Revisions of squid
Marcus Rueckert (darix)
committed
(revision 4)
security fixes - update to 6.8 - Fix marking of problematic cached IP addresses (#1691) - Bug 5344: mgr:config segfaults without logformat (#1680) - Fix infinite recursion when parsing HTTP chunks (#1553) (bsc#1216715, CVE-2024-25111) - changes in 6.7 - Bug 5337: workaround for crash on startup if -a option is used - Bug 5274: Successful tunnels logged as TCP_TUNNEL/500 - Fix crash when NTLM and Negotiate helpers are queried with no HTTP request - Fix SslBump memory leak when mimicking certificates with Authority Key Identifier - Fix memory leak on SslBump certificates with Authority Key Identifier extension - Fix a possible integer overflow in FTP Gateway - Extend cache_log_message to Bug 5187 and job invalidation BUGs - Remove incorrect beta version warning - squid.keyring: updated - header_fixups.patch: added - 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on client errors - Use %patch -P N instead of deprecated %patchN. - Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617)
Ruediger Oertel (oertel)
committed
(revision 3)
security fixes and missing security references in older versions - update to 6.6: - bug 5328: Fix ESI build with libxml2 v2.12.0 - Bug 5319: QOS Netfilter MARK preservation is always disabled - Bug 5318: peer_digest.cc:399: "fetch->pd && receivedData.data" - Bug 5317: FATAL attempt to read data from memory - Bug 5154: Do not open IPv6 sockets when IPv6 is disabled - FTP: Ignore credenials with a NUL-prefixed username - log_db_daemon: Fix DSN construction - Limit the number of allowed X-Forwarded-For hops (bsc#1217654, CVE-2023-50269) - Do not update StoreEntry expiration after errorAppendEntry() - improve handling of response sending errors (bsc#1219131, CVE-2024-23638) - changes in 6.5: - Bug 5309: frequent "lowestOffset () <= target_offset" assertion - Bug 4977: Remove mem_hdr::freeDataUpto() assertion - Fix handling of expanding HTTP header values - Fix RFC 1123 date parsing (bsc#1217813, CVE-2023-49285) - Gracefully shutdown when helper process startup fails (bsc#1217815, CVE-2023-49286) + One-Byte Buffer OverRead in HTTP Request Header Parsing (bsc#1217274) - update to 6.2 (bsc#1217825, CVE-2023-49288, bsc#1216497):
Daniel Mach (dmach)
committed
(revision 2)
jsc#PED-6565 - update to 6.4: * security fixes: + Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846) + Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824) + Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847) + Denial of Service in FTP (bsc#1216498, CVE-2023-46848) + Fix validation of certificates (bsc#1216803, CVE-2023-46724) * Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL * Bug 4981: Work around in-call job invalidation bugs * basic_smb_lm_auth: fix 'no previous declaration' warnings * CacheManager: require /squid-internal-mgr/ URL path prefix * ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion] * documentation changes - update to 6.3: - Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL - Bug 4981: Work around in-call job invalidation bugs - basic_smb_lm_auth: fix 'no previous declaration' warnings - CacheManager: require /squid-internal-mgr/ URL path prefix - ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion] - update to 6.2: * Major UI changes: - Remove 8K limit for single access.log line - Add tls_key_log to report TLS communication secrets * Minor UI changes: - Add %transport::>connection_id logformat code - Add paranoid_hit_validation directive - Report SMP store queues state (mgr:store_queues) - Addcache_log_message directive
Daniel Mach (dmach)
committed
(revision 1)
initialize package
Displaying all 4 revisions