File squid3.changes of Package squid3.import4616
-------------------------------------------------------------------
Mon May 16 20:23:31 UTC 2011 - chris@computersalat.de
- fix bnc#694120 - NONE/400 (null) under heavy load
o http://bugs.squid-cache.org/show_bug.cgi?id=2976
#2976: invalid URL on intercepted requests during reconfigure
add squid-3.1-10236.patch
-------------------------------------------------------------------
Sun Feb 13 17:03:55 UTC 2011 - chris@computersalat.de
- update to 3.1.11
- Bug 3149: not caching eCAP adapted body
- Bug 3144: redirector program blocks while reading STDIN
- Bug 3140: memory leak in error page generation
- Bug 3137: RADIUS auth helper does not send identifier to RADIUS server
- Bug 3115: logging segfaults if access_log is set to a directory
- Bug 2968: Show the Vary: headers information in cachemgr objects report
- Bug 2959: remove SAMBAPREFIX dependency
- Bug 2868: icc doesn't like string literal in assert checks
- HTTP/1.1: Send 307 status on deny_info redirection
- HTTP/1.1: Support POST/PUT with no body
- HTTP/1.1: Allow persistent connections for Mozilla/3.0 User-Agents
- Support RFC 5861 Cache-Control: stale-if-error option
- Add ftp_eprt directive to disable EPRT extensions in FTP
- Fix external_acl_type grace=0 to obey TTL
- Fix IP/FQDN cache accounting to avoid idle caches on busy servers
- Prevent pipeline_prefetch misconfigurations breaking NTLM/Negotiate auth
- ... and some documentation updates and corrections
- ... and some portability and stability fixes
-------------------------------------------------------------------
Tue Jan 4 11:49:40 UTC 2011 - chris@computersalat.de
- update to 3.1.10
- Bug 3121: memory leak in DigestAuth: AuthUser object is locked twice
- Bug 3113: Consuming too much memory when uploading files
- Bug 3110: 'reply_body_max_size none' does not work with x-forwarded-for
- Bug 3096: Consuming too much memory when delaying traffic
- Bug 3091: Bypassed ICAP errors are not counted as service failures
- Bug 3090: Polish FTP login error handing
- Bug 3068: cache_dir capacity and usage overflows
- Bug 3028: Permit wbinfo_group.pl to authenticate Kerberos users with NT domain
- Bug 427: HTTP Compliance: Support If-Match and If-None-Match requests
- Fix memory leak in adaptation_access
- Fix /dev/poll and poll() selection priority
- Fix PREFIX/var/run creation during install
- Fix cachemgr http_port config report display
- Add upgrade help process for obsolete options
- Accept RFC 2965 Set-Cookie2 / Cookie2 headers as 'known'
- HTTP/1.1: entry is stale if request has max-age=0
- HTTP/1.1: do not forward TRACE with Max-Forwards: 0 after REQMOD
- Toolchain update to support newer auto-tools
- ... and updated error page translations
- ... and updated documentation
- ... and some code optimization/simplification polish
- reworked swapdir patch
-------------------------------------------------------------------
Fri Oct 29 23:57:39 UTC 2010 - chris@computersalat.de
- update to 3.1.9
- Bug 3088: dnsserver is segfaulting
- Bug 3084: IPv6 without Host: header in request causes connection to hang
- Bug 3082: Typo in error message
- Bug 3073: tunnelStateFree memory leak of host member
- Bug 3058: errorSend and ICY leak MemBuf object
- Bug 3057: 64-bit Solaris 9 Squid unable to determine peer IP and port
- Bug 3056: comm.cc "!fd_table[fd].closing()" assertion crash when a helper dies
- Bug 3053: cache version 1 LFS support detection broken
- Bug 3051: integer display overflow
- Bug 3040: Lower-case domain entries from hosts and resolv.conf files
- Bug 3036: adaptation_access acls cannot see myportname
- Bug 3023: url_rewrite_program silently fails to rewrite on broken URLs
- Bug 2964: Prevent memory leaks when ICAP transactions fail
- Bug 2808: getRoundRobinParent not handling weights correctly
- Bug 2793: memory statistics sometimes display wrong
- Bug 2356: Port from 2.7: Solaris /dev/poll event ports support
- Bug 2311: crashes with ICAP RESPMOD for HTTP body size greater than 100kb
- Ensure /var/cache or jail equivalent exists on install
- HTTP/1.1: delete Warnings that have warning-date different from Date
- HTTP/1.1: do not remove ETag header from partial responses
- HTTP/1.1: make date parser stricter to better handle malformed Expires
- HTTP/1.1: improve age calculation
- HTTP/1.1: reply with a 504 error if required validation fails
- HTTP/1.1: add appropriate Warnings if serving a stale hit
- HTTP/1.1: support requests with Cache-Control: min-fresh
- HTTP/1.1: do not cache replies to requests with Cache-Control: no-store
- squidclient: Display IP(s) connected to in verbose (-v) display
- Fixes several issues with ICAP persistent connections
- Fixes small leaks in Netdb, DNS, ICAP, ICY, HTTPS
- ... and some cosmetic polishing
- removed obsolete patches
o squid-beta-3.0-ia64 (upstream)
o squid-beta-3.0-mem_node_64bit (not needed, Amos)
o squid-3.1.4-openldap (not needed, Amos)
- reworked swapdir patch
o send upstream
-------------------------------------------------------------------
Sun Sep 5 18:49:46 UTC 2010 - chris@computersalat.de
- update to 3.1.8
- Bug 3033: incorrect information regarding TOS
- Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL
- Bug 3005,2972: Locate LTDL headers correctly (again)
- Bug 2872: leaking file descriptors
- Bug 2583: pure virtual method called
- Hardened DNS client against packet queue attacks
- Hardened HTTP request-line parser
- Several HTTP/1.1 support improvements
- Improved cross-compile support
- .. and several internal pointer safety fixes
- remove obsolete patches
o bug2972-real-fix.patch
o squid-bootstrap.patch
-------------------------------------------------------------------
Tue Aug 31 13:43:26 UTC 2010 - chris@computersalat.de
- added bug2972-real-fix.patch
o fix build for SLE_10
o but impossible to apply LDAP patch
-------------------------------------------------------------------
Wed Aug 25 09:46:36 UTC 2010 - chris@computersalat.de
- update to 3.1.7
- Regression Bug 3021: Large DNS reply causes crash
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
- Regression Bug 2997: visible_hostname directive no longer matches docs
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
- Bug 3006: handle IPV6_V6ONLY definition missing
- Bug 3004: Solaris 9 SunStudio 12 build failure
- Bug 3003: inconsistent concepts in documentation of cache_dir
- Bug 3001: dnsserver link issues
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
- HTTP/1.1: Improved Range header field validation
- HTTP/1.1: Forward multiple unknown Cache-Control directives
- HTTP/1.1: Stop sending Proxy-Connection header
- Fix 32-bit wrap in refresh_pattern min/max values
- ... and several documentation corrections.
-------------------------------------------------------------------
Tue Aug 10 11:07:29 UTC 2010 - chris@computersalat.de
- update to 3.1.6
- Bug 2994, 2995: IPv4-only regressions
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
- Bug 2975: chunked requests not supported after regular ones
- Fix: 32-bit overflow in reported bytes received from next hop
- Fix Libtool build regressions
- Limited split-stack IPv6 support.
- squid_db_auth support MD5 encrypted passwords
-------------------------------------------------------------------
Sun Jul 25 16:16:47 UTC 2010 - chris@computersalat.de
- update to 3.1.5
- Bug 2967: raw-IPv6 address URL with append_domain broken
- Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached
- Bug 2943: ICAP tokens not logged when using multiple access
- Bug 2937: Fails to detect chunked encoding if not given in all lower case
- Bug 2903: does not send indirect X-Client-Ip in ICAP respmod
- Fix free memory corruption and off-by-one error when comparing SNMP OIDs
- Port from 2.7: max_filedescriptor config option
- Fix persistent_connection_after_error is meant to be on by default
- ... and several build errors.
-------------------------------------------------------------------
Wed Jun 9 11:51:33 UTC 2010 - chris@computersalat.de
- fix build for SLE_10
o added bootstrap patch
o fix permissions.secure for pam_auth
- spec mods
o build with --mandir
o add BuildReq libcap-devel (TPROXY)
-------------------------------------------------------------------
Tue Jun 8 20:54:20 UTC 2010 - chris@computersalat.de
- new version 3.1.4
- Bug 2933: Verification of the max. port number for WCCP2 dynamic service
- Bug 2924: RADIUS helper compile issues
- Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount"
- Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client
- Bug 2896: Fix assertion failed: comm.cc:2063: "!fd_table[fd].closing()"
- Bug 2879: pt2: 3.0 regression in headers end finding
- Bug 2877: pt2: only output zero-size warning on reverse-proxy requests
- Bug 2876: FD_SETSIZE override not working on all linux distributions
- Bug 2810: common log format generates 2 lines of syslog
- Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB
- Bug 2753: Fall back on IPv4 if IPv6 is not present
- Bug 2697: Adaptation leaks and extra requests after reconfiguration
- Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field
- Change LDAP helpers to default to LDAP version 3 if available
- Add Joomla and Salted Hash support to squid_db_auth helper
- Fixed IpAddress port printing for ports higher than 9999
- Disable chunked memory pooling by default.
- ... and several build errors.
- reworked config patch with fuzz=0
- removed libxml2 patch
- added swapdir patch
- reworked ldap patch
- adopt build_option storeio: (build all)
o --enable-storeio=aufs,diskd,null,ufs -> --enable-storeio
- adopt build_option ntlm-auth-helpers: SMB -> smb_lm
o ntlm_auth -> ntlm_smb_lm_auth
- enable parallel build
- fix permissions file
-------------------------------------------------------------------
Tue Mar 16 22:18:08 UTC 2010 - chris@computersalat.de
- new version 3.0.STABLE25
- Bug 2845: Rework the http digest auth parser
- Bug 2787: unknown/unexpected status code messages
- Bug 2507: squid_ldap_group: Strip Domain name separated by +
- Bug 2367: stale=true on digest requests with unknown nonce
- ... and several other minor corrections
-------------------------------------------------------------------
Tue Feb 16 09:33:33 UTC 2010 - chris@computersalat.de
- new version 3.0.STABLE24
* Bug 2858: Segment violation in HTCP
* Updated refresh pattern for dynamic pages
- version 3.0.STABLE23
* Bug 2856: removing assert() required for 3.0 patch for SQUID-2010:1
* Regression Fix: Build error in Kerberos helper after library removal.
- version 3.0.STABLE22
* Regression Fix: Make Squid abort on all config parse failures.
* Bug 2787: Reduce unexpected http status to non-critical warnings.
* Bug 2496: Downloading some variants in full before relaying
* Bug 2452: Add upper limit to external_acl_type entries.
* Removed optional kerberos/spnegohelp/ library due to licensing issues
* Add client_ip_max_connections
* Handle DNS header-only packets as invalid.
- version 3.0.STABLE21
* Bug 2830: Clarify where NULL byte is in headers.
* Bug 2778: Linking issues using SunCC
* Bug 2395: FTP errors not displayed
* Bug 2155: Assertion failures on malformed Content-Range response headers
* Fix parsing and a few bugs in ACL time type
* Fix RFC keep-alive compliance on intercepted replies
* Improved security hardening on %nn parser
* Replace several GCC-specific code snippets.
-------------------------------------------------------------------
Mon Nov 9 20:40:30 UTC 2009 - chris@computersalat.de
- new version 3.0.STABLE20
* Bug 2794: ESI parsing on FreeBSD
* Bug 2791: assertion failed: MemBuf.cc:400: new_cap > (size_t) capacity
* Bug 2779: Support GNU/kFreeBSD
* Bug 2773: Segfault in RFC2069 Digest authantication
* Bug 2768: squid_ldap_group argument parsing error
* Bug 2761: Gopher and double HTTP response header
* Bug 2735: Incomplete -fhuge-objects detection
* Bug 2722: prevent CONNECT via http_port with accel
* Bug 2624: Invalid response for IMS request
* Bug 2510: digest_ldap_auth TLS support
* Correct LINUX_CAPABILITY actions on non-Linux
- removed old upstream patches
o squid-3.0-9107.patch - squid-3.0-9124.patch
-------------------------------------------------------------------
Wed Oct 7 23:58:37 CEST 2009 - chris@computersalat.de
- added upstream patches
o squid-3.0-9107.patch - squid-3.0-9124.patch
-------------------------------------------------------------------
Mon Sep 14 13:37:55 UTC 2009 - chris@computersalat.de
- new version 3.0.STABLE19
* Bug 2745: Invalid Response error on small reads
* Bug 2739: DNS resolver option ndots can't be parsed from resolv.conf
* Bug 2734: some compile errors on Solaris
* Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy
* Bug 2541: Hang in 100% CPU loop while extacting header details
using a delimiter other than comma
* Bug 2362: Remove support for deferred state in stateful helpers
* Add 0.0.0.0 as a to_localhost address
* Docs: Improve chroot directive documentation slightly
* Fixup libxml2 include magics, was failing when a configure cache was used
* ... and some minor testing improvements.
- spec mods
o adding group winbind, add squid to group winbind
when using squid with samba-winbind for ntlm_auth
squid needs read access to /var/lib/samba/winbindd_privileged
group winbind is added if squid is installed before winbind ;)
-------------------------------------------------------------------
Sat Sep 5 20:21:53 CEST 2009 - chris@computersalat.de
- added upstream patches
o b9097 - b9103
- rpmlint
o added fdupes
-------------------------------------------------------------------
Wed Sep 2 13:15:45 UTC 2009 - chris@computersalat.de
- cleanup spec
o removed #--------
-------------------------------------------------------------------
Tue Sep 1 10:04:02 CEST 2009 - coolo@novell.com
- remove outdated patches
-------------------------------------------------------------------
Mon Aug 31 10:30:54 CEST 2009 - coolo@novell.com
- merge factory changes with buildservice
-------------------------------------------------------------------
Sun Aug 30 20:03:46 UTC 2009 - aj@suse.de
- Fix patch numbering for rpm 4.7.
-------------------------------------------------------------------
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
- make patch0 usage consistent
-------------------------------------------------------------------
Fri Aug 21 13:27:52 UTC 2009 - chris@computersalat.de
- added upstream patches
o b9095, b9096
-------------------------------------------------------------------
Sat Aug 15 16:26:30 CEST 2009 - chris@computersalat.de
- added upstream patches
o b9089 - b9094
o disabled b9089,b9090,b9092 cause can not patch inexistent file
-------------------------------------------------------------------
Tue Aug 11 11:10:13 UTC 2009 - chris@computersalat.de
- new version 3.0.STABLE18:
* Bug 2728: regression: assertion failed: !eof
* Bug 2732: reply_body_max_size smaller than error page loops
infinitely until out of memory
* Bug 2725: pconn failure if domain or client_address are unset
* Bug 2648: reserved helpers not shut down after reconfigure/rotate
* Bug 2462: make check should tell when cppunit is missing
* Remove excess messages about headers < minimum size
* Support Libtool 2.2.6
- Changes to squid-3.0.STABLE17 (27 Jul 2009):
* Bug 2680 regression: Crash after rotate with no helpers running
* Bug 2710: squid_kerb_auth non-terminated string
* Bug 2679: strsep and strtoll detection failure
* Bug 2674: Remove limit on HTTP headers read.
* Bug 2659: String length overflows on append, leading to segfaults
* Bug 2620: Invalid HTTP response codes causes segfault
* Bug 2080: wbinfo_group.pl - false positive under certain conditions
* Bug 1087: ESI processor not quoting attributes correctly.
* Fix: issue with AUFS/UFS/DiskD writing objects to disk cache
* Several small build issues with previous release.
for full changes list, see:
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE18-RELEASENOTES.html
- removed squid-3.0.STABLE16-gcc_warn_kerb_auth.patch
- removed changed, deprectated configure options
o deprecated:
--enable-poll
o changed to default:
--enable-htcp
--enable-snmp
-------------------------------------------------------------------
Sat Jul 25 19:27:34 CEST 2009 - chris@computersalat.de
- spec mods
* removed ^----------
* removed ^#---------
-------------------------------------------------------------------
Thu Jul 23 18:22:09 CEST 2009 - chris@computersalat.de
- new version 3.0.STABLE16:
* Bug 2672: cacheMemMaxSize 32-bit overflow during snmpwalk
* Bug 2481: Don't set expires: now in generated error responses
* Bug 2387: The calculation of the number of hash buckets correctly
* Fix infinite loop in MSNT auth helper
* Fix FD_SETSIZE on FreeBSD
* Fix stripping NT domain in squid_ldap_group
* Fix RADIUS auth helper build
* Add Translate: and Unless-Modified-Since: headers to known list
* Make fakeauth handle NTLMv2 better
* Better Kerberos support detection
* Several Widows port fixes
- Changes to squid-3.0.STABLE16-RC1 (16 May 2009):
* Bug 1148: Ported from 3.1: Chunked Transfer Encoding
* Bug 2648: NTLM helpers not shutting down when deferred
- Changes to squid-3.0.STABLE15 (06 May 2009):
* Regression Bug 2635: Incorrect Max-Forwards header type
* Bug 2652: 'Success' error on CONNECT requests
* Bug 2625: IDENT receiving errors
* Bug 2610: ipfilter support detection
* Bug 2578: FTP download resume failure
* Bug 2536: %H on HTTPS error pages
* Bug 2491: assertion "age >= 0"
* Bug 2276: too many NTLM helpers running
* Endian system and compiler fixes provided by the NetBSD project
* documentation fixes provided by the Debian project
- Changes to squid-3.0.STABLE14 (11 Apr 2009):
* Regression Fix: HTTP/0.9 in accelerator mode
* Bug 1232: cache_dir parameter limited to only 63 entries
* Bug 1868: support HTTP 207 status
* Bug 2518: assertion failure on restart/reconfigure
* Bug 2588: coredump in rDNS lookup
* Bug 2595: Out of bounds memory write in squid_kerb_auth
* Bug 2599: Idempotent start
* Bug 2605: Prevent setsid() on helpers in daemon mode
* Fix external_acl_type option parsing
* Fix delay pools counters on FTP
* Fix several issues with ident (some remain)
* Fix performance issues with persistent connections
* Fix performance issues with delay pools
* Fix forwarding of OPTIONS requests
* Add support for HTTP 1.1 Content-Disposition header
* Add support for Windows 7, Windows Server 2008 R2 and later
* ... and many small documentation updates
for full changes list, see:
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE16-RELEASENOTES.html
- reworked gcc_warn_kerb_auth
* was partially added
- added after RELEASE patches
* b9052 - b9067
for full changes list, see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE16.html
- some spec mods
* removed {rel}
-------------------------------------------------------------------
Wed Jun 10 16:54:49 CEST 2009 - ro@suse.de
- strchr returns a const char* now, work around
-------------------------------------------------------------------
Sun May 3 15:34:27 CEST 2009 - chris@computersalat.de
- some spec fixes
-------------------------------------------------------------------
Thu Feb 19 19:53:26 UTC 2009 - chris@computersalat.de
- new version 3.0.STABLE13:
* following patches removed from build
* b8898.patch
* b8900.patch
* b8902.patch
* b8904.patch
* b8905.patch
* b8906.patch
* b8907.patch
- some rpmlint fixes
-------------------------------------------------------------------
Wed Feb 18 12:37:05 UTC 2009 - chris@computersalat.de
- fixed failing fillup
- fixed expansion error for SLES_9
- added KRB5_KTNAME to sysconfig file
mods to init script
- added README.kerberos
-------------------------------------------------------------------
Wed Jan 28 16:40:00 CET 2009 - kssingvo@suse.de
- update to squid-3.0.STABLE13 with these fixes:
* ICAP filters break download resume
* HTCP fails without icp_port
* logformat '%tl' field not working as advertised
* Policy: Change half_closed_clients default to off
* Policy: Removed -V command line option, deprecated by 2.6
* filedescriptors being left unnecessary opened
* fault passing ICAP filtered traffic to peers
* Sefgaults in MemBuf::reset during idnsSendQuery
* bad default in ACLChecklist
* access.log request size tag
* cache_peer forceddomainname=X option
... and few minor ones. For complete list see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE12.html
-------------------------------------------------------------------
Thu Nov 6 15:59:17 CET 2008 - kssingvo@suse.de
- reworked on sysconfig files (bnc#439006)
-------------------------------------------------------------------
Mon Oct 27 16:48:56 CET 2008 - kssingvo@suse.de
- update to squid-3.0.STABLE10, fixes mainly:
bad assert in forwarding
Segfault on failed TCP DNS query
DNS requests getting stuck in idns queue
FTP PUT gives bad gateway
... and few minor ones. For complete list see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE10.html
- removed old patches, which were included upstream now
- renamed sysconfig.squid to sysconfig.squid3 (bnc#439006)
-------------------------------------------------------------------
Mon Oct 13 14:52:39 CEST 2008 - kssingvo@suse.de
- reenabled linux-netfilter in configure as seems to work now again
-------------------------------------------------------------------
Thu Oct 2 14:36:14 CEST 2008 - kssingvo@suse.de
- added official patches:
* assertion fix in forward.cc
* bad links in ./configure due to website changes
* define DEFAULT_CACHEMGR_CONFIG before its first use
* don't strcmp Config.Log.store if it's NULL in storeLogOpen
* workaround: When dns_error_message value is lost
* ftp put gives bad gateway but put is correct
* fix of a compilation error
-------------------------------------------------------------------
Wed Sep 10 12:40:46 CEST 2008 - kssingvo@suse.de
- new version 3.0.STABLE9:
* Correct HTCP stats
* fix: mgr:active_requests always returns "delay_pool 0"
* fix: 3.0 must still wrap CARP properly
* Improve display on fd debug output
* Correct ICAP notes: *_postcache vector points not coded
* fix: squid_ldap_group -h reports the old % codes for -f
* Fix: Unsupported method in request may show raw binary data in log
* Fix: cppunit tests broken by squid.h defines
* fix: no_check.pl ntlm helper never sends challenge
* Increase buffer in authenticateNegotiateStart / squid_kerb_auth
* peer name not logged in access.log like expected, instead the ip
address is logged
* Fixed typo in squid.h which would prevent leak checking for arrays
* COSS removal from 3.0
* Use safe functions in basic auth MSNT helper
for full changes list, see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE8.html
- removed coss as disk storage method, as it became unstable now
-------------------------------------------------------------------
Wed Aug 20 12:29:36 CEST 2008 - kssingvo@suse.de
- fixed configure option:
* change from "with-large-files" to "enable-large-files"
* removed netfilters (kernel 2.4) option
- fixed init script
- added sysconfig as in squid
-------------------------------------------------------------------
Tue Jul 22 16:08:26 CEST 2008 - kssingvo@suse.de
- new version 3.0.STABLE8:
* Support for cachemgr sub-actions
* userhash peer selection method
* sourcehash peer selection method
* round-robin balancing fixes
* acl documentation cleanup
* cachemgr.cgi HTML output encoding
* Regression: Log format size options
* Correct the opening of PF device file.
* ICAP accept mechanism
* Regression: fakeauth_auth crashes
* Boost error pages HTML standards.
* Fixes several issues on 64-bit systems
* Fixes several issues on older or stricter compilers
* Linux-2.6.24/2.6.25 netfilter_ipv4.h __u32 workaround
* Update Release Notes: 'all' ACL is built-in since 3.0.STABLE1
for full changes list, see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE8.html
- removed unneccesary compiler warning patch
- added new patch for warnings in kerberos auth
-------------------------------------------------------------------
Wed Jul 2 16:13:35 CEST 2008 - kssingvo@suse.de
- update to version 3.0.STABLE7, which is mainly a bugfix version only:
* important fix for ASN.1 DoS (no CVE)
* spelling corrections
* assertion on ESI page
* in snmp reporting
* (extra) whitespaces in logfile
* added note that negative_ttl is a HTTP violation
* Memory allocation problem in restoreCapabilities(), tools.cc
* etc.
for full change list see:
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE7.html
-------------------------------------------------------------------
Wed May 21 17:39:14 CEST 2008 - kssingvo@suse.de
- update to version 3.0.STABLE5, which is mainly a bugfix version only:
* fix in parsing cachemgr.conf
* segfault in tunnelConnectTimeout()
* segfault in MemBuf::append()
* basic auth leaks memory
* access_log syslog results in blanks syslog lines
* umask support with porting from 2.6
* segfault in AuthDigestUserRequest::authUser
* ntlm_auth helper resolves DC hostname to 0
... and some minor bugfixes more
- added cachemngr.conf.default to files
-------------------------------------------------------------------
Mon May 19 19:39:48 CEST 2008 - kssingvo@suse.de
- added "sharedscripts" to logrotate (bnc#388088)
-------------------------------------------------------------------
Fri May 9 15:36:15 CEST 2008 - schwab@suse.de
- Use autoreconf.
-------------------------------------------------------------------
Tue Apr 29 17:39:40 CEST 2008 - kssingvo@suse.de
- update to version 3.0.STABLE5, which is mainly a bugfix version only:
* Bypassing 403 and 404 status to ICAP using icap_access - Failed
* file uploads (RFC1867) fail with "error:double-CR"
* Range tests failing.
* crashes/restarts when ICAP enabled on respmod for HTTP body size
greater than 100kb
* Support for resolv.conf 'domain' option
* Fix for incorrect default time/date log format
* Fix: reentrant debugging crashes Squid
* better handling of intercepted URI
* better port for non-FQDN URI lookups
* Improved logging, including incorrect timestamp format in earlier
3.0 releases
* Support for profiling on x86 64-bit systems
- removed upstream patches, which are now included in source tarball
- removed own compiler warning patch (now upstream)
-------------------------------------------------------------------
Thu Apr 17 12:07:17 CEST 2008 - kssingvo@suse.de
- added official patches:
* increase MAX_URL to 8192
* Honor 0x and 0 prefixes as numeric base indication when parsing
squid.conf integer options.
* Correct and simplify parsing of list headers
* Fix processing of large reply headers
* Removed execute bit from various non-executable source files
* assertion failed: HttpHdrContRange.cc:100: "spec->length >= 0"
* Fallback on transparent interception mode even if the connection
didn't seem to be transparently intercepted
* fix pt 2: DIRECT/<ip> mixed with DIRECT/
* Fallout from build-testing the new backports.
- fixed a compiler warning, which got treated as an error
-------------------------------------------------------------------
Mon Apr 7 18:46:46 CEST 2008 - kssingvo@suse.de
- fix for unpackaged non-man pages (SLE9, SLE10 build failures)
-------------------------------------------------------------------
Mon Apr 7 18:26:43 CEST 2008 - kssingvo@suse.de
- update to version 3.0.STABLE2:
* improved HTTP 1.1 support
* Proxy-Authentication regression
* Strip Domain from NTLM usernames for use in class 4 Delay Pools
* compile error slipped into STABLE3
* ... and as usual Many bug fixes since STABLE 2.
Please, have a look into included ChangeLog file for details.
-------------------------------------------------------------------
Tue Mar 18 16:11:37 CET 2008 - kssingvo@suse.de
- update to version 3.0.STABLE2:
* Add myportname ACL for matching the accepting port name (see
release notes)
* Add include directive for squid.conf (see release notes)
* Add ability to strip kerberos realm from usernames during Auth
* License cleanup to comply with GPLv2 or later
* Updated Error Pages and Translations
* Updated configuration examples
* Updated valgrind support for valgrind-3.3.0
* Improved support for Windows and MacOS X Leopard
* Improved support for files larger than 2GB
* Improved support for CARP arrays and WCCPv2
* Improved cachmgr, SNMP, and log reporting
* ... and as usual Many bug fixes since STABLE 1
- removed unnecessary, official patches for STABLE1
-------------------------------------------------------------------
Wed Mar 12 13:39:43 CET 2008 - kssingvo@suse.de
- added many official patches:
* Squid Bugzilla #2250: double-freeing memory in http_port name=
option code.
* Optimisation cleanup of fake_auth
* Fix Castings slipped out of back-ported patches from 3.1.
* Update errors/list to match the actual list of error pages used
* Added a CPPUNIT assertion to test whether a failed CPPUNIT test
case properly
* Several String fixes.
* The connect(2) system call might return "connection ready"
* Sort cache list in wccpv2 to ensure a consistent hash
allocation across all serv
* Squid Bugzilla #1978: fwdServerClose retries non-idempotent
methods
* Squid Bugzilla #2172: When user fails authentification Squid
restarts
* Squid Bugzilla #2186: NONE/- due to persistent connections
* Squid Bugzilla #2189 fix: when dumping SNMP oids, do not
overrun the result buffer.
* Assert that checklist and request are set instead of
segfaulting as in bug 2168
* Squid Bugzilla #1923 fix: Do not send hop-by-hop headers to the
ICAP server.
* Squid Bugzilla #1933 fix: Fixed memory pools configuration
reporting.
* Squid Bugzilla #2110 fix: When Squid is shutting down, disable
persistent connections
* Squid Bugzilla #2153: Use the cache_peer name in CARP hashing
to support multiple peers on the same host
* Add check for glob() and glob.h availability
* make include support wildcards, and document the directive
(copied from squid-2)
* Use our own strwordtok instead of strtok_r. Not only is it
portable, but also understands quoting and escaping
* Squid Bugzilla #2180 (update) - include minor issues
* include directive for squid.conf
* More off_t related cleanups triggered by Squid Bugzilla #2164.
* Squid Bugzilla #2164: assertion failed: stmem.cc:321:
"candidate.offset >= 0"
* Squid Bugzilla #2150: Connection hangs on automatic retry
* Squid Bugzilla #2175: Update valgrind support for
valgrind-3.3.0
* Random authenticaiton failures when using Digest authentication
* digest auth related memory corruption
* Allow informal errors on stderr when using -k parse
* Squid Bugzilla #2063: Hide debugging messages before cache.log
is opened
* Squid Bugzilla #2018: dead_peer_timeout fails to declare peer
dead
* Squid Bugzilla #2114: cache memory accounting not working well
* Fix some minor casting errors affecting cachemgr reporting when
cache/mem >2GB
* Squid Bugzilla #2231: Compile error in squid_kerb_auth under
Mac OS X 10.5.2
* Squid Bugzilla #2101: Reuse pconns using LIFO
* Squid Bugzilla #2159: WCCPv2 assertion failure on Mask
assignment
* Kill unused body_size variable
* Kill obsolete phttpd/0.99.72 malformed HEAD response
workaround.
* License cleanup to comply with GPLv2 or later.
* Sync store meta assignments with Squid-2.
* Don't be so verbose about not yet implemented store meta data
types
* Accept some unknown store meta entries without throwing away
the rest.
* Patch to strip kerberos realm from username
* Clean up of deferred reads and delay pools was not applied to
comm_select_win32.cc
* Fix missing default disk store type into QUICKSTART example.
* Alter caching policy for Dynamic Objects.
* Squid Bugzilla #2166 - Error compiling on Mac OS X 10.5 Leopard
* Correct example IPs in tcp_outgoing_address config
* Squid Bugzilla #2189 - wrong parameters used for memset
- removed our patches, which are upstream included now
- worked on BuildRequires:
-------------------------------------------------------------------
Tue Jan 15 15:04:06 CET 2008 - kssingvo@suse.de
- update to version 3.0.STABLE1:
* Updated changelog for 3.0.STABLE1 release
* MFC
* Name the upcoming release 3.0.STABLE1 MFC
* Remove references to myself and NLANR, add pointer to COPYRIGHT
file
* Change old info@ircache.net contact address to
info@squid-cache.org
* Fixed more compile errors after removal of snprintf.h
* Fix compile errors after removal of snprintf.h
* Removed the following debugging line, numerous copies of which
used to appear
* Set default formatting flags for the debugging stream to
"fixed" with a
* Delete now unused snprintf.h header file
* removed lib/snprintf.c credits as it's no longer shipped with
Squid
* Kill GPL-incompatible (Apache) lib/snprintf.c source.
* assertion failed: comm.cc:116: "ccb->active == false"
* squid.conf, others overwrite -X
* Wrap equation argument to debugs() properly.
* Correct attribution of current MD5 changes.
* Fix typo added during some patch.
* Fix SegFault when NetDB asked to ping a zero-length
domain/hostname
* allow pending cache hits when delay pools not compiled in pack
header entries on cache updates
* Update to Squid MD5 syntax
* Correct update of 304 headers
* Make squid_db_auth reopen the database connection on each query
by default
* Updated MD5 credits (no longer RSA). Removed winbind credits
(no longer shipped with Squid)
* Drop the RSA licensed MD5 implementation, and use the one
shipped with Squid instead
* Change priority of proxy auth and extacl provided username in
login=*:pass
* Declare Squid 3 Windows support NOT STABLE.
* Fix build failure caused by a typo.
* Renamed "SQUID_ESI" to "USE_SQUID_ESI" at request of other
developers
* Change 'ESI' define to 'SQUID_ESI'
* More fixes for recent MD5 mixups
* Fix-fix for MD5.
* fix GCC 4.3 warnings, part 1
* operator != declared outside of the HttpRequestMethod class
results in
* Returning -1 in the unreached portion of u_short GetService()
code results in
* partial fix: Allocate space for a NULL terminator of the helper
* RFC 1157 - SNMP v1 Protocol is used by squid.
* Enable squid to lookup /etc/services for named peer ports.
* Re-fix libmd5 detection on configure
* Solaris 10 appears to provide MD5 natively
* Add some include-protection to IPInterception.cc
* Extended the Squid -> Rewriter interface with key=value pairs
* Close three possible buffer over/under-runs
* Looks like 'dstdomain' and 'dstdomain_regex' ACLs were broken.
* Spelling.
* Code cleanup.
* NetBIOS is now officially obsolete.
* fix: Better handling of HTTP 206 Partial Content responses.
* Added debugging while investigating
* RFC bits omitted earlier.
* RFC 3162 - updated RADIUS authentication protocol
* Policy Change: Make all ACL a predefined default.
* Add RFC 1902, 1905 - SNMP Protocols used by squid.
* Close several unsafe control paths after fatalf()
* Close several unsafe control paths after self_destruct()
* fix: handle REQMOD HTTP responses without body
* fix: SegFault in tunnelConnectTimeout error page generation.
* Need to read clearer. We agreed on allow localnet->deny all.
* Alter policy of ICP and HTCP access to default allow only local
networks
* autoconf 2.61 works.
* Add notes about htcp_access effects on HTCP peers to config.
* Update udp_(incoming|outgoing)_address option docs to reflect
current state.
* Respect DNS ttl=0
* Digest delays are no longer bound to any fixed unit of time.
* digest_generation docs should reference compile option not
internal macro.
* 3.0RC1: Add stub ERR_ESI and ERR_ICAP_FAILURE documents to
errors/Armenian
* Likely fix for helper-related SEGV shortly after reconfigure
* automake 1.10 also works..
* More >2GB fixes. BodyPipe::unproducedSize() method should also
return an uint64_t
- squid3 now obsoletes squid (= squid2)
- renamed patches, removed unused patches
- removed obsolete use of suse 8.0 version requirement
- changed X-UnitedLinux-Should-XXX to Should-XXX in init script
-------------------------------------------------------------------
Wed Dec 12 18:25:27 CET 2007 - kssingvo@suse.de
- BuildRequires doesn't need openldap2 anymore. fixed.
-------------------------------------------------------------------
Thu Nov 29 11:10:33 CET 2007 - kssingvo@suse.de
- removed gcc-4.3 patch, now in upstream
- added many upstream patches:
* Fix typo added during some patch.
* Fix SegFault when NetDB asked to ping a zero-length
domain/hostname
* Bug #2096: allow pending cache hits when delay pools not
compiled in
* pack header entries on cache updates
* Update to Squid MD5 syntax
* Correct update of 304 headers
* Make squid_db_auth reopen the database connection on each
query by default
* Updated MD5 credits (no longer RSA). Removed winbind credits
(no longer shipped with Squid)
* Drop the RSA licensed MD5 implementation, and use the one
shipped with Squid instead
* Change priority of proxy auth and extacl provided username in
login=*:pass
* Declare Squid 3 Windows support NOT STABLE.
* Fix build failure caused by a typo.
* Renamed "SQUID_ESI" to "USE_SQUID_ESI" at request of other
developers
* Change 'ESI' define to 'SQUID_ESI'
* More fixes for recent MD5 mixups
* Fix-fix for MD5.
* Bug #2123 fix, part 1: GCC 4.3 warnings
* operator != declared outside of the HttpRequestMethod class
results in
* Returning -1 in the unreached portion of u_short GetService()
code results in
* Bug #2123 partial fix: Allocate space for a NULL terminator
of the helper
* RFC 1157 - SNMP v1 Protocol is used by squid.
* Enable squid to lookup /etc/services for named peer ports.
* Re-fix libmd5 detection on configure
* Solaris 10 appears to provide MD5 natively
* Add some include-protection to IPInterception.cc
* Extended the Squid -> Rewriter interface with key=value pairs
* Close three possible buffer over/under-runs
* Looks like 'dstdomain' and 'dstdomain_regex' ACLs were
broken.
* Spelling.
* Code cleanup.
* NetBIOS is now officially obsolete.
* Bug #2116 fix: Better handling of HTTP 206 Partial Content
responses.
* Added debugging while investigating bug #2116.
* RFC bits omitted earlier.
* RFC 3162 - updated RADIUS authentication protocol
* Policy Change: Make all ACL a predefined default.
* Add RFC 1902, 1905 - SNMP Protocols used by squid.
* Close several unsafe control paths after fatalf()
* Close several unsafe control paths after self_destruct()
* Author:Rafael Martinez <rmartine@fdi.ucm.es>
* Author: Rafael Martinez <rmartine@fdi.ucm.es>
* Bug #2104 fix: handle REQMOD HTTP responses without body
* Bug #2098 fix: SegFault in tunnelConnectTimeout error page
generation.
* Need to read clearer. We agreed on allow localnet->deny all.
* Alter policy of ICP and HTCP access to default allow only
local networks
* autoconf 2.61 works.
* Add notes about htcp_access effects on HTCP peers to config.
* Update udp_(incoming|outgoing)_address option docs to reflect
current state.
* Bug #2100: Respect DNS ttl=0
* Digest delays are no longer bound to any fixed unit of time.
* digest_generation docs should reference compile option not
internal macro.
* Bug #2094: 3.0RC1: Add stub ERR_ESI and ERR_ICAP_FAILURE
documents to errors/Armenian
* Likely fix for helper-related SEGV shortly after reconfigure
* automake 1.10 also works..
* More >2GB fixes. BodyPipe::unproducedSize() method should
also return an uint64_t
-------------------------------------------------------------------
Tue Nov 20 12:30:45 CET 2007 - kssingvo@suse.de
- added "squid-beta" to Conflicts: section
- removed unneeded snprintf.c due to license issue (bugzilla#341246)
- replace md5.c and md5.h by GPL version (bugzilla#341246)
-------------------------------------------------------------------
Tue Nov 13 11:42:02 CET 2007 - kssingvo@suse.de
- fixed gcc-4.3 "-Wall -Werror" issues
-------------------------------------------------------------------
Thu Nov 8 10:00:27 CET 2007 - kssingvo@suse.de
- initial try with RC1, based on squid-beta
