diff --git a/RELEASENOTES.html b/RELEASENOTES.html
index 70b3db1..51075da 100644
--- a/RELEASENOTES.html
+++ b/RELEASENOTES.html
@@ -2,10 +2,10 @@
- Squid 3.3.8 release notes
+ Squid 3.3.9 release notes
-Squid 3.3.8 release notes
+Squid 3.3.9 release notes
Squid Developers
@@ -56,7 +56,7 @@ for Applied Network Research and members of the Web Caching community.
-The Squid Team are pleased to announce the release of Squid-3.3.8.
+The Squid Team are pleased to announce the release of Squid-3.3.9.
This new release is available for download from
http://www.squid-cache.org/Versions/v3/3.3/ or the
mirrors.
diff --git a/squid-3.3.8.tar.bz2 b/squid-3.3.8.tar.bz2
deleted file mode 100644
index 27446a1..0000000
--- a/squid-3.3.8.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:6411f344510e780f9e579851151278e1d02d8fe06a56abb1d97b1c53c61326a1
-size 2992708
diff --git a/squid-3.3.8.tar.bz2.asc b/squid-3.3.8.tar.bz2.asc
deleted file mode 100644
index 719f647..0000000
--- a/squid-3.3.8.tar.bz2.asc
+++ /dev/null
@@ -1,20 +0,0 @@
-File: squid-3.3.8.tar.bz2
-Date: Sat Jul 13 13:52:06 UTC 2013
-Size: 2992708
-MD5 : ec1654d28e29bdd2ee342ffb655ecc72
-SHA1: 127c8252577bce25b62cb0d05b0fef7f3f379c23
-Key : 0xFF5CF463
- fingerprint = EA31 CC5E 9488 E516 8D2D CC5E B268 E706 FF5C F463
- keyring = http://www.squid-cache.org/pgp.asc
- keyserver = subkeys.pgp.net
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.12 (GNU/Linux)
-
-iQEcBAABAgAGBQJR4V5xAAoJELJo5wb/XPRjMh4H/jpt78U0JMJFXGFZskB82MIJ
-XGJrDlXyfop9guKKhRZHI7bJ67rx89Qox39kS2PaAapyBTGyJoQ8J14fuqdIFsJq
-TFk0HdZQZnvS+KLDH5QeDoJOj75dxh8aLRMJoQFnRemWHfDKaUzHqzTdKu6qYmoK
-0bv6esXV1tcTrpkFTTccMTYIjeGZNjRXQaEEx7iq7sVyIdzREzTHZgzXXevjCPKf
-kGv4IREJglpRPL6rVNZXFM0fZwxy99gcRN9RaEFXUk2s74XYAM0wonYJr/BOm3tB
-8Oc3Iwj6Z3Zb90MB2lQ5jCOaTSn7JeW16YMsm9+HOyRtjkPF8bgeswtIn4lhRcQ=
-=dmPd
------END PGP SIGNATURE-----
diff --git a/squid-3.3.9.tar.bz2 b/squid-3.3.9.tar.bz2
new file mode 100644
index 0000000..e1372f8
--- /dev/null
+++ b/squid-3.3.9.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2bb048725745de755f35a84133e25c7db0d56f4cc7002962e84b80091866eb45
+size 2988736
diff --git a/squid-3.3.9.tar.bz2.asc b/squid-3.3.9.tar.bz2.asc
new file mode 100644
index 0000000..1b17f81
--- /dev/null
+++ b/squid-3.3.9.tar.bz2.asc
@@ -0,0 +1,20 @@
+File: squid-3.3.9.tar.bz2
+Date: Wed Sep 11 04:32:33 UTC 2013
+Size: 2988736
+MD5 : f08bffe795260cecca828331c579e0c4
+SHA1: ac75d1bef17988e3ad95ee6761d7785f5aca9cd7
+Key : 0xFF5CF463
+ fingerprint = EA31 CC5E 9488 E516 8D2D CC5E B268 E706 FF5C F463
+ keyring = http://www.squid-cache.org/pgp.asc
+ keyserver = subkeys.pgp.net
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.12 (GNU/Linux)
+
+iQEcBAABAgAGBQJSL/QNAAoJELJo5wb/XPRjZZwH/jVAL6QGnufPlSZ4oIZEga29
+YHMuLKkAmBt6lp67MoNLHTthSsISiSLb7VvmIfSiNZxbSrt69PP0B+aWnM9O0rK6
+F+9YqgcPkoCAcOzf/SbVb0wm7kM41aYu3SvIJIgQu784KX1AJ3dyUTlb//Sfa0l7
+dcztRGIAihSkx3spf/1ALXq6f3MwKncFMs0l84x989luAS/jSte2Z+27s6aCK2eU
+4KvPPTmts5hpd6xvnX/Y1leye42c+MPpGc6XzsBzCJ2xlXOd75hZyrbOrSd5VR7t
++QVC98qVBW2QgQHHXlVG+TQCT75/go01mUpw3YeFMAf1HC6AATddGD2/6tN9roU=
+=mvR8
+-----END PGP SIGNATURE-----
diff --git a/squid.changes b/squid.changes
index 852d27c..b1ead67 100644
--- a/squid.changes
+++ b/squid.changes
@@ -1,3 +1,25 @@
+-------------------------------------------------------------------
+Sat Sep 28 17:56:52 UTC 2013 - chris@computersalat.de
+
+- Changes to squid-3.3.9 (11 Sep 2013):
+ * Regression Bug 3077: off-by-one error in Digest header decoding
+ * Bug 3895: fix acl_uses_indirect_client and cache_peer_access
+ * Bug 3879: assertion failed ConnStateData::validatePinnedConnection
+ * Bug 3863: myportname acl causes segmentation fault
+ * Bug 3849: Duplicate certificate sent when using https_port
+ * Bug 2287: Better fix for unsupported HTTP version handling
+ * Bug 2112: Reload into If-None-Match
+ * Fix several assert with side effects in ICAP/eCAP response handling
+ * Fix myportname ACL on ICAP/eCAP transactions
+ * Fix external ACL user:pass detail logging after adaptation
+ * Fix SMP mgr:info report 'Largest file desc currently in use'
+ * Improved compatibility with gcc 4.8, clang and icc
+ * Show number of available filedescriptors when reserved FD changes
+ * Sync with newest OpenSSL error codes
+ * Register Http2-Settings header
+ * ... and many Windows portability fixes
+- fix changelog
+
-------------------------------------------------------------------
Thu Sep 5 11:43:22 UTC 2013 - chris@computersalat.de
@@ -86,20 +108,14 @@ Sun Sep 1 12:25:46 UTC 2013 - chris@computersalat.de
-------------------------------------------------------------------
Sun Jul 28 12:44:37 UTC 2013 - bruno@ioda-net.ch
-- Changes for squid 3.2.13 release (July 13th 2013)
- Better handling of strange port values in Host:
- Bug #3869: assertion failed: MemBuf.cc:272: size < capacity
-
-- Changes for squid 3.2.12 release (July 10th 2013)
- Protect against buffer overrun in DNS query generation
- Revert rev.11818 - not applicable to 3.2.
- Allocate ClientInfo::hash.key using malloc() instead of new char[]
- Remove origin_tries limiter on forwarding
- Fixed leaking configurable SSL error details.
- Fix memory error with Kerberos authentication
- Avoid !closing assertions when helpers call comm_read [during reconfigure].
- Avoid Comm::Connection leaks when helpers are reconfigured or otherwise closed.
- Add missing piece omitted from rev.9677
+- Changes to squid-3.2.13 (13 Jul 2013):
+ * Bug 3869: assertion failed: MemBuf.cc:272: size < capacity
+ * Improved handling of port values in Host: header validation
+- Changes to squid-3.2.12 (11 Jul 2013):
+ * Protect against buffer overrun in DNS query generation
+ * Avoid !closing assertions when helpers call comm_read during reconfigure.
+ * Fix several minor memory leaks during reconfigure
+ * Remove origin_tries limiter on forwarding and permit large max_forward_tries values
-------------------------------------------------------------------
Thu Jul 25 10:19:05 UTC 2013 - tchvatal@suse.com
@@ -111,18 +127,18 @@ Thu Jul 25 10:19:05 UTC 2013 - tchvatal@suse.com
Tue Apr 30 11:42:06 UTC 2013 - bruno@ioda-net.ch
- Changes for squid 3.2.11 release (29 April 2013)
- - Fix enter_suid/leave_suid build errors in ip/Intercept.cc
- - GNU Hurd: define MAP_NORESERVE as no-op when missing
- - Bug #3833: Option '-k' is not present in squidclient man page
- - Bug #3817: Memory leak in SSL cert validate for alt_name peer certs
- - Bug #3822: Locate LDAP and SASL headers in /usr/local/include for BSD support
- - Bug #3825: basic_ncsa_auth segfaulting with glibc-2.17
- - Bug #3774: -k reconfigure drops rock
- - Bug #3565: Resuming postponed accept kills Squid
- - HTTP/1.1: partial support for no-cache and private controls with parameters
- - ssl_crtd: helpers dying during startup on ARM
- - Updated copyright for icons/SN.png squid-3.2-11813.patch
- - Revert r11810 - tools.h does not exist in 3.2 squid-3.2-11812.patch
+ * Fix enter_suid/leave_suid build errors in ip/Intercept.cc
+ * GNU Hurd: define MAP_NORESERVE as no-op when missing
+ * Bug #3833: Option '-k' is not present in squidclient man page
+ * Bug #3817: Memory leak in SSL cert validate for alt_name peer certs
+ * Bug #3822: Locate LDAP and SASL headers in /usr/local/include for BSD support
+ * Bug #3825: basic_ncsa_auth segfaulting with glibc-2.17
+ * Bug #3774: -k reconfigure drops rock
+ * Bug #3565: Resuming postponed accept kills Squid
+ * HTTP/1.1: partial support for no-cache and private controls with parameters
+ * ssl_crtd: helpers dying during startup on ARM
+ * Updated copyright for icons/SN.png squid-3.2-11813.patch
+ * Revert r11810 - tools.h does not exist in 3.2 squid-3.2-11812.patch
-------------------------------------------------------------------
Sun Mar 24 18:57:26 UTC 2013 - bruno@ioda-net.ch
@@ -136,61 +152,55 @@ Fri Mar 15 10:31:02 UTC 2013 - bruno@ioda-net.ch
- New revision for squid.service (using only sed)
handle multiple cache_dir line
Added sed as require
-
-Thu Mar 14 13:08:54 UTC 2013 - bruno@ioda-net.ch
-
- Packaging : fixed systemd squid.service
- - Rework on squid.service ExecStartPre line
- remove dependency on unfunctionnal wrapper
- - Fix bnc#802635 (creating cache struture fail on first call)
- - Fixed Type=forking and remove the use off -N (non daemon flag)
- - Fixed missing pid file
- - Structural : add all -k to end of Exec/Stop line
- - Ulimit : Added LimitNOFile=4096 ( same value as in /etc/sysconfig)
- but there's no way to decode dynamically /etc/sysconfig
- - Remove syslog.target ( no need anymore : advise from fcrozat )
- - Clean up squid_cache_build.sh
+ * Rework on squid.service ExecStartPre line
+ remove dependency on unfunctionnal wrapper
+ * Fix bnc#802635 (creating cache struture fail on first call)
+ * Fixed Type=forking and remove the use off -N (non daemon flag)
+ * Fixed missing pid file
+ * Structural : add all -k to end of Exec/Stop line
+ * Ulimit : Added LimitNOFile=4096 ( same value as in /etc/sysconfig)
+ but there's no way to decode dynamically /etc/sysconfig
+ * Remove syslog.target ( no need anymore : advise from fcrozat )
+ * Clean up squid_cache_build.sh
- Changes to squid-3.2.9 (12 Mar 2013):
- - Regression fix: Accept-Language header parse
- - Bug 3673: Silence 'Failed to select source' messages
- - Fix authentication headers sent on peer digest requests
- - Fix build error on Solaris, OpenIndiana, Omnios
-
+ * Regression fix: Accept-Language header parse
+ * Bug 3673: Silence 'Failed to select source' messages
+ * Fix authentication headers sent on peer digest requests
+ * Fix build error on Solaris, OpenIndiana, Omnios
- Changes to squid-3.2.8 (02 Mar 2013):
-
- - Bug 3767: tcp_outgoing_tos/mark ACLs do not obey acl_uses_indirect_client
- - Bug 3763: diskd Error: no filename in shm buffer
- - Bug 3752: objects that cannot be cached in memory are not cached on disk
- - Bug 3753: Removes the domain from the cache_peer server pconn key
- - Bug 3749: IDENT lookup using wrong ports to identify the user
- - Bug 3723: tcp_outgoing_tos/mark broken for CONNECT requests
- - Bug 3686: cache_dir max-size default fails
- - Bug 3515: crash in FtpStateData::ftpTimeout
- - Bug 3329: Quieten orphan Comm::Connection messages
- - Make squid -z for cache_dir rock preserve the rock DB
- - Fixed several server connect problems
- - ... and some build issues on Solaris, OpenIndiana, MacOS X
- - ... and some documentation and debugs polishing
+ * Bug 3767: tcp_outgoing_tos/mark ACLs do not obey acl_uses_indirect_client
+ * Bug 3763: diskd Error: no filename in shm buffer
+ * Bug 3752: objects that cannot be cached in memory are not cached on disk
+ * Bug 3753: Removes the domain from the cache_peer server pconn key
+ * Bug 3749: IDENT lookup using wrong ports to identify the user
+ * Bug 3723: tcp_outgoing_tos/mark broken for CONNECT requests
+ * Bug 3686: cache_dir max-size default fails
+ * Bug 3515: crash in FtpStateData::ftpTimeout
+ * Bug 3329: Quieten orphan Comm::Connection messages
+ * Make squid -z for cache_dir rock preserve the rock DB
+ * Fixed several server connect problems
+ * ... and some build issues on Solaris, OpenIndiana, MacOS X
+ * ... and some documentation and debugs polishing
-------------------------------------------------------------------
Wed Feb 20 23:24:06 UTC 2013 - e.istomin@edss.ee
- Changes to squid-3.2.7 (01 Feb 2013):
- - Bug 3736: Floating point exception due to divide by zero
- - Bug 3735: raw-IPv6 domain URLs crash if IPv6-disabled
- - Bug 3732: Fix ConnOpener IPv6 awareness
- - Bug 3729: 32-bit overflow in parsing 64-bit configuration values
- - Bug 3728: Improve debug for cache_dir
- - Bug 3687: unhandled exception: c when using interception and peers
- - Bug 3678: external acl grace period causes acl lookup failures
- - Bug 3567: Memory leak handling malformed requests
- - Bug 3111: Mid-term fix for the forward.cc "err" assertion
- - Support OpenSSL NO_Compression optio
- - Fix IPv6 enabled pinger on split-stack or IPv6-disabled systems
- - Fix "address.GetPort() != 0" assertion for helpers
- - ... and several minor memory leaks
- - ... and some cache.log message polishing
-
+ * Bug 3736: Floating point exception due to divide by zero
+ * Bug 3735: raw-IPv6 domain URLs crash if IPv6-disabled
+ * Bug 3732: Fix ConnOpener IPv6 awareness
+ * Bug 3729: 32-bit overflow in parsing 64-bit configuration values
+ * Bug 3728: Improve debug for cache_dir
+ * Bug 3687: unhandled exception: c when using interception and peers
+ * Bug 3678: external acl grace period causes acl lookup failures
+ * Bug 3567: Memory leak handling malformed requests
+ * Bug 3111: Mid-term fix for the forward.cc "err" assertion
+ * Support OpenSSL NO_Compression optio
+ * Fix IPv6 enabled pinger on split-stack or IPv6-disabled systems
+ * Fix "address.GetPort() != 0" assertion for helpers
+ * ... and several minor memory leaks
+ * ... and some cache.log message polishing
-------------------------------------------------------------------
Sun Jan 13 20:09:22 UTC 2013 - chris@computersalat.de
diff --git a/squid.spec b/squid.spec
index 0b51ea4..b807c9f 100644
--- a/squid.spec
+++ b/squid.spec
@@ -23,7 +23,7 @@ Name: squid
Summary: Squid Version 3.3 WWW Proxy Server
License: GPL-2.0+
Group: Productivity/Networking/Web/Proxy
-Version: 3.3.8
+Version: 3.3.9
Release: 0
Url: http://www.squid-cache.org/Versions/v3/3.3
Source0: http://www.squid-cache.org/Versions/v3/3.3/%{name}-%{version}.tar.bz2