Tinyproxy v1.10.0 Release Notes

Release Date: 2018-09-01 // over 1 year ago
  • Tinyproxy version 1.10.0

    This is the new stable version of tinyproxy.

    🚀 Major changes in this release

    • ➕ Add support for basic HTTP authentication
    • ➕ Add socks upstream support
    • 🌲 Log to stdout if no logfile is specified
    • 0️⃣ Activate reverse proxy by default
    • 👌 Support bind with transparent mode
    • Install tinyproxy to bin/ instead of sbin/
    • Ship manpages as part of distribution tarball
    • 👍 Allow multiple listen statements in the configuration
    • 🛠 Coverity fixes
    • 🏗 Simplified configure and build
    • 👌 Improved selftest environment

    🔒 Included security fixes

    • 🛠 Fix CVE-2017-11747: Create PID file before dropping privileges.
    • 🛠 Fix CVE-2012-3505: algorithmic complexity DoS in hashmap

    🛠 Bugfixes

    • BB#110: fix algorithmic complexity DoS in hashmap
    • BB#106: fix CONNECT requests with IPv6 literal addresses as host
    • 🆓 BB#116: fix invalid free for GET requests to ipv6 literal address
    • BB#63: conf: Allow multiple Listen statements in the config
    • BB#81: allow listening on multiple families when no Listen is provided in config
    • BB#115: Drop supplementary groups
    • 🏗 BB#112: build: fix build with autoconf >= 2.69
    • 🚚 BB#103: Move files installed in /etc/ to /etc/tinyproxy/
    • 🌲 BB#109: Fix crash (infinite loop) when writing to log file fails
    • BB#90: Fix bug in ACL netmask generation
    • 👍 BB#95: Fix FilterURLs with transparent proxy support
    • 👍 BB#91: Fix upstream proxy support
    • 🌲 BB#74: Create log and pid files after we drop privs
    • BB#89: Don't recompile regular expressions
    • BB#83: Use output of id instead of $USER
    • ✅ BB#80: keep track of error codes in return codes in tests

    🌲 Note: bugzilla.banu.com does not exist any more, so there is no reference for these any more except for the code changes in git log.


Previous changes from v1.8.4

  • Tinyproxy version 1.8.4

    🚀 Most notably, this release removes the limitation of a single Listen address of not listening on the wildcard address (BB#63) and a DoS (BB#110, CVE-2012-3505).

    🚀 Among several other bug fixes, this release fixes a bunch of issues found by coverity (scan.coverity.com).

    🐛 Bugs resolved since version 1.8.3

    • BB#110: fix algorithmic complexity DoS in hashmap
    • BB#106: fix failing CONNECT requests with IPv6 literal addresses
    • 🆓 BB#116: fix invalid free for GET requests to IPv6 literal addresses
    • 🔧 BB#63: support multiple Listen statements in configuration
    • 👍 BB#81: support listening on ipv4 and ipv6 wildcard if no Listen specified
    • 🌲 BB#109: fix crash when writing to log file fails
    • 🏗 BB#112: fix build with autoconf >= 2.69

    Contributors:

    Mukund Sivaraman, Michael Adam, Gaudenz Steinlin, Peter H. Froehlich