Ubuntu
privoxy package

privoxy 3.0.13 in 9.10 drops connections, hangs, redirects urls to wrong domain

  1. Karmic (9.10)
  2. Bug #480991
Bug #480991 reported by goto
22
This bug affects 4 people
Affects Status Importance Assigned to Milestone
privoxy (Ubuntu)
Fix Released
Undecided
Unassigned
Karmic
Won't Fix
Undecided
Unassigned
Lucid
Fix Released
Undecided
Unassigned

Bug Description

Binary package hint: privoxy

There are several known bugs with privoxy 3.0.13 (and 3.0.14) that render it fairly unusable in Ubuntu 9.10:

http://sourceforge.net/tracker/?func=detail&aid=2838716&group_id=11118&atid=111118
http://sourceforge.net/tracker/?func=detail&aid=2831227&group_id=11118&atid=111118
http://sourceforge.net/tracker/?func=detail&aid=2826947&group_id=11118&atid=111118
http://sourceforge.net/tracker/?func=detail&aid=2827004&group_id=11118&atid=211118

One of these could be considered a fairly important security bug: if you are viewing www.evil.com and you click on a link to sensitive.site.com/myusername/mypassword/, privoxy will sometimes redirect you to www.evil.com/myusername/mypassword.

The issues are related to privoxy's new (since 3.0.12) connection keep-alive support, and a possible workaround may be to comment out "keep-alive-timeout" and "connection-sharing" in /etc/privoxy/config [see http://blog.steve.org.uk/looks_like_me_an_vincent_caught_you_boys_at_breakfast.html]. Downgrading to 3.0.12 (the last stable release) from Debian seems to resolve these issues, and the changelog for 3.0.15 suggests they have been improved [http://www.privoxy.org/3.0.15/user-manual/whatsnew.html].

Revision history for this message
Paul Drain (pd) wrote :

It also renders the location bar useless after viewing Google Calendar / Mail -- if you go to these sites, then use the location bar to go somewhere else, it'll leave the location (ie. launchpad.net), but display Google's main search screen.

Upgrading to 3.0.15 fixes this issue too.

Kees Cook (kees)
Changed in privoxy (Ubuntu Karmic):
status: New → Confirmed
Rob (rhbowman-deactivatedaccount)
Changed in privoxy (Ubuntu Lucid):
status: New → Confirmed
Andreas Moog (ampelbein)
Changed in privoxy (Ubuntu Lucid):
status: Confirmed → Fix Released
Changed in privoxy (Ubuntu):
status: New → Fix Released
Revision history for this message
Rolf Leggewie (r0lf) wrote :

karmic has seen the end of its life and is no longer receiving any updates. Marking the karmic task for this ticket as "Won't Fix".

Changed in privoxy (Ubuntu Karmic):
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.