SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for squid-3.2.11-3.4.1.x86_64.rpm :

* Thu May 02 2013 brunoAATTioda-net.ch- Packaging : fixed systemd squid.service - Removed commented patch lines - Rework on squid.service ExecStartPre line remove dependency on unfunctionnal wrapper squid_cache_build.sh New revision for squid.service (using only sed) handle multiple cache_dir line Added sed as require - Fix bnc#802635 (creating cache struture fail on first call) - Fixed Type=forking and remove the use off -N (non daemon flag) - Fixed missing pid file - Structural : add all -k to end of Exec/Stop line - Ulimit : Added LimitNOFile=4096 ( same value as in /etc/sysconfig) but there\'s no way to decode dynamically /etc/sysconfig - Remove syslog.target ( no need anymore : advise from fcrozat )- Changes for squid 3.2.11 & 3.2.10 release (29 April 2013) - Fix enter_suid/leave_suid build errors in ip/Intercept.cc - GNU Hurd: define MAP_NORESERVE as no-op when missing - Bug #3833: Option \'-k\' is not present in squidclient man page - Bug #3817: Memory leak in SSL cert validate for alt_name peer certs - Bug #3822: Locate LDAP and SASL headers in /usr/local/include for BSD support - Bug #3825: basic_ncsa_auth segfaulting with glibc-2.17 - Bug #3774: -k reconfigure drops rock - Bug #3565: Resuming postponed accept kills Squid - HTTP/1.1: partial support for no-cache and private controls with parameters - ssl_crtd: helpers dying during startup on ARM - Updated copyright for icons/SN.png squid-3.2-11813.patch - Revert r11810 - tools.h does not exist in 3.2 squid-3.2-11812.patch- Changes to squid-3.2.9 (12 Mar 2013): - Regression fix: Accept-Language header parse - Bug 3673: Silence \'Failed to select source\' messages - Fix authentication headers sent on peer digest requests - Fix build error on Solaris, OpenIndiana, Omnios- Changes to squid-3.2.8 (02 Mar 2013): - Bug 3767: tcp_outgoing_tos/mark ACLs do not obey acl_uses_indirect_client - Bug 3763: diskd Error: no filename in shm buffer - Bug 3752: objects that cannot be cached in memory are not cached on disk - Bug 3753: Removes the domain from the cache_peer server pconn key - Bug 3749: IDENT lookup using wrong ports to identify the user - Bug 3723: tcp_outgoing_tos/mark broken for CONNECT requests - Bug 3686: cache_dir max-size default fails - Bug 3515: crash in FtpStateData::ftpTimeout - Bug 3329: Quieten orphan Comm::Connection messages - Make squid -z for cache_dir rock preserve the rock DB - Fixed several server connect problems - ... and some build issues on Solaris, OpenIndiana, MacOS X - ... and some documentation and debugs polishing
* Sun Jan 13 2013 chrisAATTcomputersalat.de- Changes to squid-3.2.6 (09 Jan 2013): fix for bnc#794954, CVE-2012-5643, SQUID:2012-1 - Regression Bug 3731: TOS setsockopt() requires int value - Regression Bug 3712: Rotating logs overwrites the previous log - Bug 3727: LLVM compile errors in kerberos_ldap_group - Bug 3650: Negotiate auth missing challenge token - Additional fixes for CVE-2012-5643 / SQUID:2012-1
* http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
* http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643- rebase nobuilddates, config patches
* Sun Dec 30 2012 chrisAATTcomputersalat.de- Changes to squid-3.2.5 (10 Dec 2012): - Bug 3698: Add missing include of errno.h- Changes to squid-3.2.4 (03 Dec 2012): - Ported: urllogin ACL from squid 2.7 - Bug 3688: Lots of Orphan Comm:Connections to ICAP server - Bug 3677: Port un-pinning logic changes from squid 3.3 - Bug 3405: ssl_crtd crashes failing to remove certificate - ... and major bugs fixed in squid 3.1.22 - Fix accept_filter on Linux - Remove \'Bungled\' warning on missing component directives - ... and many buffer and memory leak issues in the bundled helpers - ... and a small amount of code polishing- remove obsolete glibc-217 patch
* Thu Nov 29 2012 sbrabecAATTsuse.cz- Verify GPG signature.
* Sat Nov 17 2012 ajAATTsuse.de- Fix build with glibc 2.17 (add patch squid-glibc217.patch).
* Sun Oct 21 2012 chrisAATTcomputersalat.de- update to 3.2.3 (21 Oct 2012): - Regression: SMP crashes on startup with workers > 1 - Bug 3655: pinning failure breaks NTLM and Negotiate authentication - SMP: Allow a UFS cache_dir entry to coexist with a shared memory cache entry - HTTP/1.1: honour Cache-Control before Pragma:no-cache - HTTP/1.1: Cache-Control compliance upgrade - Remove obsoleted refresh_pattern ignore-no-cache option - Fix IPv6 enabled squidclient - ... and several compile fixes
* Sat Oct 20 2012 chrisAATTcomputersalat.de- update to 3.2.2 (06 Oct 2012): - Regression: Make login=PASS send no credentials when none available - Regression: Handle dstdomain duplicates and overlapping names better - Bug 3661: Segmentation fault when using more than 1 worker - Bug 3660: ACLFilledChecklist::fd set with wrong fd for sslproxy_cert_error - Bug 3658: ERR_ZERO_SIZE_OBJECT propagates out even after successful retry - Bug 3648: polish String class files - Bug 3647: parsing hier_code acl fails - Bug 3626: forwarding loops on intercepted traffic - Bug 3616: retrieve client connection for ACL checks from the related HttpRequest object - Bug 3609: several RADIUS helper improvements - Bug 3605: memory leak in Negotiate authentication - Fix small memory leak in src ACL parse - Fix maximum_single_addr_tries upgrade - Fix chunked encoding on responses carrying a Content-Range header. - Do not reuse persistent connections for PUTs to avoid ERR_ZERO_SIZE_OBJECT - ... and several compile errors- fix deps
* add missing Obsoletes/Provides for squid3
* Wed Aug 15 2012 chrisAATTcomputersalat.de- package rename from squid3 back to squid
* old \'squid\' (2.7STABLE9) now obsolete
* only one \"stable\" squid available >= 3.2
* Wed Aug 15 2012 chrisAATTcomputersalat.de- update to 3.2.1 (15 Aug 2012): - Bug 3605: memory leak in peer selection - Bug 3478: better default handling without -DSTRICT_ORIGINAL_DST - ... and some documentation updates- rebase squid-config patch
* Fri Aug 03 2012 chrisAATTcomputersalat.de- update to 3.2.0.19 (02 Aug 2012) - Regression Bug 3580: IDENT request makes squid crash - Regression Bug 3577: File Descriptors not properly closed - Regression Bug 3478: Allow peer selection and connection auth on intercepted traffic - Regression Fix: Restore memory caching ability - Bug 3556 Workaround: epoll assertion failed: comm.cc:1093: isOpen(fd) - Bug 3551: store_rebuild.cc:116: \"store_errors == 0\" assertion - Bug 3525: Do not resend nibbled PUTs and avoid \"mustAutoConsume\" assertion. - Avoid bogus \"Disk space over limit\" warnings when rebuidling dirty ufs index - Support custom headers in [request|reply]_header_
* manglers - ... and much code polishing- remove upstream patches
* 3.2-11611 - 3.2-11638- rebase config, nobuilddates, compiled_without_RPM_OPT_FLAGS patches
* Mon Jul 30 2012 chrisAATTcomputersalat.de- add upstream patches
* 3.2-11631 - 3.2-11638
* Fri Jul 27 2012 chrisAATTcomputersalat.de- update to 3.2.0.18 (29 Jun 2012) - Bug 3576: ICY streams being Transfer-Encoding:chunked - Bug 3537: statistics histogram leaks memory - Bug 3526: digest authentication crash - Bug 3484: Docs: sslproxy_cert_error example flawed - Bug 3462: Delay Pools and ICAP - Bug 3405: ssl_crtd crashes failing to remove certificate - Bug 3380: Mac OSX compile errors with CMSG_SPACE - Bug 3258: Requests hang when Host forgery verify fails - Bug 3186: Digest auth caches failed state without revalidating - Bug 2976: ERR_INVALID_URL for transparently captured requests when reconfiguring - Bug 2885: AIX: check and set required compiler flags - Fix ssl_crtd compile issues with libsslutil - Fix build with GCC 4.7 (and probably other C++11 compilers). - Fix double-escape of %R on deny_info redirect responses - Support status 308 Permanent Redirect - Support for TLSv1.1 and TLSv1.2 options and methods - Support passing external_acl_type credentials on ICAP - Language Updates: fr, hy, pt_BR - ... and many compile issues on Windows - ... and some minor code polish for more info please see ChangeLog- remove obsolete swapdir, FSF patches- rebase config, nobuilddates patches- add upstream patches
* 3.2-11611 - 3.2-11630- add compiled_without_RPM_OPT_FLAGS patch
* squid3 no-rpm-opt-flags :./cf_gen.cc
* Tue Jun 12 2012 chrisAATTcomputersalat.de- update to 3.1.20 - Regression Bug 3545: FreeBSD dnsserver segfaults - Regression Bug 3504: clientside_tos fails to mark traffic - Bug 3539: CONNECT server connection not closed correctly on errors - Bug 3502: client timeout uses server-side read_timeout, not request_timeout - Bug 3466: Adaptation stuck on last single-byte body piece - Bug 3463: dnsserver fails to compile - Bug 3439: correct external_acl_type documented default for ipv4/ipv6 option - Bug 3390: Proxy auth data visible to scripts - Bug 3263: ssl_crtd: undefined references to squid_curtime - Bug 3233: Invalid URL accepted with url host is white spaces - Bug 3133: Memory leak handling requests for sites that don\'t exist - Bug 3074: Improper URL handling with empty path (RFC 3986) - Bug 3013: segmentation fault on shutdown commSetCloseOnExec at comm.cc:1889 - Regression: snmp/udp address directives not resolving hostname - Better helper-to-Squid buffer size management. - Support CoAP over HTTP (coap:// and coaps:// URLs) - Support for 3.2 error template codes- rebase config, swapdir patch
* Fri Feb 17 2012 chrisAATTcomputersalat.de- some cleanup
* rebase patches (p0), remove version from patch_names- add Source signature file- add FSF patch (incorrect-fsf-address)- add rpmlintrc file
* macro-in-comment
* no-manual-page-for-binary
* Wed Feb 15 2012 chrisAATTcomputersalat.de- update to 3.1.19 - Regression Bug 3441: part 2: Prevent further cache size corruption of swap.state - Bug 3473: erase last uses of obsolete auth_user_hash_pointer - Bug 3470: GCC 4.7 - Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL - Bug 3441: part 1: Minimize cache size corruption by malformed swap.state - Bug 3440: compile error in Adaptation - Bug 3420: Request body consumption races and !theConsumer exception - Bug 3370: external ACL sometimes skipping - Bug 3085: Crash when parsing esi:include - HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses - Fix SSL library dependency fixes- remove obsolete upstream patches
* squid-3.1-10415 - ..421- add squid source signature file
* Mon Jan 16 2012 chrisAATTcomputersalat.de- add upstream patches
* 3.1-10419: Bug #3085: Crash when parsing esi:include
* 3.1-10420: Bug #3473: erase last uses of obsolete auth_user_hash_pointer
* 3.1-10421: Bug #3420: Request body consumption races and !theConsumer exception.
* Wed Dec 21 2011 chrisAATTcomputersalat.de- fix for bnc#737905
* fix test EXPRESSION in post section
* Mon Dec 12 2011 chrisAATTcomputersalat.de- add upstream patches
* 3.1-10417: Polish: debug messages on swap.state rename failure
* 3.1-10418: Bug #3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
* Wed Dec 07 2011 chrisAATTcomputersalat.de- fix build
* add upstream patches - 3.1-10415: Portability: SSL library dependency fixes - 3.1-10416: Bug #3440: compile error in Adaptation
* Mon Dec 05 2011 chrisAATTcomputersalat.de- update to 3.1.18 - Regression: compile error in FTP- Changes to squid-3.1.17 (03 Dec 2011): - Bug 3432: Crash logging FTP errors - Bug 3428: Active FTP data channel accepted twice - Bug 3423: access violation in URL parser - Bug 3422: Buffer overflow in recv-announce - Bug 3412: External ACL Uses Invalid Cache Entry - Bug 3408: Wrong header length leads to EFAULTs when creating UFS swap.log.new - Bug 3398: persistent server connection closed after PUT/DELETE - Bug 3299: dnsserver: various undefined references - Bug 3077: \'\\\' in url query strings cause Digest authentication to fail - Bug 2910: MemBuf may grow beyond max_capacity - Bug 2619: Excessive RAM growth due to unlimited adapted body data consumption - Bug 1243: Build overrides configured AR setting - Avoid crashes when processing bad X509 common names (CN). - Support %% in external ACL format - ... and several other compile error fixes - ... and several documentation fixes
* Wed Nov 30 2011 crrodriguezAATTopensuse.org- make coolo\'s bot reviewer happy
* Wed Nov 30 2011 crrodriguezAATTopensuse.org- Use service type \"simple\"
* Mon Nov 28 2011 crrodriguezAATTopensuse.org- Support systemd
* Sun Nov 27 2011 cooloAATTsuse.com- add libtool as buildrequire to avoid implicit dependency
* Sat Oct 15 2011 chrisAATTcomputersalat.de- update to 3.1.16 - Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED - Bug 3368: Unhandled exceptions are not logged (workaround) - Bug 3326: miss_access incorrect default - Bug 3320: miss_access description confusing - Bug 3241: squid_kerb_auth cross compilation fix - Bug 3237: seq fault in free() from rfc1035RRDestroy - Bug 3190: Large HTTP POST stuck after early ICAP 400 error response - db_auth: display available DSN drivers on connect error - Updated OpenSSL 1.0.0 version checks - ... and several documentation fixes
* Wed Oct 05 2011 crrodriguezAATTopensuse.org- Build with -DOPENSSL_LOAD_CONF see OPENSSL_config(3) for detail
* Tue Aug 30 2011 chrisAATTcomputersalat.de- update to 3.1.15 - Regression fix: vhost and defaultsite causing vport to be ignored - Regression Bug 3295: broken escaping in rfc1738_do_escape - Bug #3232: fails to compile with OpenSSL v1.0.0 - Bug #3222: cache_peer name is not logging on CONNECT - Bug #3131: fd_table[fd].closing() assert from ConnStateData::noteMoreBodySpaceAvailable() - Bug #3217: \"!fd_table[fd].closing()\" from ServerStateData::noteMoreBodySpaceAvailable - Bug #3213: https sites (CONNECT) not open when using NTLM - Bug #3114: Memory leak in SSL certificate verify code - Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes - Bug #2662: cf_gen failure when cross compiling - Bug #2655: passing wrong the username to the url_rewrite_program - Bug #2495: ignore whitespace prefix on config lines - Bug #2051: \'default\' cache_peer option does not match documentation - Bug #1842: Optimize order of tests in peerWouldBePinged() and peerHTTPOkay() - Bug #1791: timestampsSet does not validate Date: if server sends very old date - Correct parsing of large Gopher indexes - Enable negative cacheing on unknown or -1 expiry timestamp - Remove hierarchy_stoplist default value - Migrate cf_gen tool from C-style to C++ - ... and several documentation and compiler warning fixes
* Thu Aug 18 2011 crrodriguezAATTopensuse.org- Disable \"ident\" lookups, obsolete and dangerous thing to have enabled these days.
* Sun Jul 24 2011 chrisAATTcomputersalat.de- fix build for SLE_10
* Wed Jul 20 2011 crrodriguezAATTopensuse.org- This is a long running network daemon, build with full RELRO- remove -fno-strict-aliasing, no longer needed.
* Mon Jul 04 2011 chrisAATTcomputersalat.de- update to 3.1.14 - Regression Bug 3261: Could not create a DNS socket and exit- 3.1.13 - Regression Bug 3239: problems with myip/myport upgrade - Bug 3153: hung ICAP RESPMOD transactions - Update ssl_crtd to use \'OK\' status inline with other helpers- remove obsolete upstream patches (10319,10320)
* Mon Jun 27 2011 chrisAATTcomputersalat.de- add upstream patches o 10319, SourceFormat Enforcemen o 10320, Bug 3153: additional compile fixes
* Sun Jun 19 2011 chrisAATTcomputersalat.de- update to 3.1.12.3 - Bug 3236: Port of %oa, % 3.1.12.3 o nobuilddates 3.1.12 -> 3.1.12.3- remove obsolete patches o 3.1.11-unused o 3.1.12-no-sslv2
* Thu Jun 02 2011 chrisAATTcomputersalat.de- update to 3.1.12.2 - Bug 3226: Tags from external ACLs do not correctly expire - Bug 3215: Malformed IPv6 DNS reverse lookup - Bug 3209: ssl-bumped requests forwarded unencrypted to the parent proxies/caches - Bug 3205: SSL-bump starts then hangs - Bug 3178: gcc-4.6 complains unused variables - Bug 3122: Unknown record type in WCCPv2 Packet (6) - Bug 2965 (partial): Compile errors on MinGW - Fix to only ssl-bump CONNECT requests if they are about to be tunneled - Fix cache manager display of -i/+i in regex ACL config display - Fix cache manager display of cache_peer options userhash and sourcehash - Fix URL re-writer loosing many transaction details - Fix always-true comparison in ICAP for some 32-bit platforms - Support for \'slow\' group ACLs in ssl_bump access control - Support OpenSSL 1.0.0 built without SSLv2 - Support GCC 4.6 and binutils-gold - Add CSS id attribute to BODY tag of generated error pages. - Display WARNING and ERROR when max_filedescriptors has failed
* Thu May 05 2011 chrisAATTcomputersalat.de- update to 3.1.12.1 - Port from 3.2: Dynamic SSL Certificate generation - Bug 3194: selinux may prevent ntlm_smb_lm_auth from using /tmp - Bug 3185: 3.1.11 fails to compile on OpenBSD 4.8 and 4.9 - Bug 3183: Invalid URL accepted with url host part of only \'AATT\' - Display ERROR in cache.log for invalid configured paths - Cache Manager: send User-Agent header from cachemgr.cgi - ... and many portability compile fixes for non-GCC systems.
* Tue May 03 2011 chrisAATTcomputersalat.de- rework initscript o rename source to squid.init o ShouldStart winbind o setup cache_dir only if defined in squid.conf otherwise squid won\'t start, cause cache_dir is not set by default o new vars to squid.sysconfig default_opts \'-sYD\' -> \'-sY\' (-D obsolete)- remove author from spec- updated unused patch (idoenmezAATTnovell.com)
* Fri Apr 29 2011 idoenmezAATTnovell.com- Add squid-3.1.11-unused.patch: remove write only variables to fix compilation with gcc 4.6
* Thu Apr 21 2011 chrisAATTcomputersalat.de- mv RPM_BUILD_ROOT to {buildroot}- fdupes only on {buildroot}{_prefix} o no symlinks on config files ;) hence configs won\'t be overwritten on update
* Tue Apr 12 2011 chrisAATTcomputersalat.de- rework config patch o 3.1.4 -> 3.1.12- add some comments for patches- sort header TAGS
* Mon Apr 11 2011 crrodriguezAATTopensuse.org- Allow compile without SSLv2 o no-sslv2 patch- Supress build dates in binaries. o nobuilddates patch- Default cache storage type should be \"aufs\" in Linux o update config patch
* Wed Apr 06 2011 chrisAATTcomputersalat.de- update to 3.1.12 (Bugs tracked by http://bugs.squid-cache.org/) - Regression fix: Use bigger buffer for server reads. - Regression fix: Add reply_header_replace directive for ability lost since 2.7 - Bug 3181: /dev/poll fails to build on Solaris with GCC 4.5.0 - Bug 3177: assertion failed: comm.cc:1583: \"fd >= 0\" - Bug 3175: IPv6 PTR lookup crashes on raw-IP URLs when IPv6 disabled - Bug 3173: Assertion bodyPipe!=NULL on SslBump CONNECT response writing failure - Bug 3164: Total memory info display 32-bit overflows - Bug 3155: Werror is hard-coded in libTrie build - Bug 3151: squid_kerb_auth: use autoconf LIBS instead of FLAGS for library linkage - Bug 2976: invalid URL on intercepted requests during reconfigure - Bug 2720: comment in same line as cache/mem_replacement_policy causes error - Bug 2621: Provide request headers to RESPMOD when using cache_peer. - Bug 2330: AuthUser objects are never unlocked - Prevent CONNECT request relaying to origin servers - squidclient HTTP/1.1 compliance updates (Pragma and User-Agent headers) - squidclient: send Cache Manager password using -w - eCAP: give full Request-URI to adapters - ... and several debug and error display cleanups
* Sun Feb 13 2011 chrisAATTcomputersalat.de- update to 3.1.11 - Bug 3149: not caching eCAP adapted body - Bug 3144: redirector program blocks while reading STDIN - Bug 3140: memory leak in error page generation - Bug 3137: RADIUS auth helper does not send identifier to RADIUS server - Bug 3115: logging segfaults if access_log is set to a directory - Bug 2968: Show the Vary: headers information in cachemgr objects report - Bug 2959: remove SAMBAPREFIX dependency - Bug 2868: icc doesn\'t like string literal in assert checks - HTTP/1.1: Send 307 status on deny_info redirection - HTTP/1.1: Support POST/PUT with no body - HTTP/1.1: Allow persistent connections for Mozilla/3.0 User-Agents - Support RFC 5861 Cache-Control: stale-if-error option - Add ftp_eprt directive to disable EPRT extensions in FTP - Fix external_acl_type grace=0 to obey TTL - Fix IP/FQDN cache accounting to avoid idle caches on busy servers - Prevent pipeline_prefetch misconfigurations breaking NTLM/Negotiate auth - ... and some documentation updates and corrections - ... and some portability and stability fixes
* Tue Jan 04 2011 chrisAATTcomputersalat.de- update to 3.1.10 - Bug 3121: memory leak in DigestAuth: AuthUser object is locked twice - Bug 3113: Consuming too much memory when uploading files - Bug 3110: \'reply_body_max_size none\' does not work with x-forwarded-for - Bug 3096: Consuming too much memory when delaying traffic - Bug 3091: Bypassed ICAP errors are not counted as service failures - Bug 3090: Polish FTP login error handing - Bug 3068: cache_dir capacity and usage overflows - Bug 3028: Permit wbinfo_group.pl to authenticate Kerberos users with NT domain - Bug 427: HTTP Compliance: Support If-Match and If-None-Match requests - Fix memory leak in adaptation_access - Fix /dev/poll and poll() selection priority - Fix PREFIX/var/run creation during install - Fix cachemgr http_port config report display - Add upgrade help process for obsolete options - Accept RFC 2965 Set-Cookie2 / Cookie2 headers as \'known\' - HTTP/1.1: entry is stale if request has max-age=0 - HTTP/1.1: do not forward TRACE with Max-Forwards: 0 after REQMOD - Toolchain update to support newer auto-tools - ... and updated error page translations - ... and updated documentation - ... and some code optimization/simplification polish- reworked swapdir patch
* Fri Oct 29 2010 chrisAATTcomputersalat.de- update to 3.1.9 - Bug 3088: dnsserver is segfaulting - Bug 3084: IPv6 without Host: header in request causes connection to hang - Bug 3082: Typo in error message - Bug 3073: tunnelStateFree memory leak of host member - Bug 3058: errorSend and ICY leak MemBuf object - Bug 3057: 64-bit Solaris 9 Squid unable to determine peer IP and port - Bug 3056: comm.cc \"!fd_table[fd].closing()\" assertion crash when a helper dies - Bug 3053: cache version 1 LFS support detection broken - Bug 3051: integer display overflow - Bug 3040: Lower-case domain entries from hosts and resolv.conf files - Bug 3036: adaptation_access acls cannot see myportname - Bug 3023: url_rewrite_program silently fails to rewrite on broken URLs - Bug 2964: Prevent memory leaks when ICAP transactions fail - Bug 2808: getRoundRobinParent not handling weights correctly - Bug 2793: memory statistics sometimes display wrong - Bug 2356: Port from 2.7: Solaris /dev/poll event ports support - Bug 2311: crashes with ICAP RESPMOD for HTTP body size greater than 100kb - Ensure /var/cache or jail equivalent exists on install - HTTP/1.1: delete Warnings that have warning-date different from Date - HTTP/1.1: do not remove ETag header from partial responses - HTTP/1.1: make date parser stricter to better handle malformed Expires - HTTP/1.1: improve age calculation - HTTP/1.1: reply with a 504 error if required validation fails - HTTP/1.1: add appropriate Warnings if serving a stale hit - HTTP/1.1: support requests with Cache-Control: min-fresh - HTTP/1.1: do not cache replies to requests with Cache-Control: no-store - squidclient: Display IP(s) connected to in verbose (-v) display - Fixes several issues with ICAP persistent connections - Fixes small leaks in Netdb, DNS, ICAP, ICY, HTTPS - ... and some cosmetic polishing- removed obsolete patches o squid-beta-3.0-ia64 (upstream) o squid-beta-3.0-mem_node_64bit (not needed, Amos) o squid-3.1.4-openldap (not needed, Amos)- reworked swapdir patch o send upstream
* Sun Sep 05 2010 chrisAATTcomputersalat.de- update to 3.1.8 - Bug 3033: incorrect information regarding TOS - Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL - Bug 3005,2972: Locate LTDL headers correctly (again) - Bug 2872: leaking file descriptors - Bug 2583: pure virtual method called - Hardened DNS client against packet queue attacks - Hardened HTTP request-line parser - Several HTTP/1.1 support improvements - Improved cross-compile support - .. and several internal pointer safety fixes- remove obsolete patches o bug2972-real-fix.patch o squid-bootstrap.patch
* Tue Aug 31 2010 chrisAATTcomputersalat.de- added bug2972-real-fix.patch o fix build for SLE_10 o but impossible to apply LDAP patch
* Wed Aug 25 2010 chrisAATTcomputersalat.de- update to 3.1.7 - Regression Bug 3021: Large DNS reply causes crash - Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes - Regression Bug 2997: visible_hostname directive no longer matches docs - Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port - Bug 3006: handle IPV6_V6ONLY definition missing - Bug 3004: Solaris 9 SunStudio 12 build failure - Bug 3003: inconsistent concepts in documentation of cache_dir - Bug 3001: dnsserver link issues - HTTP/1.1: default keep-alive for 1.1 clients (bug 3016) - HTTP/1.1: Improved Range header field validation - HTTP/1.1: Forward multiple unknown Cache-Control directives - HTTP/1.1: Stop sending Proxy-Connection header - Fix 32-bit wrap in refresh_pattern min/max values - ... and several documentation corrections.
* Tue Aug 10 2010 chrisAATTcomputersalat.de- update to 3.1.6 - Bug 2994, 2995: IPv4-only regressions - Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec() - Bug 2975: chunked requests not supported after regular ones - Fix: 32-bit overflow in reported bytes received from next hop - Fix Libtool build regressions - Limited split-stack IPv6 support. - squid_db_auth support MD5 encrypted passwords
* Sun Jul 25 2010 chrisAATTcomputersalat.de- update to 3.1.5 - Bug 2967: raw-IPv6 address URL with append_domain broken - Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached - Bug 2943: ICAP tokens not logged when using multiple access - Bug 2937: Fails to detect chunked encoding if not given in all lower case - Bug 2903: does not send indirect X-Client-Ip in ICAP respmod - Fix free memory corruption and off-by-one error when comparing SNMP OIDs - Port from 2.7: max_filedescriptor config option - Fix persistent_connection_after_error is meant to be on by default - ... and several build errors.
* Wed Jun 09 2010 chrisAATTcomputersalat.de- fix build for SLE_10 o added bootstrap patch o fix permissions.secure for pam_auth- spec mods o build with --mandir o add BuildReq libcap-devel (TPROXY)
* Tue Jun 08 2010 chrisAATTcomputersalat.de- new version 3.1.4 - Bug 2933: Verification of the max. port number for WCCP2 dynamic service - Bug 2924: RADIUS helper compile issues - Bug 2922: Fix assertion failed: HttpHeader.cc: \"Headers[id].stat.aliveCount\" - Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client - Bug 2896: Fix assertion failed: comm.cc:2063: \"!fd_table[fd].closing()\" - Bug 2879: pt2: 3.0 regression in headers end finding - Bug 2877: pt2: only output zero-size warning on reverse-proxy requests - Bug 2876: FD_SETSIZE override not working on all linux distributions - Bug 2810: common log format generates 2 lines of syslog - Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB - Bug 2753: Fall back on IPv4 if IPv6 is not present - Bug 2697: Adaptation leaks and extra requests after reconfiguration - Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field - Change LDAP helpers to default to LDAP version 3 if available - Add Joomla and Salted Hash support to squid_db_auth helper - Fixed IpAddress port printing for ports higher than 9999 - Disable chunked memory pooling by default. - ... and several build errors.- reworked config patch with fuzz=0- removed libxml2 patch- added swapdir patch- reworked ldap patch- adopt build_option storeio: (build all) o --enable-storeio=aufs,diskd,null,ufs -> --enable-storeio- adopt build_option ntlm-auth-helpers: SMB -> smb_lm o ntlm_auth -> ntlm_smb_lm_auth- enable parallel build- fix permissions file
* Tue Mar 16 2010 chrisAATTcomputersalat.de- new version 3.0.STABLE25 - Bug 2845: Rework the http digest auth parser - Bug 2787: unknown/unexpected status code messages - Bug 2507: squid_ldap_group: Strip Domain name separated by + - Bug 2367: stale=true on digest requests with unknown nonce - ... and several other minor corrections
* Tue Feb 16 2010 chrisAATTcomputersalat.de- new version 3.0.STABLE24
* Bug 2858: Segment violation in HTCP
* Updated refresh pattern for dynamic pages- version 3.0.STABLE23
* Bug 2856: removing assert() required for 3.0 patch for SQUID-2010:1
* Regression Fix: Build error in Kerberos helper after library removal.- version 3.0.STABLE22
* Regression Fix: Make Squid abort on all config parse failures.
* Bug 2787: Reduce unexpected http status to non-critical warnings.
* Bug 2496: Downloading some variants in full before relaying
* Bug 2452: Add upper limit to external_acl_type entries.
* Removed optional kerberos/spnegohelp/ library due to licensing issues
* Add client_ip_max_connections
* Handle DNS header-only packets as invalid.- version 3.0.STABLE21
* Bug 2830: Clarify where NULL byte is in headers.
* Bug 2778: Linking issues using SunCC
* Bug 2395: FTP errors not displayed
* Bug 2155: Assertion failures on malformed Content-Range response headers
* Fix parsing and a few bugs in ACL time type
* Fix RFC keep-alive compliance on intercepted replies
* Improved security hardening on %nn parser
* Replace several GCC-specific code snippets.
* Mon Nov 09 2009 chrisAATTcomputersalat.de- new version 3.0.STABLE20
* Bug 2794: ESI parsing on FreeBSD
* Bug 2791: assertion failed: MemBuf.cc:400: new_cap > (size_t) capacity
* Bug 2779: Support GNU/kFreeBSD
* Bug 2773: Segfault in RFC2069 Digest authantication
* Bug 2768: squid_ldap_group argument parsing error
* Bug 2761: Gopher and double HTTP response header
* Bug 2735: Incomplete -fhuge-objects detection
* Bug 2722: prevent CONNECT via http_port with accel
* Bug 2624: Invalid response for IMS request
* Bug 2510: digest_ldap_auth TLS support
* Correct LINUX_CAPABILITY actions on non-Linux- removed old upstream patches o squid-3.0-9107.patch - squid-3.0-9124.patch
* Wed Oct 07 2009 chrisAATTcomputersalat.de- added upstream patches o squid-3.0-9107.patch - squid-3.0-9124.patch
* Mon Sep 14 2009 chrisAATTcomputersalat.de- new version 3.0.STABLE19
* Bug 2745: Invalid Response error on small reads
* Bug 2739: DNS resolver option ndots can\'t be parsed from resolv.conf
* Bug 2734: some compile errors on Solaris
* Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy
* Bug 2541: Hang in 100% CPU loop while extacting header details using a delimiter other than comma
* Bug 2362: Remove support for deferred state in stateful helpers
* Add 0.0.0.0 as a to_localhost address
* Docs: Improve chroot directive documentation slightly
* Fixup libxml2 include magics, was failing when a configure cache was used
* ... and some minor testing improvements.- spec mods o adding group winbind, add squid to group winbind when using squid with samba-winbind for ntlm_auth squid needs read access to /var/lib/samba/winbindd_privileged group winbind is added if squid is installed before winbind ;)
* Sat Sep 05 2009 chrisAATTcomputersalat.de- added upstream patches o b9097 - b9103- rpmlint o added fdupes
* Wed Sep 02 2009 chrisAATTcomputersalat.de- cleanup spec o removed #--------
* Tue Sep 01 2009 cooloAATTnovell.com- remove outdated patches
* Mon Aug 31 2009 cooloAATTnovell.com- merge factory changes with buildservice
* Sun Aug 30 2009 ajAATTsuse.de- Fix patch numbering for rpm 4.7.
* Wed Aug 26 2009 mlsAATTsuse.de- make patch0 usage consistent
* Fri Aug 21 2009 chrisAATTcomputersalat.de- added upstream patches o b9095, b9096
* Sat Aug 15 2009 chrisAATTcomputersalat.de- added upstream patches o b9089 - b9094 o disabled b9089,b9090,b9092 cause can not patch inexistent file
* Tue Aug 11 2009 chrisAATTcomputersalat.de- new version 3.0.STABLE18:
* Bug 2728: regression: assertion failed: !eof
* Bug 2732: reply_body_max_size smaller than error page loops infinitely until out of memory
* Bug 2725: pconn failure if domain or client_address are unset
* Bug 2648: reserved helpers not shut down after reconfigure/rotate
* Bug 2462: make check should tell when cppunit is missing
* Remove excess messages about headers < minimum size
* Support Libtool 2.2.6- Changes to squid-3.0.STABLE17 (27 Jul 2009):
* Bug 2680 regression: Crash after rotate with no helpers running
* Bug 2710: squid_kerb_auth non-terminated string
* Bug 2679: strsep and strtoll detection failure
* Bug 2674: Remove limit on HTTP headers read.
* Bug 2659: String length overflows on append, leading to segfaults
* Bug 2620: Invalid HTTP response codes causes segfault
* Bug 2080: wbinfo_group.pl - false positive under certain conditions
* Bug 1087: ESI processor not quoting attributes correctly.
* Fix: issue with AUFS/UFS/DiskD writing objects to disk cache
* Several small build issues with previous release. for full changes list, see: http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE18-RELEASENOTES.html- removed squid-3.0.STABLE16-gcc_warn_kerb_auth.patch- removed changed, deprectated configure options o deprecated: - -enable-poll o changed to default: - -enable-htcp - -enable-snmp
* Sat Jul 25 2009 chrisAATTcomputersalat.de- spec mods
* removed ^----------
* removed ^#---------
* Thu Jul 23 2009 chrisAATTcomputersalat.de- new version 3.0.STABLE16:
* Bug 2672: cacheMemMaxSize 32-bit overflow during snmpwalk
* Bug 2481: Don\'t set expires: now in generated error responses
* Bug 2387: The calculation of the number of hash buckets correctly
* Fix infinite loop in MSNT auth helper
* Fix FD_SETSIZE on FreeBSD
* Fix stripping NT domain in squid_ldap_group
* Fix RADIUS auth helper build
* Add Translate: and Unless-Modified-Since: headers to known list
* Make fakeauth handle NTLMv2 better
* Better Kerberos support detection
* Several Widows port fixes- Changes to squid-3.0.STABLE16-RC1 (16 May 2009):
* Bug 1148: Ported from 3.1: Chunked Transfer Encoding
* Bug 2648: NTLM helpers not shutting down when deferred- Changes to squid-3.0.STABLE15 (06 May 2009):
* Regression Bug 2635: Incorrect Max-Forwards header type
* Bug 2652: \'Success\' error on CONNECT requests
* Bug 2625: IDENT receiving errors
* Bug 2610: ipfilter support detection
* Bug 2578: FTP download resume failure
* Bug 2536: %H on HTTPS error pages
* Bug 2491: assertion \"age >= 0\"
* Bug 2276: too many NTLM helpers running
* Endian system and compiler fixes provided by the NetBSD project
* documentation fixes provided by the Debian project- Changes to squid-3.0.STABLE14 (11 Apr 2009):
* Regression Fix: HTTP/0.9 in accelerator mode
* Bug 1232: cache_dir parameter limited to only 63 entries
* Bug 1868: support HTTP 207 status
* Bug 2518: assertion failure on restart/reconfigure
* Bug 2588: coredump in rDNS lookup
* Bug 2595: Out of bounds memory write in squid_kerb_auth
* Bug 2599: Idempotent start
* Bug 2605: Prevent setsid() on helpers in daemon mode
* Fix external_acl_type option parsing
* Fix delay pools counters on FTP
* Fix several issues with ident (some remain)
* Fix performance issues with persistent connections
* Fix performance issues with delay pools
* Fix forwarding of OPTIONS requests
* Add support for HTTP 1.1 Content-Disposition header
* Add support for Windows 7, Windows Server 2008 R2 and later
* ... and many small documentation updates for full changes list, see: http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE16-RELEASENOTES.html- reworked gcc_warn_kerb_auth
* was partially added- added after RELEASE patches
* b9052 - b9067 for full changes list, see: http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE16.html- some spec mods
* removed {rel}
* Wed Jun 10 2009 roAATTsuse.de- strchr returns a const char
* now, work around
* Sun May 03 2009 chrisAATTcomputersalat.de- some spec fixes
  
ICM