Hi, again a new version of the privoxy software (www.privoxy.org - ad/junk filtering proxy). The last version in the portage tree is 2.9.14. 2.9.16 and 2.9.18 in Bugzilla (Bug 5675 and Bug 6223) should be closed then. Georg Sauthoff
Created attachment 2985 [details] privoxy-2.9.20_beta.ebuild.tar.gz
*** Bug 5675 has been marked as a duplicate of this bug. ***
*** Bug 6223 has been marked as a duplicate of this bug. ***
Actually the other bugs are not duplicate bugs.(!) They are previous versions which were not commited to the portage tree, so because of the existance of a newer version, there is no need anymore to comit them. georg sauthoff
I've taken the liberty of cleaning up the ebuild slightly. This new revision contains the following modifications: *) moved the "patch" command (and changed -pN) accordingly the enable usage in newer versions (if the diffs remain "applyable"). Also add "|| die" to patch command. *) removed explicit version number (added $PVL which contains "internal" version number). No other changes were made. I've attached the new revision of the ebuild file itself.
Created attachment 3086 [details] privoxy-2.9.20_beta-r2.ebuild
Just noticed a rather severe security problem with the current ebuild: The /etc/init.d/privoxy script is (after install) owned by the "privoxy" user. It should of course be owned by "root", otherwise the "privoxy" user can put random stuff in there to be run at the next startup. I haven't the time to fix & upload a new ebuild, but it should be trivial to do.
Thank you for your comments. The owner of /etc/init.d/privoxy should be definitely root. Perhaps the committer (who will commit the ebuild (I hope soon) to the portage tree) can fix this simple thing. Or I will just upload this really trivial change.
I just created an ebuild for the Privoxy 3.0.0 version. Look at Bug 7163. So I will close this bug. Bardur: I changed there the security problem.
