1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
|
tinyproxy (1.8.2-1squeeze3) stable-security; urgency=high
* Add patches for CVE-2012-3505 (closes: #685281):
- CVE-2012-3505-tinyproxy-limit-headers.patch: Limit the number of
headers to prevent DoS attacks.
- CVE-2012-3505-tinyproxy-randomized-hashmaps.patch: Randomize hashmaps
in order to avoid fake headers getting included in the same bucket,
allowing for DoS attacks.
Bug reported and patches contributed by gpernot.
-- Jordi Mallach <jordi@debian.org> Mon, 24 Sep 2012 21:05:41 +0200
tinyproxy (1.8.2-1squeeze2) stable; urgency=low
* Add validate_port_number.patch: validate port number specified in Port
directive, to avoid possible buffer overflows that could allow for
access restriction bypasses [CVE-2011-1843] (closes: #627503).
As the configuration file is under the control of the admin, this is
not considered a security issue.
-- Jordi Mallach <jordi@debian.org> Mon, 02 Jan 2012 15:05:27 +0100
tinyproxy (1.8.2-1squeeze1) stable-security; urgency=low
* Add netmask_generation.patch: fix bug in ACL netmask generation,
which could allow to use Tinyproxy as an open proxy very easily
[CVE-2011-1499] (closes: #621493).
-- Jordi Mallach <jordi@debian.org> Tue, 19 Apr 2011 10:05:41 +0200
tinyproxy (1.8.2-1) unstable; urgency=low
* New upstream release.
* Drop all patches; all were taken from Git, or have been applied
upstream.
* Add upstream_matching_fix.patch by Daniel Piddock, to fix handling
of upstream rules (closes: #585075).
-- Jordi Mallach <jordi@debian.org> Wed, 09 Jun 2010 01:08:17 +0200
tinyproxy (1.8.1-5) unstable; urgency=medium
* Add sighup_memleak.patch, by John van der Kamp, to fix a memleak
when reloading tinyproxy, which happens daily via logrotate
(closes: #579427).
* Adjust testsuite_user_var.patch to use output of "id -un" instead of
"whoami".
-- Jordi Mallach <jordi@debian.org> Wed, 02 Jun 2010 09:43:50 +0200
tinyproxy (1.8.1-4) unstable; urgency=low
* Add log_message_storage_crash.patch to fix crashes when reloading
tinyproxy, as triggered by logrotate (thanks Dmitry Semyonov for the
bug report and patch, closes: #578319).
-- Jordi Mallach <jordi@debian.org> Fri, 23 Apr 2010 15:41:36 +0200
tinyproxy (1.8.1-3) unstable; urgency=low
* Add conf_fix_alignment.patch: fix a crash on startup on alpha
and ia64.
* Disable the testsuite on kfreebsd architectures, as it fails due to
some assumptions on how loopback network interfaces work on FreeBSD.
-- Jordi Mallach <jordi@debian.org> Wed, 24 Mar 2010 13:05:32 +0100
tinyproxy (1.8.1-2) unstable; urgency=low
* Add testsuite_user_var.patch: don't assume $USER is set in the
build environment; use $(whoami) instead.
-- Jordi Mallach <jordi@debian.org> Tue, 23 Mar 2010 15:58:13 +0100
tinyproxy (1.8.1-1) unstable; urgency=low
* New upstream release.
- fixes behaviour with no Listen directive in config (closes: #572514).
* Drop all patches: all are included in this release, or are obsolete.
-- Jordi Mallach <jordi@debian.org> Tue, 09 Mar 2010 23:33:36 +0100
tinyproxy (1.8.0-1) unstable; urgency=low
* New upstream stable release (closes: #309383, #567258).
- fixes reordering of headers issue (closes: #405068).
- fixes bind directive problems (closes: #517674).
- manpages are rewritten; misleading GPL comments are gone
(closes: #443569).
- the tunnel directive is no longer present (closes: #167898).
- logfiles are no longer removed on start (closes: #160764).
* Add myself to Uploaders.
* Change section to web.
* Update copyright info.
* Switch to source version 3.0 (quilt). Drop Build-Dep on quilt and
remove README.source.
* Add Build-Depends on asciidoc and xmlto.
* Drop the following patches, which were fixed or obsoleted upstream:
99_autoreconf.patch, scanner_debug_removal.patch.
* Add DEP-3 headers to remaining patches.
* Split pidfile_ownership.patch in two, creating a new patch handling
documentation. Disable the ownership patch, which doesn't handle
logfiles and changing the patch of the piddir is enough workaround
for now.
* Add logfile_location.patch, similar to the pidfile issue.
* Install /var/log/tinyproxy with owner nobody:adm and mode 750, make
sure dh_fixperms does not revert this, and add a lintian override.
* Resync debian/tinyproxy.conf with new version.
* Don't ship /var/run/tinyproxy, the init script handles its creation.
* Make init script check for conffile availability before grepping it.
* Bump Standards-Version to 3.8.4.
* Rewrite debian/rules using dh7, bump debhelper requirement to >= 7.0.50.
* Update Homepage and copyright to match the new upstream URL.
* Add Vcs fields.
* Update debian/docs, debian/dirs and debian/examples.
* Update watch file, updating download URL and removing hardcoded stable
release version from the path (closes: #551405).
* Fix logrotate script to use invoke-rc.d and okifempty
(closes: #536751, #567981).
* Use reload in logrotate, avoiding SIGTERMs (closes: #563482).
* Enable reverse proxying support, and explictly enable regexcheck.
* Set $sysconfdir to /etc.
* Install templates in /usr/share/tinyproxy.
* Handle tinyproxy's conffile location change in preinst/postinst.
* Add uninteractive_testsuite.patch to make the testsuite not wait for
a keypress when finishing.
-- Jordi Mallach <jordi@debian.org> Mon, 22 Feb 2010 20:48:12 +0100
tinyproxy (1.6.3-3.3) unstable; urgency=low
* Non-maintainer upload.
* Clarify debian/copyright about "version 2 or above" GPL clause.
(Closes: #567265)
-- Stefano Zacchiroli <zack@debian.org> Fri, 12 Feb 2010 11:04:04 +0100
tinyproxy (1.6.3-3.2) unstable; urgency=low
* Non-maintainer upload.
* Note the Debian revision has been bumped to -3.2 instead of -2.2 to
ease Ubuntu synchronisation, as they mistakenly uploaded -3 some time ago.
* Bump debhelper requirement to 7 and add quilt to Build-Depends.
* Move to debhelper compat level 7.
* Cleanup rules a bit for debhelper v7.
* Move patches to upstream code to log_format_string_fix.patch,
scanner_debug_removal.patch and 99_autoreconf.patch.
* Remove apparently old and unused patches debian/logfile.patch and
debian/dfree-[1-4].patch.
* Make logrotate script restart tinyproxy only if it appears to be
running (closes: #369787). A better fix would be to improve the init
script adding a "try-restart" option, though.
* Apply patch from Christoph Biedl to allow tinyproxy to remove its pidfile
when shutting down, so the logrotate change actually works. This changes
the pidfile location to /var/run/tinyproxy.
* Add "Short-Description" and "Description" headers to the init script.
* Fix a typo in debian/rules so config.log gets removed on clean.
* Remove libtool and doc/report.sh on clean, and fix the rule as suggested
by lintian.
* Copy upstream's default conffile as debian/tinyproxy.conf and install
that one in the package.
* Disable non-localhost access by default, while adding commented entries
for all private network ranges (closes: #387721, #393236).
* Install example configuration file in /usr/share/doc/tinyproxy/examples.
* Remove obsolete debian/conffiles.
* Fix reference to conffile location in README.Debian (closes: #417338).
* Pass --enable-filter --enable-transparent-proxy --enable-upstream
to configure to explicitly enable some missing features.
(closes: #400931, LP #42598).
* Add doc/filter-howto.txt to installed documentation.
* Remove postinst and prerm script, which were used to fix an upgrade bug
6 years ago.
* Update upstream url in debian/copyright, and add a Homepage field to
debian/control.
* Extend copyright so it contains all the required information.
* Add a Debian.source document with notes about quilt usage to obtain
patched code.
* Add a watch file.
* Bump Standards-Version to 3.8.0.
-- Jordi Mallach <jordi@debian.org> Fri, 04 Jul 2008 17:06:00 +0200
tinyproxy (1.6.3-2.1) unstable; urgency=low
* Non-maintainer upload to solve release goal.
* Add LSB dependency header to init.d scripts (Closes: #466149).
* Fix format string bug in log.c (Closes: 366410). Patch
from Karl Chen.
-- Petter Reinholdtsen <pere@debian.org> Sat, 29 Mar 2008 12:32:29 +0100
tinyproxy (1.6.3-2) unstable; urgency=low
* Remove debugging grammar.[ch] and scanner.c as
noted by upstream
-- Ed Boraas <ed@debian.org> Wed, 11 Aug 2004 12:20:18 -0600
tinyproxy (1.6.3-1) unstable; urgency=low
* New upstream release
-- Ed Boraas <ed@debian.org> Tue, 10 Aug 2004 19:16:04 -0600
tinyproxy (1.6.2-3) unstable; urgency=low
* Properly close file handles on daemonize (Closes: #248124)
-- Ed Boraas <ed@debian.org> Mon, 9 Aug 2004 22:23:55 -0600
tinyproxy (1.6.2-2) unstable; urgency=low
* Actually depend on logrotate
-- Ed Boraas <ed@debian.org> Mon, 9 Aug 2004 18:16:09 -0600
tinyproxy (1.6.2-1) unstable; urgency=low
* New upstream release (Closes: #262122)
* Makefile now uses proper prefixing for mkinstalldirs
(Closes: #264508)
-- Ed Boraas <ed@debian.org> Mon, 9 Aug 2004 17:57:42 -0600
tinyproxy (1.6.1-3) unstable; urgency=low
* Include a logrotate script (Closes: #163670)
* Updated to Policy 3.6.1
-- Ed Boraas <ed@debian.org> Sun, 8 Aug 2004 00:20:04 -0600
tinyproxy (1.6.1-2) unstable; urgency=low
* Build-depend on bison (Closes; #207579)
-- Ed Boraas <ed@debian.org> Thu, 28 Aug 2003 07:14:47 -0600
tinyproxy (1.6.1-1) unstable; urgency=low
* New upstream release (Closes: #186935)
-- Ed Boraas <ed@debian.org> Mon, 11 Aug 2003 19:32:18 -0600
tinyproxy (1.5.1-2) unstable; urgency=low
* Open logfile with elevated permissions, passing fd to children
(Closes: #159614)
* Urgency still low since the affected version is not in testing
-- Ed Boraas <ed@debian.org> Wed, 4 Sep 2002 23:05:16 -0600
tinyproxy (1.5.1-1) unstable; urgency=low
* New upstream release (Closes: #157315)
-- Ed Boraas <ed@debian.org> Sat, 24 Aug 2002 16:48:50 -0600
tinyproxy (1.4.3-3) unstable; urgency=high
* Work around paper-bag postrm bug introduced in 1.4.3-1 which
was preventing upgrades (Closes: #147858)
* postrm only cleans /etc/tinyproxy on purge, as it should have
* SECURITY: Please use this package in woody, as -2 won't
upgrade over 1.4.3-1 because of the postrm bug
-- Ed Boraas <ed@debian.org> Thu, 23 May 2002 06:54:19 -0700
tinyproxy (1.4.3-2) unstable; urgency=high
* SECURITY: Fixed double-free errors in consultation with
upstream authors. This fix affects woody. (Closes: #147240)
-- Ed Boraas <ed@debian.org> Tue, 21 May 2002 21:35:35 -0700
tinyproxy (1.4.3-1) unstable; urgency=low
* New upstream release (Closes: #139312)
* Remove /etc/tinyproxy after purge (Closes: #128246)
* Include RFC_INFO in /usr/share/doc/tinyproxy
-- Ed Boraas <ed@debian.org> Sat, 23 Mar 2002 14:42:35 -0700
tinyproxy (1.4.2.2-3) unstable; urgency=low
* Updated README.Debian to refer to new conffile in /etc
(Closes: #116769)
* Changed default port back to 8080
-- Ed Boraas <ed@debian.org> Tue, 20 Nov 2001 06:53:54 -0700
tinyproxy (1.4.2.2-2) unstable; urgency=low
* Add flex to build-deps (Closes: #116156)
* Include default tinyproxy.conf (Closes: #116186)
-- Ed Boraas <ed@debian.org> Fri, 19 Oct 2001 17:13:37 -0600
tinyproxy (1.4.2.2-1) unstable; urgency=low
* New upstream release (Closes: #115801, #115798)
* Bugfixes and /etc/default/tinyproxy support added
to init.d script (Closes: #115802)
-- Ed Boraas <ed@debian.org> Tue, 16 Oct 2001 07:54:06 -0600
tinyproxy (1.3.3b-3) unstable; urgency=low
* My, oh my. I'm uploading this only to say that the previous
changelog entry should be:
"Upstream now seems to default to port 8888, despite
documentation. Forced default port back to 8080, to
match previous versions (and documentation)"
Apologies for the extra upload, but I thought I'd best
clear that up.
-- Ed Boraas <ed@debian.org> Wed, 20 Jun 2001 22:48:03 -0600
tinyproxy (1.3.3b-2) unstable; urgency=low
* Upstream now seems to default to port 8080, despite
documentation. Forced default port back to 8080, to
match previous versions (and documentation)
-- Ed Boraas <ed@debian.org> Wed, 20 Jun 2001 06:43:51 -0600
tinyproxy (1.3.3b-1) unstable; urgency=low
* New upstream release
* Fixed some obscure file permissions that were causing
problems for the auto-builders (Closes: #92099)
-- Ed Boraas <ed@debian.org> Thu, 29 Mar 2001 07:05:19 -0700
tinyproxy (1.3.3a-3) unstable; urgency=low
* Moved build-depends to correct section (Closes: #87707)
-- Ed Boraas <ed@debian.org> Mon, 26 Feb 2001 08:50:12 -0700
tinyproxy (1.3.3a-2) unstable; urgency=low
* Now includes Build-Depends on libadns1-dev (Closes: #84382)
* Prerm no longer fails on failure to terminate (Closes: #84384)
-- Ed Boraas <ed@debian.org> Sun, 25 Feb 2001 12:40:01 -0700
tinyproxy (1.3.3a-1) unstable; urgency=low
* New upstream release
-- Ed Boraas <ed@debian.org> Tue, 23 Jan 2001 06:45:46 -0700
tinyproxy (1.3.1-2) stable unstable; urgency=high
* Fixes remotely exploitable buffer overflow in
utils.c (Closes: #83182)
* Updated to policy version 3.2.1
* Default port noted in documentation (Closes: #83150)
-- Ed Boraas <ed@debian.org> Tue, 23 Jan 2001 06:31:12 -0700
tinyproxy (1.3.1-1) frozen unstable; urgency=low
* New upstream release
* Updated copyright file to refer to new location of GPL
* debian/rules (and others) redone due to upstream reorganization
* Up-to-date, bug-free, lintian-clean, ready for release.
-- Ed Boraas <ed@debian.org> Tue, 8 Feb 2000 22:23:43 -0700
tinyproxy (1.2.10-3) unstable; urgency=low
* Fixed another silly mistake in the init script
-- Ed Boraas <ed@debian.org> Tue, 23 Nov 1999 19:04:34 -0700
tinyproxy (1.2.10-2) unstable; urgency=low
* Fixed typo in /etc/init.d/tinyproxy (Closes: #50924)
-- Ed Boraas <ed@debian.org> Mon, 22 Nov 1999 23:46:14 -0700
tinyproxy (1.2.10-1) unstable; urgency=low
* New upstream release
-- Ed Boraas <ed@debian.org> Sun, 21 Nov 1999 03:21:23 -0700
tinyproxy (1.2.7-2) unstable; urgency=low
* Now includes a simple init.d script. (Closes: #41218)
-- Ed Boraas <ed@debian.org> Sat, 20 Nov 1999 11:21:54 -0700
tinyproxy (1.2.7-1) unstable; urgency=low
* New upstream release.
* Now conforms to Policy v3.
* Documentation moved to /usr/share/doc, and manpages
to /usr/share/man (to conform to new policy).
-- Ed Boraas <ed@debian.org> Sat, 31 Jul 1999 18:35:34 -0600
tinyproxy (1.2.6-1) unstable; urgency=low
* Initial Release.
-- Ed Boraas <ed@debian.org> Sun, 13 Jun 1999 02:40:21 -0600
Local variables:
mode: debian-changelog
End:
|
