting (CWE-113)
attacks if the +fast-redirects{check-decoded-url} action is used.
- Fix a logic bug that could cause Privoxy to reuse a server
socket after it got tainted by a server-header-tagger-induced
block that was triggered before the whole server response had
been read. If keep-alive was enabled and the request following
the blocked one was to the same host and using the same forwarding
settings, Privoxy would send it on the tainted server socket.
While the server would simply treat it as a pipelined request,
Privoxy would later on fail to properly parse the server's
response as it would try to parse the unread data from the
first response as server headers for the second one.

2010/11/15 ver 3.0.17

Announcing Privoxy v.3.0.17 stable
This is mainly a bug-fix release for the previously released Privoxy 3.0.16.
It contains fixes for two bugs that could cause connections to hang under
certain circumstances when keep-alive support was enabled, until they timed
out or where closed by the server.
See http://www.privoxy.org/3.0.17/user-manual/whatsnew.html for details.
*** Version 3.0.17 Stable ***
- Fixed last-chunk-detection for responses where the content was small
enough to be read with the body, causing Privoxy to wait for the
end of the content until the server closed the connection or the
request timed out. Reported by "Karsten" in #3028326.
- Responses with status code 204 weren't properly detected as body-less
like RFC2616 mandates. Like the previous bug, this caused Privoxy to
wait for the end of the content until the server closed the connection
or the request timed out. Fixes #3022042 and #3025553, reported by a
user with no visible name. Most likely also fixes a bunch of other
AJAX-related problem reports that got closed in the past due to
insufficient information and lack of feedback.
- Fixed an ACL bug that made it impossible to build a blacklist.

2010/02/21 ver 3.0.16

Announcing Privoxy v.3.0.16 stable
This is the first stable release since 3.0.12. It mainly contains
bugfixes for the previous betas which introduced IPv6 support,
improved keep-alive support and a bunch of minor improvements.
See http://www.privoxy.org/3.0.16/user-manual/whatsnew.html for details.
*** Version 3.0.16 stable ***
- Added the config file option handle-as-empty-doc-returns-ok to
work around Firefox bug #492459, which causes Firefox to hang
if JavaScripts are blocked in certain situations. The option is
enabled in the default config file.
- Added the config file option default-server-timeout to control the
assumed default server timeout. Since Privoxy no longer returns
an error message for connection resets on reused client connections,
assuming larger server timeout values appears to actually work
pretty well as long as connections aren't shared.
- Added optional support for FreeBSD's accf_http(9). Use the
configure option --enable-accept-filter to enable it.
- Added fancier Privoxy icons for win32. Contributed by Jeff H.
- In daemon mode, fd 0, 1 and 2 are bound to /dev/null.

2009/10/19 ver 3.0.15

Announcing Privoxy v.3.0.15 beta
Privoxy 3.0.15 beta is a bugfix-release for the previous betas
See http://www.privoxy.org/3.0.15/user-manual/whatsnew.html for details.
*** Version 3.0.15 beta ***
- In case of missing server data, no error message is send to the
client if the request arrived on a reused connection. The client
is then supposed to silently retry the request without bothering
the user. This should significantly reduce the frequency of the
"No server or forwarder data received" error message many users
- More reliable detection of prematurely closed client sockets
with keep-alive enabled.
all platforms.
- Improved handling of POST requests on reused connections.
Should fix problems with stalled connections after submitting
form data with some browser configurations.
- Fixed various latency calculation issues.

2009/07/26 ver 3.0.14

Announcing Privoxy v.3.0.14 beta
Privoxy 3.0.14 beta is a bugfix-release for the previous beta
which introduced IPv6 support, improved keep-alive support and
a bunch of minor improvements.
See http://www.privoxy.org/3.0.14/user-manual/whatsnew.html for details.
*** Version 3.0.14 beta ***
- The latency is taken into account when evaluating whether or not to
reuse a connection. This should significantly reduce the number of
connections problems several users reported.
- If the server doesn't specify how long the connection stays alive,
Privoxy errs on the safe side of caution and assumes it's only a second.
- The error pages for connection timeouts or missing server data use a
Last-Modified date in the past. Retry attempts are detected and Privoxy
removes the If-Modified-Since header to prevent the server from responding
with status code 304 in which case the client would reuse the error message.
- Setting keep-alive-timeout to 0 disables keep-alive support. Previously
Privoxy would claim to allow persistence but not reuse the connection.
- Pipelined requests are less likely to be mistaken for the request
body of the previous request. Note that Privoxy still has no real

2009/06/15 ver 3.0.13

Announcing Privoxy v.3.0.13 beta
Privoxy 3.0.13 beta introduces IPv6 support, improved keep-alive
support and a bunch of minor improvements.
See http://www.privoxy.org/3.0.13/user-manual/whatsnew.html for details.
*** Version 3.0.13 beta ***
- Added IPv6 support. Thanks to Petr Pisar who not only provided
the initial patch but also helped a lot with the integration.
- Added client-side keep-alive support. This should also allow
NTLM authentication through Privoxy, but this hasn't been
confirmed yet.
- The connection sharing code is only used if the connection-sharing
option is enabled.
- The max-client-connections option has been added to restrict
the number of client connections below a value enforced by
the operating system.
- Fixed a regression reintroduced in 3.0.12 that could cause
crashes on mingw32 if header date randomization was enabled.
- Compressed content with extra fields couldn't be decompressed
and would get passed to the client unfiltered. This problem

2009/03/22 ver 3.0.12

Announcing Privoxy v.3.0.12
Privoxy 3.0.12-stable is primarily a bugfix release.
See http://www.privoxy.org/3.0.12/user-manual/whatsnew.html for details.
*** Version 3.0.12 ***
- The socket-timeout option now also works on platforms whose
select() implementation modifies the timeout structure.
Previously the timeout was triggered even if the connection
didn't stall. Reported by cyberpatrol.
- The Connection: keep-alive code properly deals with files
larger than 2GB. Previously the connection was closed too
- The content length for files above 2GB is logged correctly.
- The user-manual directive on the show-status page links to
the documentation location specified with the directive,
not to the Privoxy website.
- When running in daemon mode, Privoxy doesn't log anything
to the console unless there are errors before the logfile
has been opened.
- The show-status page prints warnings about invalid directives