Changelog for
squid-2.5.STABLE14-2tr.i586.rpm :
Thu Jan 18 13:00:00 2007 Nived Gopalan
2.5.STABLE14-2tr
- SECURITY Fix: An error in handling of certain FTP URL requests can
be exploited to crash Squid by visiting a specially crafted FTP URL
via the proxy.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-0247 to this issue.
Tue Aug 29 14:00:00 2006 Nived Gopalan 2.5.STABLE14-1tr
- New Upstream.
Thu Mar 16 13:00:00 2006 Bipin S 2.5.STABLE13-1tr
- New Upstream
- Removed samba wbinfo patch
- Fixed ftp upload issues
- A number of minor and cosmetic bugfixes done.
Thu Jan 19 13:00:00 2006 Ajith Thampi 2.5.STABLE12-1tr
- New Upstream
- Multiple Bug Fixes
- Add a patch to work with samba-3.0.21a
Fri Oct 21 14:00:00 2005 Bipin S 2.5.STABLE11-2tr
- Security Fix: M.A.Young has reported a vulnerability in Squid, which can be
exploited by malicious people to cause a DoS (Denial of Service). The
vulnerability is caused due to an error in handling certain FTP server responses.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-3258 to this issue.
Tue Oct 18 14:00:00 2005 Ajith Thampi 2.5.STABLE11-1tr
- New Upstream
Thu Sep 8 14:00:00 2005 Bipin S 2.5.STABLE10-3tr
- Fixed multiple DOS vulnerabilities. Bug #1264
Mon Jul 11 14:00:00 2005 Hasher Jamaludeen 2.5.STABLE10-2tr
- Added openssl-devel, pam-devel, openldap-devel in Buildrequires , Bug #1054.
- Enabled diskd support , Bug #1055.
Mon May 23 14:00:00 2005 Nived Gopalan 2.5.STABLE10-1tr
- New Upstream
- Fixed a Set-Cookie race condition causing inconsistent cache behaviour
- Abort on misconfigured http_access rules to prevent unexpected results from partial configuration
- FTP directory listings corrected again (broken by 2.5.STABLE9)
- Support for proxying huge objects greater than 2GB in size
Thu May 12 14:00:00 2005 Syed Shabir Zakiullah 2.5.STABLE9-6tr
- Security Fix: A vulnerability has been reported in Squid, which can be exploited by
malicious people to spoof DNS lookups.
The vulnerability is caused due to an unspecified error in the DNS client when handling
DNS responses and can be exploited to spoof DNS lookups.
Mon May 9 14:00:00 2005 Syed Shabir Zakiullah 2.5.STABLE9-5tr
- Cosmetic Security Fix (CAN-2005-1345): Squid 2.5.STABLE9 and earlier does not trigger
a fatal error when it identifies missing or invalid ACLs in the http_access configuration,
which could lead to less restrictive ACLs than intended by the administrator.
Thu Apr 28 14:00:00 2005 Syed Shabir Zakiullah 2.5.STABLE9-4tr
- Minor Security Fix [#13718]: A race window has been discovered where Set-Cookie headers
may leak to another users if the requested server relies on the old obsolete (since 1997)
Netscape Set-Cookie specifications in how caches should handle the Set-Cookie header on
otherwise cacheable content.
Fri Mar 4 13:00:00 2005 Erlend Midttun 2.5.STABLE9-3tr
- Don\'t wanna talk about it.
Thu Mar 3 13:00:00 2005 Erlend Midttun 2.5.STABLE9-2tr
- Fix algorithm to find cache_dir. Bug #60. Take II.
Fri Feb 25 13:00:00 2005 Erlend Midttun 2.5.STABLE9-1tr
- New upstream.
Tue Feb 22 13:00:00 2005 Erlend Midttun 2.5.STABLE8-1tr
- New upstream.
Mon Feb 21 13:00:00 2005 Erlend Midttun 2.5.STABLE7-4tr
- Fix uninstall of package. Bug #56.
Fri Feb 18 13:00:00 2005 Erlend Midttun 2.5.STABLE7-3tr
- Fix algorithm to find cache_dir. Bug #60
Mon Jan 31 13:00:00 2005 Oystein Viggen 2.5.STABLE7-2tr
- Fix CAN-2005-0094, CAN-2005-0095, CAN-2005-0096, CAN-2005-0197
Wed Nov 10 13:00:00 2004 Erlend Midttun 2.5.STABLE7-1tr
- New upstream.
Tue Nov 9 13:00:00 2004 Erlend Midttun 2.5.STABLE6-4tr
- Now own /etc/squid
Sun Oct 31 13:00:00 2004 Olaf Rempel 2.5.STABLE6-2tr
- Manpage fix
- Added snmp mibfile to doc
Fri Sep 17 14:00:00 2004 Erlend Midttun 2.5.STABLE6-1tr
- New upstream.
Thu Jun 10 14:00:00 2004 Oystein Viggen 2.5.STABLE5-5tr
- Security fix for ntlm auth helper (CAN-2004-0541)
Fri Apr 23 14:00:00 2004 Erlend Midttun 2.5.STABLE5-4tr
- Now use /usr for SAMBAPREFIX. Patch 3.
Fri Apr 16 14:00:00 2004 Oystein Viggen 2.5.STABLE5-3tr
- Turn off external acl helpers to help porting.
(please turn this back on later when openldap and samba are available)
Tue Mar 2 13:00:00 2004 Erlend Midttun 2.5.STABLE5-1tr
- New upstream.
Wed Feb 25 13:00:00 2004 Erlend Midttun 2.5.STABLE4-4tr
- Now with ICAP support.
Mon Feb 2 13:00:00 2004 Chr. Toldnes 2.5.STABLE4-2tr
- chkconfig --add in %post
Tue Dec 9 13:00:00 2003 Erlend Midttun 2.5.STABLE4-1tr
- New upstream.
Mon Jun 30 14:00:00 2003 Erlend Midttun 2.5.STABLE3-1tr
- Rebuilt with -tr.
Mon Jun 30 14:00:00 2003 Jan�ke R�nnblom 2.5.STABLE3-1jr
- Update to 2.5.STABLE3
Thu Jun 26 14:00:00 2003 Erlend Midttun 2.5.STABLE2-5tr
- Added [ OK ] and [FAILURE] to startup script. Take II.
Thu Jun 26 14:00:00 2003 Erlend Midttun 2.5.STABLE2-4tr
- Added [ OK ] and [FAILURE] to startup script.
Wed Jun 18 14:00:00 2003 Erlend Midttun 2.5.STABLE2-3tr
- Big rebuild
Mon May 5 14:00:00 2003 Frode Ramsvik 2.5.STABLE2-2fr
- Don\'t create home directory when adding user squid.
- No need to call groupdel after un-install.
Wed Apr 23 14:00:00 2003 Erlend Midttun 2.5.STABLE2-1em
- Initscript now works.
- New upstream.
- Fix icon path.
Mon Mar 24 13:00:00 2003 Erlend Midttun 2.5.STABLE1-4em
- Rebuilt against glibc 2.3.2.
Thu Jan 23 13:00:00 2003 Erlend Midttun 2.5.STABLE1-3em
- Added SSL patch.
Fri Nov 1 13:00:00 2002 Christian H. Toldnes 2.5.STABLE1-2ct
- Fixed user/group generation.
- Moved from /etc/rc.d/init.d to /etc/init.d
- Now uses $INITLOCK for lockfile.
Fri Oct 11 14:00:00 2002 Erlend Midttun
- Picked up 2.5STABLE1.
Thu Jul 4 14:00:00 2002 Nico Erfurth 2.4.STABLE7-1tr
- Upgraded to 2.4.STABLE7, includes security fixes
- Some spec cleanups.
Wed Mar 27 13:00:00 2002 Christian H. Toldnes
- Picked up 2.4.STABLE6 which is a security fix.
Fri Feb 22 13:00:00 2002 Erlend Midttun
- Updated to 2.4.STABLE4 to fix security holes.
Wed Aug 15 14:00:00 2001 Oystein Viggen
- Fixed wrong cachedir in default config.
Fri Apr 20 14:00:00 2001 Erlend Midttun
- Fixed path to perl in support programs.
Tue Apr 17 14:00:00 2001 Erlend Midttun
- Updated to 2.4.STABLE1
- Added bugfix-patches up to current.
Fri Jan 12 13:00:00 2001 Oystein Viggen
- Added a patch for insecure tempfiles
Wed Sep 13 14:00:00 2000 Per Ivar Paulsen
- Picked up STABLE4
Fri Jun 23 14:00:00 2000 Erlend Midttun
- Fixed some group problems
Wed May 3 14:00:00 2000 Erlend Midttun
- Upgraded to version STABLE2
Fri Feb 25 13:00:00 2000 Lars Gaarden
- Changed group ownership on /var/log/squid and /var/spool/squid
Tue Jan 25 13:00:00 2000 Per Ivar Paulsen
- Initial release for the Trustix Secure Linux distribution.
- Added noreplace.
- Moved man and info pages to /usr/share adhering to FHS
- TODO: add better default configuration
Mon Jan 10 13:00:00 2000 Bill Nottingham
- 2.3.STABLE1 (whee, another serial number)
Tue Dec 21 13:00:00 1999 Bernhard Rosenkraenzer
- Fix compliance with ftp RFCs
(http://www.wu-ftpd.org/broken-clients.html)
- Work around a bug in some versions of autoconf
- BuildPrereq sgml-tools - we\'re using sgml2html
Mon Oct 18 14:00:00 1999 Bill Nottingham
- add a couple of bugfix patches
Wed Oct 13 14:00:00 1999 Bill Nottingham
- update to 2.2.STABLE5.
- update FAQ, fix URLs.
Sat Sep 11 14:00:00 1999 Cristian Gafton
- transform restart in reload and add restart to the init script
Tue Aug 31 14:00:00 1999 Bill Nottingham
- add squid user as user 23.
Mon Aug 16 14:00:00 1999 Bill Nottingham
- initscript munging
- fix conflict between logrotate & squid -k (#4562)
Wed Jul 28 14:00:00 1999 Bill Nottingham
- put cachemgr.cgi back in /usr/lib/squid
Wed Jul 14 14:00:00 1999 Bill Nottingham
- add webdav bugfix patch (#4027)
Mon Jul 12 14:00:00 1999 Bill Nottingham
- fix path to config in squid.init (confuses linuxconf)
Wed Jul 7 14:00:00 1999 Bill Nottingham
- 2.2.STABLE4
Wed Jun 9 14:00:00 1999 Dale Lovelace
- logrotate changes
- errors from find when /var/spool/squid or
- /var/log/squid didn\'t exist
Thu May 20 14:00:00 1999 Bill Nottingham
- 2.2.STABLE3
Thu Apr 22 14:00:00 1999 Bill Nottingham
- update to 2.2.STABLE.2
Sun Apr 18 14:00:00 1999 Bill Nottingham
- update to 2.2.STABLE1
Thu Apr 15 14:00:00 1999 Bill Nottingham
- don\'t need to run groupdel on remove
- fix useradd
Mon Apr 12 14:00:00 1999 Bill Nottingham
- fix effective_user (bug #2124)
Mon Apr 5 14:00:00 1999 Bill Nottingham
- strip binaries
Thu Apr 1 14:00:00 1999 Bill Nottingham
- duh. adduser does require a user name.
- add a serial number
Tue Mar 30 14:00:00 1999 Bill Nottingham
- add an adduser in %pre, too
Thu Mar 25 13:00:00 1999 Bill Nottingham
- oog. chkconfig must be in %preun, not %postun
Wed Mar 24 13:00:00 1999 Bill Nottingham
- switch to using group squid
- turn off icmp (insecure)
- update to 2.2.DEVEL3
- build FAQ docs from source
Tue Mar 23 13:00:00 1999 Bill Nottingham
- logrotate changes
Sun Mar 21 13:00:00 1999 Cristian Gafton
- auto rebuild in the new build environment (release 4)
Wed Feb 10 13:00:00 1999 Bill Nottingham
- update to 2.2.PRE2
Wed Dec 30 13:00:00 1998 Bill Nottingham
- cache & log dirs shouldn\'t be world readable
- remove preun script (leave logs & cache AATT uninstall)
Tue Dec 29 13:00:00 1998 Bill Nottingham
- fix initscript to get cache_dir correct
Fri Dec 18 13:00:00 1998 Bill Nottingham
- update to 2.1.PATCH2
- merge in some changes from RHCN version
Sat Oct 10 14:00:00 1998 Cristian Gafton
- strip binaries
- version 1.1.22
Sun May 10 14:00:00 1998 Cristian Gafton
- don\'t make packages conflict with each other...
Sat May 2 14:00:00 1998 Cristian Gafton
- added a proxy auth patch from Alex deVries
- fixed initscripts
Thu Apr 9 14:00:00 1998 Cristian Gafton
- rebuilt for Manhattan
Fri Mar 20 13:00:00 1998 Cristian Gafton
- upgraded to 1.1.21/1.NOVM.21
Mon Mar 2 13:00:00 1998 Cristian Gafton
- updated the init script to use reconfigure option to restart squid instead
of shutdown/restart (both safer and quicker)
Sat Feb 7 13:00:00 1998 Cristian Gafton
- upgraded to 1.1.20
- added the NOVM package and tryied to reduce the mess in the spec file
Wed Jan 7 13:00:00 1998 Cristian Gafton
- first build against glibc
- patched out the use of setresuid(), which is available only on kernels
2.1.44 and later
