File squid.changes of Package squid
-------------------------------------------------------------------
Wed May 25 03:46:39 UTC 2011 - crrodriguez@opensuse.org
- Supress timestamps from binaries, breaks build-compare.
-------------------------------------------------------------------
Sat Feb 19 11:45:53 UTC 2011 - chris@computersalat.de
- update to 2.7.STABLE9
- 2.7.STABLE8 failed to compile with OpenSSL 0.9.8 on some systems
- failure to detect certain system libraries on some systems
resulting in compilation errors
- Changes to squid-2.7.STABLE8 (10 March 2010)
- Bug #2458: reply_body_max_size incorrectly documented
- Bug #2858: Segment violation in HTCP
- Bug #2773: Segfault in RFC2069 Digest authantication
- 64-bit filesize issue in squidclient if trying to post a file > 2GB
- Improve %nn parser to better deal with certain odd %nn sequences
- Segmentation fault if failed to open cache.log
- Bug #2819: const correctness errors in dns_internal.c
- Handle DNS header-only packets as invalid. (CVE-2010-0308)
- Windows port: Updated mswin_ad_group native helper to version 2.1
- Cosmetic change to keep GCC happy
- Bug #2678 - storeurl_rewrite does not play nicely with vary
- Bug #2861 - only-if-cached request blocks if it collapsed into
another request
- Use libcap functions instead of raw kernel interface
- No need to sync the store on -k rotate, but instead it needs to be
done in reconfigure
- const correctness in OpenSSL initialization
- Rework the http digest auth parser
- Changes to squid-2.7.STABLE7 (17 September 2009)
- Bug #2661 - Solaris /dev/poll support broken with EINVAL
- Clarify external_acl_type %{Header} documentation slightly
- Bug #2482: Remove mem_obj->old_entry in async code to avoid deep ctx
errors
- GCC-4.x cleanups
- Bug #2605: Don't call setsid() on helper childs when running in
daemon mode
- Windows port: Fix PSAPI.DLL usage, is always available on Windows NT
and later
- Windows port: Added support for Windows 7, Windows Server 2008 R2
and later
- Bug #2602: increase MAX_URL to 8192
- The debug mode option '-d' was not documented in LDAP helpers usage
message
- Windows port: Added a note about installation on Windows Vista and
later
- Bug #2642: Remove duplicate peerMonitorInit() on reconfigure
- Bug #2515: Final chunk parsing errors on FreeBSD6+
- Bug #2647: Reprioritise override-* and stale-while-revalidate
- Windows port: Fix improper access permissions to registry and DNS
parsing from registry
- Windows port: Fix getservbyname() usage abuse.
- Bug #2672: cacheMemMaxSize 32-bit overflow during snmpwalk
- Bug #2691: store_url memory leak
- Accept PUT/POST requests without an entity-body
- Plug request_t + HttpStateData memory leak on PUT/POST requests with
early response
- Bug #2710: squid_kerb_auth non-terminated string
- Bug #2369: squid traffic counter 32-bit overflow
- Bug #2080: wbinfo_group.pl - false positive under certain conditions
- Bug #2739: DNS resolver option ndots can't be parsed from
resolv.conf
- Windows port: fix mswin_negotiate_auth.exe crash when executing a
LocalCall authentication with verbose deBug #enabled
- Add 0.0.0.0 as an to_localhost address
- Windows port: Update mswin_check_ad_group to version 2.0
- Windows port: There is no "-P" command line option into
mswin_check_ad_group helper.
- Correct Valgrind mempool protection
- Bug #2451: Correct length handling on 304 responses
- Bug #2541: Hang in 100% CPU loop while extacting header details
using a delimiter other than comma (external_acl_type,
access_log_format, external_refresh_check)
- Bug #2768 - squid_ldap_group -K argument parsing error
- removed old upstream patches: 12466, 12480 - 12497
- added new upstream patch: 12697
- cleanup spec
-------------------------------------------------------------------
Tue Nov 3 19:09:46 UTC 2009 - coolo@novell.com
- updated patches to apply with fuzz=0
-------------------------------------------------------------------
Tue Aug 11 12:18:57 UTC 2009 - chris@computersalat.de
- update to 2.7.STABLE6
* Bug #2494: Fix tproxy url in configure
* Correct latency measurements
* Correct upgrade_http0.9 example
* Correct parsing of invalid http version numbers
* Crossreference authenticate_ip_shortcircuit_access and
* authenticate_ip_shortcircuit_ttl
* Add in some better documentation for override-expire.
- added upstream patches
o 12466, 12480-12495, 12497
o disabled 12488.patch (can not patch not existing file)
-------------------------------------------------------------------
Mon Oct 27 18:04:31 CET 2008 - kssingvo@suse.de
- update to 2.7.STABLE5, which is a bugfix version only:
* Don't set expires: now in generated error responses
* Old headers still returned after a cache validation
* swap.state permission issues if crashing during "squid -k
reconfigure"
* Limit stale-if-error to 500-504 responses
* Increase negotiate auth token buffer size
* add upgrade_http0.9 option making it possible to disable
upgrade of HTTP/0.9 responses
* assertion failed: sc->new_callback == NULL at store_client.c:190
* Shut down store url rewrite helpers on squid -k reconfigure
* configuration file contains non-ASCII characters
For complete list of changes see:
http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html
- removed obsolete, already in upstream version patches
-------------------------------------------------------------------
Thu Oct 2 14:21:07 CEST 2008 - kssingvo@suse.de
- bugfix if user is in many kerberos groups (12380.patch)
-------------------------------------------------------------------
Thu Sep 25 16:56:29 CEST 2008 - kssingvo@suse.de
- added a few official patches:
* HTTP/0.9: making it possible to disable upgrade of HTTP/0.9
responses
* assertion failed: sc->new_callback == NULL at store_client.c:190
* foreground rebuild should do all of the rebuilding before Squid
accepts
* Shut down store url rewrite helpers on squid -k reconfigure
* configuration file contains non-ASCII characters
-------------------------------------------------------------------
Wed Aug 20 14:38:42 CEST 2008 - kssingvo@suse.de
- update to 2.7.STABLE4:
* DNS retransmit queue could get hold up
* assertion failed: forward.c:529: "fs"
* assertion failed: forward.c:110: "!EBIT_TEST(e->flags,
ENTRY_FWD_HDR_WAIT)"
* Workaround for Linux-2.6.24 & 2.6.25 netfiler_ipv4.h include
header __u32 problem
* Make dns_nameserver work when using --disable-internal-dns on
glibc based systems
* Handle aborted objects properly. The change in 2.7.STABLE3
triggered a number of issues.
* access.log logs rewritten URL and strip_query_terms ineffective
For full list of changes see:
http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE4.html
- added cron to Requires: as rpmlint complains on this
-------------------------------------------------------------------
Sun Aug 17 09:08:16 CEST 2008 - aj@suse.de
- Fix init scripts.
-------------------------------------------------------------------
Wed Jul 2 17:26:29 CEST 2008 - kssingvo@suse.de
- update to 2.7.STABLE3:
major changes from 2.6 to 2.7:
* HTTP/1.1 support
* performance improvements
* no longer WAIS support
* can emulate an origin server when acting as an accelerator
* "min-size" option for cache_dir
* semi-modular logging framework introduced
* Support for rewriting URLs into canonical forms when storing
and retrieving objects
* Object revalidation in background
* new option "zero_buffers"
* cache authentication based on source IP address
* configuration files can be included
* alteration for default rules to not cache dynamic content from
cgi-bin and query URLs
* cleanup of accelerator mode
* zero Penalty Hit support
* and many bugfixes
For full list of changes see:
http://www.squid-cache.org/Versions/v2/2.7/changesets
- fixed the config patch accordingly
- sorted files in /usr/sbin
- added new binary /usr/sbin/logfile-daemon
-------------------------------------------------------------------
Mon May 19 19:12:39 CEST 2008 - kssingvo@suse.de
- added "sharedscripts" to logrotate (bnc#388088)
-------------------------------------------------------------------
Tue Apr 29 17:42:20 CEST 2008 - kssingvo@suse.de
- update to 2.6.STABLE19:
* Custom log formats fail to log file sizes >2GB properly on
32-bit platforms
* outgoing_address acl doesn't work with indirect source address
(follow-x-forwarded-for)
* Stuck in 100% CPU when fetching an corrupt peer digest
* Add support for the resolv.conf domain directive, and also
automatically derived default domain
* minimum_icp_query_timeout directive
Full list of changes see:
http://www.squid-cache.org/Versions/v2/2.6/changesets/SQUID_2_6_STABLE20.html
- removed official patches, which are now included in latest version
-------------------------------------------------------------------
Thu Apr 17 12:19:12 CEST 2008 - kssingvo@suse.de
- added official patches:
* Custom log formats fail to log file sizes >2GB properly on
32-bit platforms
* Fix stripping NT domain in squid_ldap_group
* Cache-Control: max-stale=0 forwarded wrongly as max-stale
(without delta)
* Fails to parse chunked encoding using chunk extensions
* Deal properly with empty list members
* tcp_outgoing_address acl doesn't work with indirect source
address (follow-x-forwarded-for)
-------------------------------------------------------------------
Wed Mar 26 16:55:30 CET 2008 - kssingvo@suse.de
- update to 2.6.STABLE19:
* Fix tcp_outgoing_address example config to match its description
* Assertion failed sc != NULL when using peer monitor function
fixed
* Fix missing default disk store type into QUICKSTART example.
* Handle recursive completion operations in diskd fixed.
* documentation bugfix for tcp_outgoing_tos directive
* Sort cache list in wccpv2 to ensure a consistent hash allocation
across all services
* Updated Ukrainan error pages
* Compile error in squid_kerb_auth under Mac OS X 10.5.2
* squid_radius_auth failed ro process more than 256 requests
* Clarified description of 'cache_vary' directive
* Make range_offset_limit 0 disable local range processing as
documented, even if the first range starts at 0
- updated 64bit patch
- updated FAQ: no longer avail, its a Wiki now. Best compromise to
use CompleteFaq webpage instead.
-------------------------------------------------------------------
Tue Jan 15 15:55:18 CET 2008 - kssingvo@suse.de
- update to 2.6.STABLE18:
* Preparing 2.6.STABLE18
* This is STABLE18, not 16..
* Remove HEAD ChangeLog entries copied by mistake
* Preparing for 2.6.STABLE18
* Update valgrind support for valgrind-3.3.0
* Sometimes arrayShrink() will be asked to shrink by 0 entries.
Handle that.
* Digest authentication fixes
* Minor cleanups to make some 64-bit platforms happier
* Novell eDirectory digest helper edir_digest_auth update to
clean up license
* Change old info@ircache.net contact address to
info@squid-cache.org
* Convert spnegohelp.h and spnegohelp.c files drom DOS to Unix
text format.
* Fix bug in header array compression
- removed obsolete suse 8.0 check in PreReq
-------------------------------------------------------------------
Wed Dec 12 17:59:47 CET 2007 - kssingvo@suse.de
- BuildRequires doesn't need openldap2 anymore. fixed.
-------------------------------------------------------------------
Mon Dec 3 15:45:17 CET 2007 - kssingvo@suse.de
- upgrade to version 2.6STABLE17:
* Fix compile error with old GCC 2.x or other ANSI-C compilers
before C99
* Mention the login= cache_peer option in release notes
* Fix bad cache_peer example in squid.conf
* Fix a compile-time memory corruption error causing cf_gen to
fail
* Clarify high_memory_warning usage
* Reject DNS responses which result in no data
* Fix version number in configuration manual
* Move cache and request/reply_header_max_size to their proper
sections
* sbrk statistics broken when process size >2GB
* Move logopen() much earlier to have fatal startup errors sent
to the proper syslog facility
* Fix HTTP/0.9 responses
* Correct bad example config for tos_outgoing_tos
* Fix grammar in description of mail_program squid.conf option
* Ignore Content-Length in chunked responses instead of
rejecting the response as invalid
* Documented that http_port no longer have a default
* Cleanup of cache digest documentation
* Make aufs store rebuilding back off a little if I/O load too
high
* Respect DNS ttl=0
* Update udp_(incoming|outgoing)_address documentation to
reflect current bahaviour.
* Update HTCP documentation
* Document the overlapping helper request format
* Change priority of proxy auth and extacl provided username in
login=*:pass
* pack header entries on cache updates
* Make squid_db_auth reopen the database connection on each
query by default
* Improve helper debug ouput, including the channel number
* Update cachePeerEntry MIB description to mention what is used
as index key
* Import squid_radius_auth for authenticating to RADIUS
-------------------------------------------------------------------
Tue Oct 23 17:58:58 CEST 2007 - kssingvo@suse.de
- upgrade to version 2.6STABLE16:
* Test for sys/capability.h linux include file to avoid failing on
linux systems missing libcap
* Release private objects on cache rebuild
* Segfault in clientBuildReplyHeader when http->entry == NULL
* Bug #2072: digest_pw_auth fails when using plaintext passwords
* Bug #2073: assertion failed: client_side.c:4175: "buf != NULL ||
!conn->body.request on POST
* Adjust default pconn timeouts to avoid shutting down connection while
child sends request
* Bug #1980: cache_peer monitortimeout not working
* Bug #1882: Parent responses are not cached if sibling returns 504
* More squid.conf reordering to get the dependencies between options
sorted proper
* The select() I/O loop got broken by the /dev/poll addition
(2.6.STABLE14)
* Bug #2017: Fails to work around broken servers sending just the HTTP
headers
* Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers
before C99
* squid.conf.default updated and reorganised in more sensible groups
* correct and document the syslog access_log format
* Armenian error pages translation
* digest_ldap_helper usage help updated
* Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor
* Improve delay pools in low traffic environment by checking timeouts
at a steady 1 second interval even when there is not much activity
* Don't request authentication on transparently intercepted
connections
* Cleanup linux capabilities for tproxy
* Bug #2003: 'via' config directive doesn't affect response headers
* Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache
* Add missing $|=1 to squid_db_auth
* Bug #2050: Persistent connection dropped if cache has no
Content-Length
* Verify the URL on memory cache hits
* Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14
* Bug #1972: Squid sets peers to down state when they are in fact
working.
* potential segmentation fault in storeLocateVary()
* Bug #2066: chdir after chroot
* Windows port: Fix compiler warnings when building Squid as
application (not Windows service mode)
* Spelling correction of received
- adapted config patch
-------------------------------------------------------------------
Thu Aug 16 14:45:29 CEST 2007 - kssingvo@suse.de
- removed /etc/squid/errrors: no longer needed (bugzilla#300933)
-------------------------------------------------------------------
Thu Aug 9 15:14:02 CEST 2007 - kssingvo@suse.de
- removed explicit permissions handling (bugzilla#298341)
-------------------------------------------------------------------
Mon Aug 6 10:38:13 CEST 2007 - kssingvo@suse.de
- moved $named from Required-Start to Should-Start (bugzilla#142653)
- renamed X-UnitedLinux-Should-Start to Should-Start in rc script
- renamed X-UnitedLinux-Should-Stop to Should-Stop in rc script
-------------------------------------------------------------------
Mon Jul 30 19:04:24 CEST 2007 - kssingvo@suse.de
- upgrade to 2.6.STABLE14:
* Bug #2008: Work around clients trying to use NTLM or Negotiate
without persistent connections
* Deal better with forwarding loops
* Bug #2010: snmp_core.cc:828: warning: array subscript is above
array bounds
* Temporary shortage of system filedescriptors may cause Squid to
permanently stop accepting connections
* Bug #1085: Add no-wrap to cache manager HTML tables
* Cosmetic squid_ldap_auth cleanups from Squid-3
* Simple POP3 basic auth helper querying a POP3 server
* squid.conf.default cleanups
* Clean up HTML escapes in the configuration manual
* Simple POP3 basic auth helper querying a POP3 server
* Imported updated squid_kerb_auth helper from the SourceForge
squidkerbauth repository
* Bug #1130: min-size option for cache_dir
* digest_edir_auth helper, using novell eDirectory universal
password
* Bug #1968: Squid hangs occasionally when using DNS search paths
* Bug #1900: Double "squid -k shutdown" makes Squid restart again
* There is no -a command line option in Squid-2.6 and later.
* Make AC_CHECK_.._SYSTYPE wrappers around the default calls to
allow cross-compiling
* Renamed db_auth.pl to squid_db_auth, and autogenerate perl path
and man page
* make devpoll support work
* Bring over Solaris/IRIX /dev/poll network IO support from
Squid-2, enabled by compiling with --enable-devpoll
* Database auth helper using Perl DBI
* Kerberos SPNEGO helper
* Always use xisxxxx() Squid defined macros instead of ctype
functions.
* Round time to next event upwards to avoid storms of comm_select
loops doing nothing
* Adjust refresh_pattern min-age to make 0 mean 0, not 1 second
* URI-escape using the recommended upper case
* Correct the refresh_pattern ignore-auth documentation to refer
to CC: public
* Dump out the config manual while making snapshots
* Script to build HTML configuration manual from cf.data
* Shuffle around various configuration options into their own
sections
-------------------------------------------------------------------
Wed May 23 21:25:42 CEST 2007 - kssingvo@suse.de
- moved cachemgr.cgi to %{_libdir}/squid to make rpmlint happy
-------------------------------------------------------------------
Mon May 14 15:42:34 CEST 2007 - kssingvo@suse.de
- upgrade to 2.6.STABLE13:
* Make sure reply headers gets sent even if there is no body available
yet, fixing RealMedia streaming over HTTP issues.
* Undo an accidental name change of storeUnregisterAbort.
* Kill an ancient malplaced storeUnregisterAbort call from ftp.c
* Bug #1814: SSL memory leak on persistent SSL connections
* Don't log ECONNREFUSED/ECONNABORTED accept failures in cache.log
* Cosmetic fix: added missing newline in WCCPv2 configuration dump.
* Ukrainan error messages
* Convert various error pages from DOS to UNIX text format
* Bug #1820: COSS assertion failure t->length == MD5_DIGEST_CHARS
* Clarify the max-conn=n cache_peer option syntax slightly
* Bug #1892: COSS segfault on shutdown
* Windows port: fix undefined ECONNABORTED
* Make refreshIsCachable handle ETag as a cache validator, not
only last-modified
* in_port_t is not portable, use unsigned short instead
* Fix fs / auth / snmp dependencies
* Portability: statfs() may reqire #include <sys/statfs.h>
-------------------------------------------------------------------
Fri Apr 6 16:27:21 CEST 2007 - ro@suse.de
- added valgrind-devel to buildrequires
-------------------------------------------------------------------
Tue Apr 3 19:12:15 CEST 2007 - kssingvo@suse.de
- upgrade to 2.6.STABLE12:
* Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0)
* various diskd bugfixes
* In the access.log hierarchy field log the unique peer name
instead of the host name
* unlinkdClose() should be called after (not before)
storeDirSync()
* CLEAN_BUF_SZ was defined, but never used anywhere
* logging HTTP-request size
* Fix icmp pinger communication on FreeBSD and other not
supporing large dgram AF_UNIX sockets
* Release objects on swapin failure
* Objects stuck in cache if origin server clock in future
* 302 responses with an Expires header is always cached
* Primitive support for HTTP/1.1 chunked encoding, working around
broken servers
* Clean up relations between TCP probing and DNS checks of peers
with no known addresses.
* Fix a minor HTML coding error in ftp directory listings with //
in the path
* Cleanup of refresh logics when dealing with non-refreshable
content
* Gopher cleanups and bugfixes
* Negotiate authentication fixed again. Broken since STABLE7 by
the patch for
* COSS tries to shut down the same directory twice on exit
* store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL entries
* Added support for Subversion HTTP request methods MKACTIVITY,
CHECKOUT and MERGE.
* assertion failed: client_side.c:4055: "buf != NULL ||
!conn->body.request"
* Handle garbage helper responses better in concurrent protocol
format
* Fix kqueue when overflowing the changes queue
* Make sure the child worker process commits suicide if it could
not start up
* Don't log short responses at debug level 1
* Fix bswap16 & bwsap32 error on NetBSD
* Fix collapsed_forwarding for non-GET requests
* Assertion error on TRACE
-------------------------------------------------------------------
Mon Feb 26 17:23:21 CET 2007 - kssingvo@suse.de
- needsrootforbuild injected: urgently required for ulimit setting
-------------------------------------------------------------------
Wed Jan 31 21:11:28 CET 2007 - kssingvo@suse.de
- upgrade to 2.6.STABLE9 with this fixes:
* Date parsing error causing objects to get unexpectedly cached.
Problem introduced in 2.6.STABLE6.
* authenticateNTLMFixErrorHeader: state 4. NTLM & Negotiate
instability introduced in 2.6.STABLE6.
* Primitive support for HTTP/1.1 chunked encoding, working around
broken servers sending chunked encoding in response to HTTP/1.0
requests.
* STALE: Entry's timestamp greater than check time. Clock going
backwards?
* Don't update object timestamps on a failed revalidation.
* If-Modified-Since broken in 2.6.STABLE8
* diskd bug in storeDiskdIOCallback()
-------------------------------------------------------------------
Mon Jan 22 18:17:05 CET 2007 - kssingvo@suse.de
- reinjected SAMBAPREFIX into specfile (bugzilla#236317)
-------------------------------------------------------------------
Thu Jan 18 10:27:30 CET 2007 - kssingvo@suse.de
- upgrade to 2.6.STABLE7:
* Windows port: Fix intermittent build error using Visual Studio
* Add missing tproxy info from the dump of http port
configuration
* Bug #1853: Support for ARP ACL on NetBSD
* clientNatLookup(): fix wrong function name in debug messages
* Convert ncsa_auth man page from DOS to Unix text format.
* Bug #1858: digest_ldap_auth had some remains of old hash format
* Correct the select_loops counter when using select(). Was
counted twice
* Clarify the http_port vhost option a bit
* Fix cache-control: max-stale without value or bad value
* Bug #1857: Segmentation fault on certain types of ftp://
requests
* Bug #1848: external_acl crashes with an infinite loop under
high load
* Bug #1792: max_user_ip not working with NTLM authentication
* Bug #1865: deny_info redirection with authentication related
acls
* Small example on how to use the squid_session helper
* Bug #1863: cache_peer monitorurl, monitorsize and
monitorinterval not working properly
* Clarify the transparent http_port option a bit more
* Bug #1828: squid.conf docutemtation error for proxy_auth digest
* Bug #1867: squid.pid isn't removed on shutdown
-------------------------------------------------------------------
Wed Jan 17 14:04:00 CET 2007 - lnussel@suse.de
- install pam_auth setuid root instead of setgid shadow (#216816)
- fix permissions handling
-------------------------------------------------------------------
Tue Jan 9 18:37:14 CET 2007 - kssingvo@suse.de
- fixed gnu ftpserver name mangling (bugzilla#230751)
- fixed pidfile removal issue (bugzilla#223067)
-------------------------------------------------------------------
Tue Dec 12 13:37:06 CET 2006 - kssingvo@suse.de
- upgrade to 2.6.STABLE5:
* Whitespace cleanup
* Preparing for 2.6.STABLE6
* Resurrect httpd_accel_no_pmtu_disc after the transparent interception
cleanup
* Spell check in release notes
* Windows port: Updated release notes
* Windows port: Fixed build error on MinGW using SSL support
* Windows port: Updated release notes
* Windows port: Fix build errors when using latest MinGW environment
* Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing
certain Vary objects
* Bug #1840: Disable digest and netdb queries to multicast peers
* Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply.
* Bug #1801: NTLM authentication ends up in a loop if the server responds
with a retriable error
* Bug #439: Multicast ICP peering is unstable and considers most peers dead
* Fix the WCCPv2 mask assignment code to not crash as the value assignments
are built.
* Bug #1584: Unable to register with multiple WCCP2 routers
* Convert the connStateData->chr single link list to a normal dlink_list for
clarity.
* Accept large dates >2^31. Seen for example in the Google logo.
* Remove old leftover variable after the client_side buffer cleanup
* Reduce memory allocator pressure by not continually allocating client-side
read buffers
* Remove malloc/free of temporary buffer in time parsing routines.
* Document that proxy_auth also accepts -i for case-insensitive operation
* Convert snmpDebugOid to use a temporary String object instead of strcat
* Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate
* Add support for the weight= parameter to round-robin peers
* Fix defaultsite= processing after the accelerator mode cleanup
* Clarify the external_acl_type helper format specification and some defaults
* Bug #1773: Segmentation violation bug in the cleanup of transparent mode
* Cleanup to silence a harmess GCC inline warning
* Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0"
* Remove extra newline in redirect message sent by deny_info http://...
aclname
* Bug #1117: assertion failed: aufs/store_dir_aufs.c:642:
"rb->flags.need_to_validate"
* Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/
store_dir_coss.c storeCoss_DeleteStoreEntry
* Windows port: updated release notes
* Only use crypt() if it's available
* automake no longer recommends mkinstalldirs. Remove it from the
distribution.
* Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts
* Cleanup of transparent & accelerator mode request parsing to untangle the
firewall dependencies a bit
* Add client source port logformat tag >p
* Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c
htcpBuildAuth()
-------------------------------------------------------------------
Mon Nov 6 17:56:53 CET 2006 - kssingvo@suse.de
- upgrade to version 2.6.STABLE5, which is only a bug fix version, with
these most important bug fixes:
* Some memory leaks corrected, some of which could result in
denial of service conditions after some time.
* Assertion failure related to Vary/ETag processing, which could
maybe result in a denial of service condition.
* Delay pools now assigns bandwidth fairly among competing
connections.
* Port 563 removed from the default set of SSL ports.
- Changes from 2.6.STABEL4 to 2.6.STABEL5 in detail:
* 2.6.STABLE4 aufs fails to compile if coss isn't enabled
* COSS improvements and cleanups
* SNMP linking issue resolved, enabling SNMP support to be build in all
platforms
* access_log syslog results in blanks syslog lines between every entry
* Incorrect error message on invalid cache_peer specifications
* Memory leak in handling of negatively cached objects
* Incorrect Vary processing in combination with collapsed_forwarding
* Memory leak in ncsa_auth on password changes
* Suppress some annoying coss startup messages raising the debug level
to 2.
* Clarify the external_acl_helper concurrency= change.
* aioDone() could be called twice from aufs and from coss (when using
AIOPS) during shutdown.
* Accept 00:00-24:00 as a valid time specification even if redundand
and the same as 00:00-23:59
* Theoretical memory leak in storeSetPublicKey
* Removing port 563 from the default SSL_ports and Safe_ports ACLs
* Automatically enable Linux Netfilter support with
--enable-linux-tproxy.
* squid -k reconfigure crash when using req/rep_header acls
* Clarify the select/poll/kqueue/epoll configure --enable/disable
options
* Delay pools fairness when multiple connections compete for bandwidth
* Crash on exit in certain conditions where cache.log is not writeable
* Assertion error HttpHeader.c:914: "str"
* Crash on wccp2 + mask assignement + standard wccp service
* Silence harmless gcc compile warning.
* Clean up poll memory on shutdown
* Ported select, poll and win32 to new comm event framework
* Windows port: Correctly identify Windows Vista and Windows Server
Longhorn
* Added a basic comm_select_simple comm loop only requiring minimal
POSIX compliance.
* Safeguard from kb_t counter overflows on 32-bit platforms
-------------------------------------------------------------------
Wed Oct 18 15:53:04 CEST 2006 - kssingvo@suse.de
- upgrade to version 2.6.STABLE4:
* New wccp2_weight directive
* Numeros COSS fixes and improvements
* Support for WCCP2 hash based assignment and weighted assignments
* Windows port update
* Many small fixes to better detect invalid configurations
* Bug #1760: FTP related memory leak
* SNMP mib updates for some minor missing details
* Bug #1590: Silence those harmless ETag loop warnings
* Bug #1740: Squid crashes on certain malformed HTTP responses
* Bug #1699: assertion failed: authenticate.c:836:
"auth_user_request != NULL"
* a number of other minor and cosmetic bugfixes. See the list of
squid-2.6.STABLE4 changes and the ChangeLog file for details.
- removed ncsa patch, now upstream included
-------------------------------------------------------------------
Wed Aug 30 16:06:15 CEST 2006 - kssingvo@suse.de
- fix for buffer size in ncsa auth (bugzilla#202249)
-------------------------------------------------------------------
Wed Aug 23 13:43:22 CEST 2006 - kssingvo@suse.de
- upgrade to version 2.6.STABLE3:
* src/dst acl parsing changed to not attempt to guess a netmask
if none was specified. Instead assume it's an IP address and not
a network even if it ends in 0
* Several memory leaks plugged
* Delay pools now work again (broken in 2.6.STABLE1 & 2)
* New log_format %ue and %us tags for external acl or ssl user id
* COSS fixes and performance improvements
* Include acl's is now shown in their original form in cachemgr
configuration dumps.
* ntlm fake_auth finally handles non-ascii user names
* TCP fallback on truncated DNS responses, making the internal
DNS client complete.
* Downloads could hang when using the cache_dir max-size option
* Fixed some assertion failures and segmentation faults
* Some small optimizations to reduce CPU usage
* a number of other minor and cosmetic bugfixes. See the list of
squid-2.6 changes and the ChangeLog file for details.
-------------------------------------------------------------------
Thu Aug 3 11:50:10 CEST 2006 - kssingvo@suse.de
- upgrade to version 2.6.STABLE2:
* Bug #1650: transparent interception "Unable to forward this
request at this time"
* Bug #1658: Memory corruption when using client-side SSL
certificates
* Multiple fixes to the experimental COSS cache_dir type Added
* the missing concurrency parameter to basic/digest auth
schemes
* Bug #1669: SEGV in storeAddVaryReadOld Bug #1670: assertion
* failure: i->prefix_size > 0 in
client_side.c:2509
* Bug #1671: transparent interception fails with FreeBSD ipfw or
Linux-2.2 ipchains
* Bug #1660: Accept-Encoding related memory corruption Bug #1673:
* cache digests not served to other caches Bug #1684: xstrdup:
* tried to dup a NULL pointer! Bug #1688: Assertion failure in
* HttpHeader.c in some header_access
configurations
* Bug #1696, Bug #1700 and more: WCCP2 fixes Bug #1677: Duplicate
* etags in the If-None-Match in cache
validations causing lighttpd to fail with error 400
* Added ARP acl support for OpenBSD and ARP fixes for Windows Bug
* #1681: All ntlmauthenticator processes are busy new
* minimum_expiry_time squid.conf directive backported from
Squid-3
* Bug #1703: Wrong default path to the diskd helper causing hangs
* at
100% CPU
* Bug #1685: Crashes or other odd results after
* storeSwapMetaUnpack:
errors
* a number of other minor and cosmetic bugfixes. See the list of
squid-2.6 changes and the ChangeLog file for details.
- adapted ldflags patch
- added /usr/sbin/cossdump
-------------------------------------------------------------------
Tue Jul 25 17:52:32 CEST 2006 - schwab@suse.de
- Fix build requires.
-------------------------------------------------------------------
Thu Jul 13 16:45:27 CEST 2006 - kssingvo@suse.de
- upgrade to version 2.6.STABLE1:
o bug fixes
o Major improvements to the way that Squid handles web proxy,
accelerated and transparent proxy requests to make it easier to
configure transparent and acceleration functionality
o WCCPv2 support multiple cache engines registering with multiple
WCCP routers and switches.
o TPROXY totally transparent proxy support under Linux, which to
allow Squid to appear totally invisible to both client and server
systems when transparently caching requests.
o Support for Etag and Vary HTTP headers.
o Collapsed forwarding, which gives Squid the ability to
intelligently merge client requests for objects into one request
to the server.
o Support for epoll under Linux, which gives Squid the ability to
handle many many more concurrent requests with lower CPU
overhead.
o SSL assisted hardware encryption making use of OpenSSL
functionality within Squid.
o Logging enhancements to allow even greater customization of the
way Squid logs requests in the access-log or to syslog if
required
o Authentication enhancements including Negotiate/Kerberos support,
extra workarounds for NTLM clients and others using Microsoft
Integrated Login.
o Additional external_acl parameters to support SSL and even more
client side parameters.
o ACL changes in conjunction with SSL changes which have been
merged, to allow matching based on SSL certificate parameters.
o New authentication helpers:
- Digest LDAP helper
- Native Windows basic, NTLM and negotiate helpers
- External acl helpers for session monitoring and native Windows
group membership check
o HTCP significantly cleaned up and added support for the CLR
operation to purge contents from the cache
o Support for parsing X-Forwarded-For headers allowing access
controls to be based on the real client IP even if behind secondary
proxies
- adapted SUSE patches
-------------------------------------------------------------------
Sat Jun 17 10:25:36 CEST 2006 - schwab@suse.de
- Fix typo.
-------------------------------------------------------------------
Fri Jun 16 23:53:28 CEST 2006 - schwab@suse.de
- Set mandir.
- Use --with-maxfd and don't build as root.
- Don't lose LDFLAGS.
-------------------------------------------------------------------
Mon Mar 13 15:29:54 CET 2006 - kssingvo@suse.de
- added 6 official upstream patches
-------------------------------------------------------------------
Mon Mar 6 17:39:08 CET 2006 - kssingvo@suse.de
- added 15 official upstream patches
- updated FAQ
-------------------------------------------------------------------
Wed Jan 25 21:41:46 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Fri Jan 20 17:25:37 CET 2006 - schwab@suse.de
- Don't strip binaries.
-------------------------------------------------------------------
Wed Jan 11 14:18:37 CET 2006 - kssingvo@suse.de
- added 2 official patches
- updated FAQ
-------------------------------------------------------------------
Fri Dec 16 12:35:03 CET 2005 - mmj@suse.de
- compile with -fno-strict-aliasing
-------------------------------------------------------------------
Thu Dec 15 14:20:16 CET 2005 - kssingvo@suse.de
- upgrade to squid-2.5.STABLE12
- added official patches
- updated FAQ
-------------------------------------------------------------------
Wed Oct 26 15:06:35 CEST 2005 - kssingvo@suse.de
- upgrade to squid-2.5.STABLE11
- added official patches (includes CAN-2005-2917 and CVE-2005-3258)
- changed error message when creating cache dir (bugzilla#118561)
-------------------------------------------------------------------
Tue Oct 18 20:05:47 CEST 2005 - mmj@suse.de
- add -DLDAP_DEPRECATED (to RPM_OPT_FLAGS, since they're the only
ones respected by all subsystems)
-------------------------------------------------------------------
Fri Sep 2 11:48:11 CEST 2005 - kssingvo@suse.de
- added latest official patches from squid-cache.org
-------------------------------------------------------------------
Tue Aug 2 19:27:13 CEST 2005 - kssingvo@suse.de
- fixed problem in rc script (bugzilla#100250)
-------------------------------------------------------------------
Tue Jul 26 11:12:02 CEST 2005 - kssingvo@suse.de
- added latest official patches
- updated FAQ
- changed rc.squid to honor $SQUID_CONF (bugzilla#98186)
-------------------------------------------------------------------
Thu Jun 30 16:00:44 CEST 2005 - kssingvo@suse.de
- upgrade to squid-2.5.STABLE10
- added official patches and added cachemgr.conf
- adapted local patches
-------------------------------------------------------------------
Mon Jun 27 01:36:18 CEST 2005 - ro@suse.de
- build with fPIE/pie
- use RPM_OPT_FLAGS
- rename vprintf to packer_vprintf (macro clash)
-------------------------------------------------------------------
Mon Apr 11 14:47:41 CEST 2005 - kssingvo@suse.de
- fixed rc script for upgrade (bugzilla#76687)
-------------------------------------------------------------------
Thu Mar 10 14:35:52 CET 2005 - kssingvo@suse.de
- fixed permission problem (bugzilla#71801)
- fixed ulimit problem (bugzilla#71848)
- added 14 upstream patches (only minor+cosmetic)
- updated FAQ
-------------------------------------------------------------------
Wed Mar 2 10:23:50 CET 2005 - kssingvo@suse.de
- update to version 2.5.STABLE9
-------------------------------------------------------------------
Thu Feb 17 12:29:31 CET 2005 - kssingvo@suse.de
- updated FAQ
-------------------------------------------------------------------
Tue Feb 15 15:17:41 CET 2005 - kssingvo@suse.de
- fix for fillup and norootforbuild trigger
-------------------------------------------------------------------
Mon Feb 14 19:55:23 CET 2005 - kssingvo@suse.de
- update to version 2.5.STABLE8
- added latest official patches
- shutdown timeout is now configurable (bugzilla#50785)
- fixed init message for squid shutdown (bugzilla#50786)
-------------------------------------------------------------------
Sat Jan 15 21:13:03 CET 2005 - schwab@suse.de
- Use <owner>:<group> in permissions file.
-------------------------------------------------------------------
Mon Nov 15 14:56:31 CET 2004 - kukuk@suse.de
- Use common-* PAM configuration
-------------------------------------------------------------------
Fri Sep 24 14:15:29 CEST 2004 - kssingvo@suse.de
- updated FAQ documents
- added 3 official patches (2 minor, 1 cosmetic)
-------------------------------------------------------------------
Tue Aug 31 17:35:42 CEST 2004 - kssingvo@suse.de
- removed ancient notify message
- added four official fixes
-------------------------------------------------------------------
Tue Aug 24 11:10:39 CEST 2004 - kssingvo@suse.de
- added official fix for crash in NTLM module
- added ie_blocker configuration as suggested by Markus Gaugusch
-------------------------------------------------------------------
Tue Aug 17 10:55:52 CEST 2004 - kssingvo@suse.de
- added 15 official patches
- had to adapt 2 of the official patches to SUSE configuration
- reenabled linux-netfilter on public request
- removed the error directory from %doc, as its already in %sysconfig
-------------------------------------------------------------------
Thu Jul 15 13:47:08 CEST 2004 - kssingvo@suse.de
- update to version 2.5.STABLE6
-------------------------------------------------------------------
Thu Jun 24 15:41:38 CEST 2004 - kssingvo@suse.de
- added EGREP definition in spec file to make configure happy
- added 13 official patches, with three major fixes;
and includes fix for cache_mem variable > 2048MB (bugzilla#42417)
- replaced NTLM security fix with official one
-------------------------------------------------------------------
Tue Jun 8 15:29:02 CEST 2004 - kssingvo@suse.de
- buffer overflow fix in NTLM authentication helper (bugzilla#41771)
-------------------------------------------------------------------
Wed May 26 16:06:31 CEST 2004 - kssingvo@suse.de
- added 1 mainstream patch (minor)
- updated FAQ documents
-------------------------------------------------------------------
Mon Apr 26 13:50:49 CEST 2004 - kssingvo@suse.de
- updated FAQ documents
- added official patches: 2xcosmetic, 1xminor
- re-enabled transparent proxy support for sles (thx ke)
- re-enabled heap removale policy for sles
-------------------------------------------------------------------
Wed Apr 21 14:11:38 CEST 2004 - kssingvo@suse.de
- added official patches: 2xcosmetic, 2xmedium, 1xmajor
- enabled more store I/O modules for sles products
-------------------------------------------------------------------
Mon Mar 29 15:21:10 CEST 2004 - kssingvo@suse.de
- added two official patches: timeout produces wrong error code,
deny_info redirection escaped wrong
- update FAQs with latest available
-------------------------------------------------------------------
Mon Mar 22 12:45:50 CET 2004 - kssingvo@suse.de
- added official patches
-------------------------------------------------------------------
Mon Mar 15 15:40:45 CET 2004 - kssingvo@suse.de
- added four official patches
-------------------------------------------------------------------
Mon Mar 1 17:19:16 CET 2004 - kssingvo@suse.de
- upgrade to squid-2.5.STABLE5
-------------------------------------------------------------------
Thu Feb 19 13:27:25 CET 2004 - kssingvo@suse.de
- added many official patches (> 10)
- rejected official squid-2.5.STABLE4-ntlm_auth_popups.patch (breaks build)
- dropped winbind authentification support
(according to author and FAQ no longer supported with samba3.x)
- updated FAQ
-------------------------------------------------------------------
Mon Feb 9 17:32:28 CET 2004 - kssingvo@suse.de
- fixes for samba3 (first try - waiting for approve by personal samba
contact :)
- added next official patch: squid-2.5.STABLE4-ftp_telnet.patch
- rejected official patch: squid-2.5.STABLE4-ntlm_auth_popups.patch
causes a lot of compilation problems.
-------------------------------------------------------------------
Wed Jan 21 13:19:59 CET 2004 - kssingvo@suse.de
- added missing (official) squid-2.5.STABLE4-xpi_mime.patch
-------------------------------------------------------------------
Tue Jan 20 17:06:53 CET 2004 - kssingvo@suse.de
- added official patches (and did some fixes)
-------------------------------------------------------------------
Fri Jan 16 11:55:20 CET 2004 - kukuk@suse.de
- Build as normal user
- Add pam-devel to neededforbuild
-------------------------------------------------------------------
Tue Nov 11 16:25:22 CET 2003 - kssingvo@suse.de
- enabled external-acl-helpers
-------------------------------------------------------------------
Wed Oct 1 13:32:30 CEST 2003 - kssingvo@suse.de
- fixed RELEASENOTES version in %doc
-------------------------------------------------------------------
Thu Sep 25 15:06:51 CEST 2003 - kssingvo@suse.de
- updated to 2.5.STABLE4
- removed old patches
- and added new ones. :-)
-------------------------------------------------------------------
Mon Sep 22 15:54:45 CEST 2003 - kssingvo@suse.de
- change e-mail to root in squid.spec as suggested in bugzilla#31447
-------------------------------------------------------------------
Mon Sep 15 16:56:49 CEST 2003 - kukuk@suse.de
- Fix pam_auth permissions/group (like in /etc/permissions)
-------------------------------------------------------------------
Thu Sep 11 20:38:22 CEST 2003 - kssingvo@suse.de
- added another upstream patch (delay_access_auth); had to make him fit
-------------------------------------------------------------------
Mon Sep 1 16:37:04 CEST 2003 - kssingvo@suse.de
- removed patch listed twice: Patch10 and Patch11
- added official patches of last two weeks
- updated documentation to latest version
- fixed smb_auth (bugzilla#28260)
-------------------------------------------------------------------
Mon Sep 1 13:37:42 CEST 2003 - kssingvo@suse.de
- specfile: restart of daemon on rpm package update (bugzilla#29036)
- try-restart needs rc_status for test and not rc_stop (bugzilla#26937)
-------------------------------------------------------------------
Mon Aug 11 16:38:10 CEST 2003 - kssingvo@suse.de
- added next bunch of official patches (w/o improvement patch)
-------------------------------------------------------------------
Tue Jul 29 15:20:45 CEST 2003 - aj@suse.de
- Fix chown calls.
-------------------------------------------------------------------
Wed Jul 23 17:31:59 CEST 2003 - kssingvo@suse.de
- added a bunch of official patches
-------------------------------------------------------------------
Mon Jun 2 17:38:55 CEST 2003 - kssingvo@suse.de
- updated to 2.5.STABLE3
- added official patches
- fixed build problems with unpackaged files
-------------------------------------------------------------------
Wed Apr 2 16:48:08 CEST 2003 - kssingvo@suse.de
- updated to 2.5.STABLE2
- added official patches
- made several fixes (and adaption of old ones)
-------------------------------------------------------------------
Wed Apr 2 02:34:45 CEST 2003 - ro@suse.de
- rediffed some patches to make it build
-------------------------------------------------------------------
Thu Mar 6 16:31:19 CET 2003 - kukuk@suse.de
- Remove cyrus-sasl from neededforbuild
-------------------------------------------------------------------
Mon Mar 3 16:49:52 CET 2003 - kssingvo@suse.de
- updated neededforbuild: samba-devel -> samba (bugzilla#24235)
-------------------------------------------------------------------
Mon Mar 3 16:32:16 CET 2003 - kssingvo@suse.de
- added official patches
- adapted the winbind patch (bugzilla#24235) (hopefully builds on all archs)
- updated FAQ
-------------------------------------------------------------------
Tue Feb 18 18:01:08 CET 2003 - kssingvo@suse.de
- added and updated /etc/permissions.d/squid (bugzilla#23752)
-------------------------------------------------------------------
Wed Feb 12 21:07:56 CET 2003 - kssingvo@suse.de
- added manual pages
- added a few fixes for 64bit architecture
- enabled some useful (configure) options
-------------------------------------------------------------------
Mon Feb 10 14:49:33 CET 2003 - kssingvo@suse.de
- added all the missing official patches (before feature freeze)
- changed default heap replacement policy from "lru" to "heap"
-------------------------------------------------------------------
Fri Feb 7 13:45:57 CET 2003 - kukuk@suse.de
- Use pam_unix2.so instead of pam_unix.so
-------------------------------------------------------------------
Tue Feb 4 14:15:02 CET 2003 - kssingvo@suse.de
- fix of automake fix
- added another official patch (today released)
-------------------------------------------------------------------
Tue Feb 4 12:14:35 CET 2003 - kssingvo@suse.de
- added mime.conf link and ...
- thanks to ro for again forgotten neededforbuild update
-------------------------------------------------------------------
Mon Feb 3 23:44:14 CET 2003 - ro@suse.de
- fixed neededforbuild for the umpteenth time ...
-------------------------------------------------------------------
Mon Feb 3 17:31:54 CET 2003 - kssingvo@suse.de
- added next official patches
- requires now use of automake system
- fixed problematic config file mime.confs (now in /etc)
-------------------------------------------------------------------
Wed Jan 22 20:18:05 CET 2003 - kssingvo@suse.de
- added several official patches from www.squid-cache.org *sigh*
- added missing cachemgr.cgi
- added missing contrib files from old squid version
- added FAQ in various forms; downloaded from www.squid-cache.org
- added scripts as %doc
-------------------------------------------------------------------
Thu Jan 16 01:09:43 CET 2003 - ro@suse.de
- fixed neededforbuild "sp" -> "opensp"
-------------------------------------------------------------------
Tue Jan 14 16:57:59 CET 2003 - kssingvo@suse.de
- added another bunch of official patches
- fixed path problems (runtime) in spec file
-------------------------------------------------------------------
Thu Dec 12 18:01:47 CET 2002 - kssingvo@suse.de
- updated to 2.5.STABLE1
- added official patches
- tuned up spec file
-------------------------------------------------------------------
Mon Nov 11 11:26:13 CET 2002 - ro@suse.de
- changed neededforbuild <sp> to <opensp>
- changed neededforbuild <sp-devel> to <>
-------------------------------------------------------------------
Tue Sep 3 11:08:46 CEST 2002 - kssingvo@suse.de
- fixed pathes in squid.logrotate (bugzilla#18792)
-------------------------------------------------------------------
Mon Aug 5 11:45:52 CEST 2002 - kssingvo@suse.de
- added official msnt_auth patch
- added test for suse_version to be backward compatible with PreReq:
-------------------------------------------------------------------
Wed Jul 31 21:27:44 CEST 2002 - kssingvo@suse.de
- fixed spec file: new PreReq tokens
- fixed spec file: file permission for cache_dir and log_dir
- fixed rc script: now honors cache_dir in squid.conf and fails if
problems in creation (bugzilla #14892)
-------------------------------------------------------------------
Mon Jul 29 19:03:18 CEST 2002 - kssingvo@suse.de
- fixed Requires/Provides in SPEC file.
-------------------------------------------------------------------
Mon Jul 29 18:13:14 CEST 2002 - kssingvo@suse.de
- added useful configure options
- added a lot of new authentification methods (and therefore conflicts
with RPM smb_auth)
- re-organized %Files section
-------------------------------------------------------------------
Fri Jul 26 16:47:28 CEST 2002 - kssingvo@suse.de
- created /etc/logrotate.d/squid
-------------------------------------------------------------------
Sun Jul 14 18:58:09 CEST 2002 - poeml@suse.de
- update to patchlevel 2.4STABLE7 (dropping the respective patches)
- rc.squid INIT section: use X-UnitedLinux-Should-Start
- move configuration to /etc/squid
- install error message files to /usr/share/squid. Link to English
as default.
- drop %pre script that renamed /usr/share/squid/errors
- use %defattr
-------------------------------------------------------------------
Wed Jul 3 00:17:59 CEST 2002 - ro@suse.de
- create squid user also at begin of install section
-------------------------------------------------------------------
Tue Jul 2 17:05:56 CEST 2002 - poeml@suse.de
- squid does not need a valid login shell.
-------------------------------------------------------------------
Tue Jul 2 14:17:17 CEST 2002 - poeml@suse.de
- Update to 2.4.STABLE6 (dropping the last two patches), and add
several new security fixes (see
http://www.squid-cache.org/Versions/v2/2.4/bugs/):
* Buffer overflows in the Gopher client
* Sanity checks of the FTP data channel
* FTP directory parsing buffer overflows
* Make Squid deny transfer-encoding to work around Apache issue
* Insecure forwarding of proxy_auth
and minor fixes:
* cache_mem documentation
* client -T not implemented
* HTCP coredump on "squid -k reconfigure"
Not included, because the module is not activated:
* Buffer overflows in the MSNT auth helper (updating the module
from 1.2 to 2.0)
- Using useradd in the specfile.
-------------------------------------------------------------------
Thu Mar 21 18:06:33 MET 2002 - draht@suse.de
- squid-2.4.STABLE3-rfc1035-security.diff fixes compressed dns
reply buffer overflow.
-------------------------------------------------------------------
Mon Feb 25 13:43:10 CET 2002 - poeml@suse.de
- disable HTCP support (upon recommendation of Henrik Nordstrom
<hno@squid-cache.org>). The implementation lacks access control
and logging, and does not add any value to cache peering compared
to ICP.
-------------------------------------------------------------------
Sat Feb 23 17:57:07 CET 2002 - poeml@suse.de
- test for correct cache directory in rc.squid
- specify DEFAULT_PID_FILE
-------------------------------------------------------------------
Tue Feb 19 23:23:23 MET 2002 - draht@suse.de
- added three security-relevant patches, combined in
squid-2.4.STABLE3-misc-sec.dif:
* "htcp port 0" fails to disable the HTCP port
* coredump on ftp:// style URLs
* fix for SNMP memory leaks
See http://www.squid-cache.org/Versions/v2/2.4/bugs/.
-------------------------------------------------------------------
Mon Feb 18 16:55:00 CET 2002 - poeml@suse.de
- update to 2.4.STABLE3: numerous bug fixes. for the Changelog see
http://www.squid-cache.org/Versions/v2/2.4/ChangeLog.txt
- make file locations more FHS conform:
/var/squid/cache --> /var/cache/squid
/var/squid/logs --> /var/log/squid
- drop security patch (included upstream)
-------------------------------------------------------------------
Sat Feb 2 19:34:30 CET 2002 - poeml@suse.de
- replace GmbH --> AG
-------------------------------------------------------------------
Fri Dec 14 16:36:47 CET 2001 - ro@suse.de
- removed START_SQUID
-------------------------------------------------------------------
Fri Oct 5 14:17:19 CEST 2001 - bjacke@suse.de
- update to 2.4RC2 (prev. squid-beta package)
- use buildroot
- fix security hole where squid could be crashed by certain requests
-------------------------------------------------------------------
Tue Sep 4 12:03:56 CEST 2001 - bodammer@suse.de
- specfile fix: install /etc/squid.conf with noreplace [Bug #10023]
-------------------------------------------------------------------
Fri Aug 24 14:26:21 CEST 2001 - ro@suse.de
- removed /lib/security path from pam.d config file
-------------------------------------------------------------------
Thu Aug 16 23:11:03 CEST 2001 - bodammer@suse.de
- initscript and textfiles moved away from squid-2.3.STABLE4.dif
-------------------------------------------------------------------
Mon Aug 13 15:51:56 CEST 2001 - ro@suse.de
- changed neededforbuild <sp_libs> to <sp-devel>
-------------------------------------------------------------------
Thu May 10 15:42:21 CEST 2001 - bodammer@suse.de
- initscript fix: don't start squid in runlevel 2 [bug #7956]
-------------------------------------------------------------------
Wed May 9 20:06:01 CEST 2001 - mfabian@suse.de
- bzip2 sources
-------------------------------------------------------------------
Tue Apr 17 16:38:50 CEST 2001 - bodammer@suse.de
- initscript fix: check for running squid before creating cache-dir
-------------------------------------------------------------------
Thu Apr 5 14:25:11 CEST 2001 - bodammer@suse.de
- squid.conf: allow localhost access to squid by default
- initscript: ulimit -n 4096 added to increase filedescriptors
- cachemgr.cgi moved to doc/scripts
- build of Programming-Guide removed from specfile
-------------------------------------------------------------------
Fri Mar 30 19:17:04 CEST 2001 - bodammer@suse.de
- initscript-fix: $named for added for required startup
-------------------------------------------------------------------
Wed Mar 28 18:00:25 CEST 2001 - bodammer@suse.de
- new initscript more LSB conform
-------------------------------------------------------------------
Thu Mar 22 10:58:55 CET 2001 - bodammer@suse.de
- new patch from www.squid-cache.org applied
-------------------------------------------------------------------
Fri Mar 16 11:11:17 CET 2001 - kukuk@suse.de
- Fix bogus requires
-------------------------------------------------------------------
Thu Mar 15 17:02:16 CET 2001 - ro@suse.de
- changed for openldap2
-------------------------------------------------------------------
Thu Mar 15 01:08:35 CET 2001 - ro@suse.de
- fixed neededforbuild for openldap
-------------------------------------------------------------------
Tue Feb 13 15:44:16 CET 2001 - bodammer@suse.de
- package squid23 renamed to squid
- specfile: Obsoletes squid2 and squid23 added
Conflicts squid-beta added (instead of squid24)
- pam_auth: permissions set to sgid shadow
- build of doc/Programming-Guide fixed
-------------------------------------------------------------------
Fri Jan 19 15:56:16 CET 2001 - bodammer@suse.de
- specfile fix: ulimit was missing and conflicts squid24 added
-------------------------------------------------------------------
Tue Dec 19 21:14:59 CET 2000 - bodammer@suse.de
- squid.h patched to allow increase of available filedescriptors:
set to 4096 at buildtime by "ulimit -n 4096" in spec-file
-------------------------------------------------------------------
Tue Dec 12 00:29:16 CET 2000 - ro@suse.de
- use official tags for required-start
-------------------------------------------------------------------
Mon Dec 11 22:01:46 CET 2000 - bodammer@suse.de
- error in initscript fixed
-------------------------------------------------------------------
Wed Dec 6 19:31:59 CET 2000 - bodammer@suse.de
- Requires ldaplib added in specfile
- errors in README.SuSE fixed
-------------------------------------------------------------------
Tue Dec 5 16:42:24 CET 2000 - bodammer@suse.de
- hno-patch by Henrik Nordstrom included
- Initscript now checks for a running squid
-------------------------------------------------------------------
Mon Dec 4 23:46:31 CET 2000 - bodammer@suse.de
- new patches from www.squid-cache.org included
-------------------------------------------------------------------
Tue Nov 28 19:12:28 CET 2000 - bodammer@suse.de
- Fix location of rcscript
-------------------------------------------------------------------
Fri Nov 24 00:07:11 CET 2000 - bodammer@suse.de
- rcscript update
-------------------------------------------------------------------
Mon Nov 6 02:45:02 CET 2000 - ro@suse.de
- fixed neededforbuild
-------------------------------------------------------------------
Sat Oct 28 18:04:06 CEST 2000 - kukuk@suse.de
- Fix need for build filelist
-------------------------------------------------------------------
Mon Sep 18 14:07:11 CEST 2000 - bodammer@suse.de
- initscript reload-option fixed
- more patches from www.squid-cache.org
-------------------------------------------------------------------
Mon Jul 24 14:12:21 CEST 2000 - bodammer@suse.de
- another patch from www.squid-cache.org added
-------------------------------------------------------------------
Fri Jul 21 11:05:08 CEST 2000 - bodammer@suse.de
- patch ftp_icon_not_found from www.squid-cache.org added
-------------------------------------------------------------------
Tue Jul 18 21:23:46 CEST 2000 - bodammer@suse.de
- update -> squid-2.3.STABLE4
-------------------------------------------------------------------
Mon Jun 26 12:27:14 CEST 2000 - bodammer@suse.de
- another patch from www.squid-cache.org added
-------------------------------------------------------------------
Tue May 23 18:49:44 CEST 2000 - bodammer@suse.de
- specfile-fix: installation of docu changed
- initscript fixed
-------------------------------------------------------------------
Thu May 18 13:33:10 CEST 2000 - bodammer@suse.de
- new patches ("Disk space over the limit") included
-------------------------------------------------------------------
Wed May 17 19:06:03 CEST 2000 - bodammer@suse.de
- update -> squid-2.3STABLE3
-------------------------------------------------------------------
Wed Apr 12 17:44:28 CEST 2000 - bodammer@suse.de
- logfile-rotation disabled in squid.conf to avoid interaction
with logfile-compression configured in /etc/logfiles
-------------------------------------------------------------------
Mon Mar 13 18:53:59 CET 2000 - bodammer@suse.de
- new patches from squid.nlanr.net included
-------------------------------------------------------------------
Fri Mar 3 10:43:05 CET 2000 - bodammer@suse.de
- update -> squid-2.3STABLE2
-------------------------------------------------------------------
Wed Feb 23 17:50:36 CET 2000 - bodammer@suse.de
- more patches from squid.nlanr.net included
- init-script fix: wait for squid to shutdown
- location of pid-file changed to /var/run
-------------------------------------------------------------------
Wed Feb 16 18:26:54 CET 2000 - bk@suse.de
- initial squid2.3STABLE1 package by bodammer
