Changelog for squidclamav-6.16-lp150.3.6.x86_64.rpm :

* Wed Oct 19 2016 larsAATTlinux-schulserver.de- use libdir macro now for c_icap library (modules) path- refresh squidclamav.conf.patch- update to 6.16: This release fixes a major bug with debugs macro that can have bad side effects like printing an error after configuration reload an possibly some other wrong behaviors. - Change log level of configuration reloading message. - Show line in configuration file that can not be parsed by add_pattern(). - Enclose debugs macro to avoid misusage. Thanks to Denis Volpato Martins for the patch. - Fix Apache complain \"AH01215: CGI::param called in list context from package main line 14, this can lead to vulnerabilities.\" Thanks to thctlo for the report.
* SquidClamav 6.15, Monday January 18 2016 This release fix a major bug of a buffer overflow in squidclamav_safebrowsing() and change the http response code in squidclamav redirection when a virus is found. - Fix buffer overflow in squidclamav_safebrowsing(). Thanks to Stuart Henderson for the patch. - Change http response code 301 (move permanently) to 307 (temporary redirect) in squidclamav redirection when a virus is found. Thanks to Alexander Koch for the report. - Fix null url, client ip and username in safebrowsing report. Thanks to Claus Regelmann for the patch.
* SquidClamav 6.14, Sunday October 17 2015 This release fix a compilation issue with c-icap 0.4.x and exclude the HTTP method OPTIONS from being virus scanned. - Excluded OPTIONS http method from being scanned. Thanks to Yuri Voinov for the report. - Fix some ru_RU translation errors. Thanks to romale for the report.
* SquidClamav 6.13, Monday June 01 2015 This release fix some minor issues and allow to use a file with a list of regular expression to be whitelisted. - Fix some memory management issues. Thanks to mbechler for the patch. - Allow whitelist directive to receive a file as value import the whitelist from another file. This file must only contain a list of regex (one per line) to be whitelisted. Thanks to karlmendes for the feature request. - Fix generated 403 response which was not correct. Thanks to Manoj Ramakrishnan for the report and Christos Tsantilas for the fix.
* SquidClamav 6.12, Sunday December 28 2014 This release fixes the default path to configuration file to be the same as c-icap configuration directory. Some issues revealed by Coverity Scanner have been fixed as well as some code cleanup. - Add more information about redirect directive to documentation and configuration file. - Update documentation to be more explicit about the --with-c-icap configure option. Thanks to Yuri Voinov for the suggestion. - Add configuration for squid 3.4.x to documentation. Thanks to Yuri Voinov for the patch. - Set debug level to 2 for message \"Can not begin to scan url: No preview data\". Thanks to Marco Gaiarin for the suggestion. - Fix default path to squidclamav.conf. It is now always installed and searched in c-icap configuration directory. /etc/squidclamav.conf is no more used as default. Thanks to Oliver Seeburger for the report. - The message about undefined squidguard directive has been changed. - Change cast on content_length printing. - Fix some issues returned by Coverity scanner.
* Mon Sep 29 2014 larsAATTlinux-schulserver.de- create a symlink /etc/squidclamav.conf pointing to the config in /etc/c-icap/squidclamav.conf as the code seems to have the path still hardcoded in some places
* Wed Mar 12 2014 larsAATTlinux-schulserver.de- update to 6.11: + This release adds support to icap template allowing to display a templated response on block instead of redirecting to an external URL. Add new lines into HTTP and ICAP response header to set X-Infection-Found and X-Virus-ID when a virus is found. With the possiblity to scan data sent without preview this allow some commercial product like MoveIt DMZ to work with c-icap and squidclamav service. Lot of code clean up and bug fixes. + Replace clamd STREAM by zINSTREAM protocol as clamav have removed the obsolete STREAM protocol in release 0.97.4. Thanks to Vasan and Raja Lakshmi for the report.- use /var/run/clamav/clamd-socket as clamav socket per default- place the squidclamav.conf in the /etc/c-icap directory where it makes more sense- add MALWARE_FOUND template for c_icap
* Wed Dec 25 2013 larsAATTlinux-schulserver.de- place libraries in %{_prefix}/lib/c_icap/ as all the other c-icap modules- use README.SUSE
* Thu Nov 01 2012 larsAATTlinux-schulserver.de- update to 6.10: + Replaced clamd STREAM by zINSTREAM protocol as clamav have removed the obsolete STREAM protocol in release 0.97.4.
* Wed Sep 12 2012 larsAATTlinux-schulserver.de- update to 6.9: + Add \'safebrowsing\' configuration directive to enable/disable Safe Browsing detection + Fix support to Clamav Google Safe Browsing that need a second query to clamd because the url need to be embeded in an email like content. Thanks to frOgz for the report + All redirect CGI scripts have been rewritten with some CSS and to better handle virus vs malware. + Compatibility fix with new c-icap 0.2.1 release that prevent squidclamav service to be initialized. + Add a workaround for a squidGuard bug that unescape the URL and send it back unescaped. This result in garbage staying into pipe of the system command call and could crash squidclamav on next read or return false information. This is specially true with URL containing the %0D or %0A character. + Update documentation about the recommanded way to call squidGuard through the use of url_rewrite_program in squid.conf. You may not use the squidguard configuration directive into squidclamav.conf + Rewrite entirely the squidclamav behavior with the maxsize directive. The previous fix was only a workaround. + Fix a bug on \'trustclient\' check part that was never executed if dnslookup was disabled. Thanks to Tinu for the report.- removed upstreamed squidclamav-fix_html.patch
* Fri Apr 06 2012 larsAATTlinux-schulserver.de- added hint for disabling RPM scanning in config- added suse.de and opensuse.org domains as whitelisted
* Mon Apr 02 2012 larsAATTlinux-schulserver.de- initial version 6.5