[Privoxy-commits] [privoxy] 04/05: Regenerate user manual
User Git
git at git.privoxy.org
Sun May 31 12:08:19 CEST 2026
This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository privoxy.
commit 5df05ca4da8f27efd7566a9296c8c831d6170296
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Sun May 31 10:44:37 2026 +0200
Regenerate user manual
---
doc/webserver/user-manual/appendix.html | 16 ++++----
doc/webserver/user-manual/configuration.html | 2 +-
doc/webserver/user-manual/quickstart.html | 2 +-
doc/webserver/user-manual/startup.html | 4 +-
doc/webserver/user-manual/whatsnew.html | 55 ++++++++++++++++++++++++++--
5 files changed, 64 insertions(+), 15 deletions(-)
diff --git a/doc/webserver/user-manual/appendix.html b/doc/webserver/user-manual/appendix.html
index 4dd27979..9b713e55 100644
--- a/doc/webserver/user-manual/appendix.html
+++ b/doc/webserver/user-manual/appendix.html
@@ -202,7 +202,7 @@
these. If not, you will get a friendly error message. Internet access is not necessary either.</p>
<ul>
<li>
- <p>Privoxy main page:</p><a name="AEN6623" id="AEN6623"></a>
+ <p>Privoxy main page:</p><a name="AEN6647" id="AEN6647"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/" target="_top">http://config.privoxy.org/</a></p>
</blockquote>
@@ -211,7 +211,7 @@
"APPLICATION">Privoxy</span>)</p>
</li>
<li>
- <p>View and toggle client tags:</p><a name="AEN6631" id="AEN6631"></a>
+ <p>View and toggle client tags:</p><a name="AEN6655" id="AEN6655"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/client-tags" target=
"_top">http://config.privoxy.org/client-tags</a></p>
@@ -219,21 +219,21 @@
</li>
<li>
<p>Show information about the current configuration, including viewing and editing of actions
- files:</p><a name="AEN6636" id="AEN6636"></a>
+ files:</p><a name="AEN6660" id="AEN6660"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/show-status" target=
"_top">http://config.privoxy.org/show-status</a></p>
</blockquote>
</li>
<li>
- <p>Show the browser's request headers:</p><a name="AEN6641" id="AEN6641"></a>
+ <p>Show the browser's request headers:</p><a name="AEN6665" id="AEN6665"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/show-request" target=
"_top">http://config.privoxy.org/show-request</a></p>
</blockquote>
</li>
<li>
- <p>Show which actions apply to a URL and why:</p><a name="AEN6646" id="AEN6646"></a>
+ <p>Show which actions apply to a URL and why:</p><a name="AEN6670" id="AEN6670"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/show-url-info" target=
"_top">http://config.privoxy.org/show-url-info</a></p>
@@ -242,15 +242,15 @@
<li>
<p>Toggle Privoxy on or off. This feature can be turned off/on in the main <tt class="FILENAME">config</tt>
file. When toggled <span class="QUOTE">"off"</span>, <span class="QUOTE">"Privoxy"</span> continues to run,
- but only as a pass-through proxy, with no actions taking place:</p><a name="AEN6654" id="AEN6654"></a>
+ but only as a pass-through proxy, with no actions taking place:</p><a name="AEN6678" id="AEN6678"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/toggle" target="_top">http://config.privoxy.org/toggle</a></p>
</blockquote>
- <p>Short cuts. Turn off, then on:</p><a name="AEN6658" id="AEN6658"></a>
+ <p>Short cuts. Turn off, then on:</p><a name="AEN6682" id="AEN6682"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/toggle?set=disable" target=
"_top">http://config.privoxy.org/toggle?set=disable</a></p>
- </blockquote><a name="AEN6661" id="AEN6661"></a>
+ </blockquote><a name="AEN6685" id="AEN6685"></a>
<blockquote class="BLOCKQUOTE">
<p><a href="http://config.privoxy.org/toggle?set=enable" target=
"_top">http://config.privoxy.org/toggle?set=enable</a></p>
diff --git a/doc/webserver/user-manual/configuration.html b/doc/webserver/user-manual/configuration.html
index 9f0845d7..48514ab0 100644
--- a/doc/webserver/user-manual/configuration.html
+++ b/doc/webserver/user-manual/configuration.html
@@ -40,7 +40,7 @@
<tr>
<td>
<pre class="SCREEN"> </pre>
- <h2 class="BRIDGEHEAD"><a name="AEN895"></a> Privoxy Menu</h2>
+ <h2 class="BRIDGEHEAD"><a name="AEN919"></a> Privoxy Menu</h2>
<pre><br></pre>
<table border="0">
<tbody>
diff --git a/doc/webserver/user-manual/quickstart.html b/doc/webserver/user-manual/quickstart.html
index 7fcecd4e..4ec1b7c2 100644
--- a/doc/webserver/user-manual/quickstart.html
+++ b/doc/webserver/user-manual/quickstart.html
@@ -219,7 +219,7 @@
<p>Find <tt class="FILENAME">user.action</tt> in the top section, and click on <span class=
"QUOTE">"<span class="GUIBUTTON">Edit</span>"</span>:</p>
<div class="FIGURE">
- <a name="AEN662" id="AEN662"></a>
+ <a name="AEN686" id="AEN686"></a>
<p><b>Figure 1. Actions Files in Use</b></p>
<div class="MEDIAOBJECT">
<p><img src="files-in-use.jpg"></p>
diff --git a/doc/webserver/user-manual/startup.html b/doc/webserver/user-manual/startup.html
index d5fdef52..2a628281 100644
--- a/doc/webserver/user-manual/startup.html
+++ b/doc/webserver/user-manual/startup.html
@@ -35,7 +35,7 @@
<p>Please note that <span class="APPLICATION">Privoxy</span> can only proxy HTTP and HTTPS traffic. It will not
work with FTP or other protocols.</p>
<div class="FIGURE">
- <a name="AEN716" id="AEN716"></a>
+ <a name="AEN740" id="AEN740"></a>
<p><b>Figure 2. Proxy Configuration Showing Mozilla Firefox HTTP and HTTPS (SSL) Settings</b></p>
<div class="MEDIAOBJECT">
<p><img src="proxy_setup.jpg"></p>
@@ -66,7 +66,7 @@
protocols"</span> is <span class="emphasis"><i class="EMPHASIS">UNCHECKED</i></span>. You want only HTTP and HTTPS
(SSL)!</p>
<div class="FIGURE">
- <a name="AEN758" id="AEN758"></a>
+ <a name="AEN782" id="AEN782"></a>
<p><b>Figure 3. Proxy Configuration Showing Internet Explorer HTTP and HTTPS (Secure) Settings</b></p>
<div class="MEDIAOBJECT">
<p><img src="proxy2.jpg"></p>
diff --git a/doc/webserver/user-manual/whatsnew.html b/doc/webserver/user-manual/whatsnew.html
index f360ae1c..3907d730 100644
--- a/doc/webserver/user-manual/whatsnew.html
+++ b/doc/webserver/user-manual/whatsnew.html
@@ -27,10 +27,33 @@
</div>
<div class="SECT1">
<h1 class="SECT1"><a name="WHATSNEW" id="WHATSNEW">3. What's New in this Release</a></h1>
- <p><span class="APPLICATION">Privoxy 4.2.0</span> fixes a few minor bugs and brings a couple of general
- improvements inclusing support for elliptic-curve keys.</p>
+ <p><span class="APPLICATION">Privoxy 4.2.0</span> fixes a couple of bugs including two reported security issues and
+ brings a couple of general improvements including support for elliptic-curve keys.</p>
+ <p>Unfortunately the reporter of the alleged security issues did not answer questions about the report that was
+ based on an unofficial git mirror which was apparently two years behind. CVEs have been requested but haven't been
+ assigned in time for the release.</p>
+ <p>The Privoxy project is currently underfunded and the income doesn't even cover the hosting expenses (~161
+ EUR/month). If you can afford it, please consider making a <a href="https://www.privoxy.org/donate" target=
+ "_top">donation</a>.</p>
<p>Changes in <span class="APPLICATION">Privoxy 4.2.0</span> stable:</p>
<ul>
+ <li>
+ <p>Security fixes:</p>
+ <ul>
+ <li>
+ <p>Parse the chunk-size with a dedicated function and reject "unreasonably" large values to prevent silent
+ truncation by sscanf(), integer overflows and misinterpretation of the content later on. Heap buffer
+ overflows on platforms with 32-bit pointers were alleged as well. Commit 5b3bb22b77. OVE-20260515-0002.
+ Reported by @TristanInSec.</p>
+ </li>
+ <li>
+ <p>ssl_send_certificate_error(): Store the generated message on the heap instead of the stack to prevent an
+ alleged segmentation fault if there are enough certificates in the chain to exceed the stack size. While at
+ it, replace another variable-length array that was probably unproblematic with a heap-based buffer as well.
+ Commit 4963aa4f08. OVE-20260515-0001. Reported by @TristanInSec.</p>
+ </li>
+ </ul>
+ </li>
<li>
<p>Bug fixes:</p>
<ul>
@@ -150,6 +173,9 @@
<li>
<p>Block ".parsely.com/p(logger|x)/" to match URLs that weren't covered by ".pixel.parsely.com/".</p>
</li>
+ <li>
+ <p>Block requests to ".siteintercept.qualtrics.com/".</p>
+ </li>
<li>
<p>Unblock "gitlab./search/count\?".</p>
</li>
@@ -187,6 +213,13 @@
<li>
<p>Documentation improvements:</p>
<ul>
+ <li>
+ <p>FAQ: Mention that one can also donate through Liberapay and add a link.</p>
+ </li>
+ <li>
+ <p>Add two paragraphs to the 'Reporting security problems' section. Request that use of "AI" is disclosed
+ and that reporters respond to questions about the report.</p>
+ </li>
<li>
<p>The Privoxy tools privoxy-log-parser, privoxy-regression-test and uagen have man pages now. Previously
they were only documented in perldoc.</p>
@@ -285,14 +318,27 @@
<p>run-privoxy-tests.sh: Turn $log_file into a local variable in start_privoxy().</p>
</li>
<li>
- <p>tests/cts/README: Recommend to use curl upstream tag curl-8_19_0.</p>
+ <p>tests/cts/README: Recommend to use curl upstream tag curl-8_20_0.</p>
</li>
<li>
<p>Regenerate curl-test-manifest-for-privoxy.</p>
</li>
+ <li>
+ <p>gen-skip-reasons.pl: Use '==' instead of 'eq' when checking whether or not a test should be skipped.
+ While the script output is the same, the test number isn't a string so using '==' seems more
+ appropriate.</p>
+ </li>
<li>
<p>gen-skip-reasons.pl: Skip test 1 due to multiple Connection header values.</p>
</li>
+ <li>
+ <p>gen-skip-reasons.pl: Skip test 58 for now which doesn't work anymore after a recent curl upstream
+ change.</p>
+ </li>
+ <li>
+ <p>gen-skip-reasons.pl: Skip test 1685 which uses a Cookie header with a tab that Privoxy converts into a
+ space.</p>
+ </li>
<li>
<p>Privoxy-Regression-Test: Bump version to 0.7.6</p>
</li>
@@ -303,6 +349,9 @@
<p>Privoxy-Regression-Test: Include the offending line in the error message when rejecting Sticky Actions
with whitespace inside the action parameters.</p>
</li>
+ <li>
+ <p>Add three more tests for the chunked-transfer-encoding scenario.</p>
+ </li>
</ul>
</li>
</ul>
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Privoxy-commits
mailing list