[Privoxy-devel] Release date for Privoxy 4.2.0 stable

Roland Rosenfeld roland at spinnaker.de
Sat May 16 10:01:06 CEST 2026 

Hi Fabian!

On Sat, 16 May 2026, Fabian Keil via Privoxy-devel wrote:

> > Unfortunately I noticed that some cts-based tests started
> > to fail and didn't have time to properly look into this yet.
> 
> That should be sorted out.

I just tried out b7289bad0ddd1c90fba7c645746a8cfd2128300c and run into
problems with the following tests:

acl-multiple-ip-addresses-specified-with-destination:

FAIL 2: 'Request from client address from denied network range that does not have an exception' HTTP, HTTP GET
FAIL 3: 'Request from denied client address to https address without https inspection enabled' HTTP, HTTP CONNECT, HTTPS
FAIL 4: 'Request from client address from denied network range' HTTP, HTTP GET
FAIL 5: 'Request from client address from denied network range' HTTP, HTTP GET
FAIL 6: 'Request from client address from denied network range to destination that has an exception' HTTP, HTTP GET
FAIL 7: 'Request from client address from denied network range to destination that has an exception followed by a destination that is denied' HTTP, HTTP GET
FAIL 8: 'Request from client address from denied network range to destination that has an exception followed by a destination that is denied followed by a request that is allowed' HTTP, HTTP GET
 
TESTFAIL: These test cases failed: 2 3 4 5 6 7 8


acl-multiple-ip-addresses-specified-without-destination:

FAIL 2: 'Request from explicitly permitted client address' HTTP, HTTP GET
FAIL 3: 'Request to https address that is explicitly denied for the client' HTTP, HTTP CONNECT, HTTPS
FAIL 4: 'Request from client address from denied network range' HTTP, HTTP HEAD
FAIL 5: 'Request from client address from denied network range' HTTP, HTTP GET
FAIL 6: 'Request from client address from denied network range to destination that has an exception.' HTTP, HTTP GET
 
TESTFAIL: These test cases failed: 2 3 4 5 6


acl-permit-access-with-exceptions:

FAIL 2: 'Request from explicitly permitted client address' HTTP, HTTP GET
FAIL 3: 'Request to https address that is explicitly denied for the client' HTTP, HTTP CONNECT, HTTPS
FAIL 4: 'Request from client address from denied network range' HTTP, HTTP HEAD
FAIL 5: 'Request from client address from denied network range' HTTP, HTTP GET
FAIL 6: 'Request from client address from denied network range to destination that has an exception.' HTTP, HTTP GET
 
TESTFAIL: These test cases failed: 2 3 4 5 6

I'll have to dig deeper, I expect it to be a local issue.
All other tests succeeded.

> Therefore I propose that we do the release on the weekend
> starting on 2026-05-30.

That's okay for me.

> As usual, please let me know if you want to test and/or review
> the security fixes before they are committed.

I'd like to prepare backports of them for Debian security to release
them after 4.2 is published, so it would be nice to have them (if
possible including the CVE numbers) ready early.

Greetings
Roland
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.privoxy.org/pipermail/privoxy-devel/attachments/20260516/7e095500/attachment.bin>

More information about the Privoxy-devel mailing list