openSUSE Build Service

Dominique Leuenberger (dimstar_suse) accepted request 1155563 from

Adam Majer (adamm) about 2 months ago (revision 120)

- update to 6.8
  - Fix marking of problematic cached IP addresses (#1691)
  - Bug 5344: mgr:config segfaults without logformat (#1680)
  - Fix infinite recursion when parsing HTTP chunks (#1553)
    (bsc#1216715, CVE-2024-25111)
- changes in 6.7
  - Bug 5337: workaround for crash on startup if -a option is used
  - Bug 5274: Successful tunnels logged as TCP_TUNNEL/500
  - Fix crash when NTLM and Negotiate helpers are queried with no HTTP request
  - Fix SslBump memory leak when mimicking certificates with Authority Key Identifier
  - Fix memory leak on SslBump certificates with Authority Key Identifier extension
  - Fix a possible integer overflow in FTP Gateway
  - Extend cache_log_message to Bug 5187 and job invalidation BUGs
  - Remove incorrect beta version warning
- squid.keyring: updated
- header_fixups.patch: added
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on
  client errors

 - Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617)

Ana Guerrero (anag+factory) accepted request 1151607 from

Martin Pluskal (pluskalm) 2 months ago (revision 119)

Ana Guerrero (anag+factory) accepted request 1142310 from

Adam Majer (adamm) 3 months ago (revision 118)

changes only changes, CVEs, bugs, etc.

Dominique Leuenberger (dimstar_suse) accepted request 1135832 from

Martin Pluskal (pluskalm) 4 months ago (revision 117)

Ana Guerrero (anag+factory) accepted request 1122203 from

Adam Majer (adamm) 6 months ago (revision 116)

- update to 6.4:
  * security fixes:
    + Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846)
    + Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824)
    + Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847)
    + Denial of Service in FTP (bsc#1216498, CVE-2023-46848)
    + Fix validation of certificates (bsc#1216803, CVE-2023-46724)
  * Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
  * Bug 4981: Work around in-call job invalidation bugs
  * basic_smb_lm_auth: fix 'no previous declaration' warnings
  * CacheManager: require /squid-internal-mgr/ URL path prefix
  * ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
  * documentation changes

Dominique Leuenberger (dimstar_suse) accepted request 1112346 from

Adam Majer (adamm) 7 months ago (revision 115)

- update to 6.3:
  - Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
  - Bug 4981: Work around in-call job invalidation bugs
  - basic_smb_lm_auth: fix 'no previous declaration' warnings
  - CacheManager: require /squid-internal-mgr/ URL path prefix
  - ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]

Dominique Leuenberger (dimstar_suse) accepted request 1103106 from

Adam Majer (adamm) 9 months ago (revision 114)

Dominique Leuenberger (dimstar_suse) accepted request 1085760 from

Adam Majer (adamm) 12 months ago (revision 113)

- update to 5.9:
  * Improve reply_body_max_size matching accuracy
  * fix gcc13 warning

Dominique Leuenberger (dimstar_suse) accepted request 1084087 from

Adam Majer (adamm) 12 months ago (revision 112)

- partial revert of earlier "fix PIDFile"
  - move pidfile back to /run/squid.pid and not in the directory
    owned by squid. The purpose of /run/squid/ is to facilitate
    SMP worker's IPC and not for the PID file. The PID file can
    live just fine in /run since it's written by root. (bsc#1210960)

Dominique Leuenberger (dimstar_suse) accepted request 1079395 from

Martin Pluskal (pluskalm) about 1 year ago (revision 111)

Dominique Leuenberger (dimstar_suse) accepted request 1073989 from

Adam Majer (adamm) about 1 year ago (revision 110)

Dominique Leuenberger (dimstar_suse) accepted request 1060834 from

Adam Majer (adamm) over 1 year ago (revision 109)

Dominique Leuenberger (dimstar_suse) accepted request 1055875 from

Martin Pluskal (pluskalm) over 1 year ago (revision 108)

Dominique Leuenberger (dimstar_suse) accepted request 1006088 from

Adam Majer (adamm) over 1 year ago (revision 107)

- Migration to /usr/etc: Saving user changed configuration files
  in /etc and restoring them while an RPM update.

and CVE references,
  - Regression Fix: Typo in manager ACL (bsc#1203677, CVE-2022-41317)
    (bsc#1203680, CVE-2022-41318)

Dominique Leuenberger (dimstar_suse) accepted request 1003011 from

Adam Majer (adamm) over 1 year ago (revision 106)

Dominique Leuenberger (dimstar_suse) accepted request 999925 from

Adam Majer (adamm) over 1 year ago (revision 105)

Dominique Leuenberger (dimstar_suse) accepted request 985925 from

Lars Vogdt (lrupp) almost 2 years ago (revision 104)

Dominique Leuenberger (dimstar_suse) accepted request 984871 from

Adam Majer (adamm) almost 2 years ago (revision 103)

- Update to 5.6:
  * Improve handling of Gopher responses (bsc#1200907, CVE-2021-46784)
- Changes in 5.5:
  * fixes regression Bug 5192: esi_parser default is incorrect
  * Bug 5177: clientca certificates sent to https_port clients
  * Bug 5090: Must(!request->pinnedConnection()) violation
  * Kid restart leads to persistent queue overflows, delays/timeouts

Dominique Leuenberger (dimstar_suse) accepted request 966241 from

Adam Majer (adamm) about 2 years ago (revision 102)

- Do not try to set special permissions for basic_pam_auth (bsc#1197649)

Dominique Leuenberger (dimstar_suse) accepted request 965649 from

Adam Majer (adamm) about 2 years ago (revision 101)

- Fix upgrade path from squid 4.x where we replaced some symlinks
  with directories in pretrans section (bsc#1197333)
- old_nettle_compat.patch: refresh patch

Places

Revisions of squid

Places