Package Release Info

tinyproxy-1.8.4-bp151.3.1

Update Info: Base Release
Available in Package Hub : 15 SP1

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

tinyproxy

Change Logs

Version: 1.11.2-bp155.3.3.1
* Wed May 08 2024 Jan Engelhardt <jengelh@inai.de>
- Update to release 1.11.2
  * Fix potential use-after-free in header handling
    [CVE-2023-49606, boo#1223746]
  * Prevent junk from showing up in error page in invalid requests
    [CVE-2022-40468, CVE-2023-40533, boo#1223743]
- Delete 0001-prevent-junk-from-showing-up-in-error-page-in-invali.patch
  (merged)
* Wed Feb 07 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Provide user/group tinyproxy symbol as required by RPM 4.19.
* Thu Sep 21 2023 Jan Engelhardt <jengelh@inai.de>
- The %pre scriptlet exercises shadow, so add a Requires for it.
* Wed Oct 05 2022 Jan Engelhardt <jengelh@inai.de>
- Ship COPYING file
* Tue Sep 20 2022 Jan Engelhardt <jengelh@inai.de>
- Add 0001-prevent-junk-from-showing-up-in-error-page-in-invali.patch
  [CVE-2022-40468] [boo#1203553]
* Mon Jun 06 2022 Jan Engelhardt <jengelh@inai.de>
- Move tinyproxy program to /usr/bin.
* Fri May 27 2022 Jan Engelhardt <jengelh@inai.de>
- Update to release 1.11.1
  * New fnmatch based filtertype
- Drop tinyproxy-conf.patch, no rationale for why those changes
  are there [boo#1200028].
* Fri Apr 16 2021 Jan Engelhardt <jengelh@inai.de>
- Update to release 1.11
  * Support for multiple bind directives.
* Tue Aug 25 2020 Jan Engelhardt <jengelh@inai.de>
- Do not suppress errors from groupadd/useradd
* Thu Aug 20 2020 Dirk Mueller <dmueller@suse.com>
- update to 1.10.0:
  * Configuration file has moved from /etc/tinyproxy.conf to
    /etc/tinyproxy/tinyproxy.conf.
  * Add support for basic HTTP authentication
  * Add socks upstream support
  * Log to stdout if no logfile is specified
  * Activate reverse proxy by default
  * Support bind with transparent mode
  * Allow multiple listen statements in the configuration
  * Fix CVE-2017-11747: Create PID file before dropping privileges.
  * Fix CVE-2012-3505: algorithmic complexity DoS in hashmap
  * Bugfixes
  * BB#110: fix algorithmic complexity DoS in hashmap
  * BB#106: fix CONNECT requests with IPv6 literal addresses as host
  * BB#116: fix invalid free for GET requests to ipv6 literal address
  * BB#115: Drop supplementary groups
  * BB#109: Fix crash (infinite loop) when writing to log file fails
  * BB#74: Create log and pid files after we drop privs
  * BB#83: Use output of id instead of $USER
Version: 1.8.4-bp150.2.4
* Tue Jan 06 2015 jengelh@inai.de
- Provide service file instead of script
* Mon Dec 29 2014 jengelh@inai.de
- Update to new upstream release 1.8.4
  * Fix crash (infinite loop) when logfile writing fails
  * Allow listening on multiple families when no Listen is
  provided in config.
  * Fix CONNECT requsts with IPv6 literal addresses as host.
  * Fix invalid free when connecting to ipv6 literal address
  * Limit the number of headers per request to prevent DoS
- Remove 110-seeding.diff (merged upstream), 110-headerlimit.diff
  (solved upstream)
* Fri Mar 14 2014 boris@steki.net
- Remove stray chunk headers that can cause /usr/bin/patch to fail
* Thu Jul 04 2013 jengelh@inai.de
- Add 110-seeding.diff, 110-headerlimit.diff to address
  CVE-2012-3505 (bnc#776506)
- Refresh tinyproxy-conf.patch to be in -p1 format rather than -p0
* Wed Feb 22 2012 chris@computersalat.de
- fix init script
  * TINYPROXY_CFG=/etc/tinyproxy.conf
  * create PID DIR
- fix logrotate script
  * compress, dateext .....
- add user, group tinyproxy
- add conf patch
- add missing logdir
- add missing rc_link
- fix pre/post
* Fri Dec 02 2011 chris@computersalat.de
- spec-cleaner
- fix build for suse_version 1110
  * define missing _initdir macro
* Mon Sep 19 2011 toganm@opensuse.org
- Update to 1.8.3 version
  changed source format to bz2
  * Fix upstream proxy support
  * Fix FilterURLs with transparent proxy support
  * Fix bug in ACL netmask generation
* Fri Jul 29 2011 toganm@opensuse.org
- added /etc/init.d/tinyproxy
- added tinyproxy logrotate
* Mon Jul 18 2011 jengelh@medozas.de
- Initial package