Ana Guerrero
be00812e5d
Accepting request 1229399 from server:proxy
...
- Update to 6.12
- Fix validation of Digest auth header parameters
- changes since squid-6.11:
- Fix Kerberos detection when cross-compiling
- Improve robustness of DNS code on reconfigure
- Prevent slow memory leak in TCP DNS queries
- Improve errors emitted when invalid ACLs are parsed
- Disble ESI. The code is removed upstream in 7.x (bsc#1232485, CVE-2024-45802)
OBS-URL: https://build.opensuse.org/request/show/1229399
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=123
2024-12-09 20:12:58 +00:00
50777186fb
- Update to 6.12
...
- Fix validation of Digest auth header parameters
- changes since squid-6.11:
- Fix Kerberos detection when cross-compiling
- Improve robustness of DNS code on reconfigure
- Prevent slow memory leak in TCP DNS queries
- Improve errors emitted when invalid ACLs are parsed
- Disble ESI. The code is removed upstream in 7.x (bsc#1232485, CVE-2024-45802)
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=301
2024-12-09 13:10:14 +00:00
Ana Guerrero
5521453c13
Accepting request 1183540 from server:proxy
...
- update to 6.10
- ESI: Disable by default (#1728 )
- Bug 5378: type mismatch in libTrie (#1830 ) (bsc#1227086, CVE-2024-37894)
- testCacheManager: use cppunit exception tests (#1811 )
- testRandomUuid: use cppunit exception tests (#1814 )
- Docs: REQUIRED in ident_regex, proxy_auth_regex, ext_user_regex (#1818 )
- Fix build with clang v18 [-Wvla-cxx-extension] (#1813 ) (#1817 )
OBS-URL: https://build.opensuse.org/request/show/1183540
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=122
2024-06-27 14:04:49 +00:00
a546da3270
- update to 6.10
...
- ESI: Disable by default (#1728 )
- Bug 5378: type mismatch in libTrie (#1830 ) (bsc#1227086, CVE-2024-37894)
- testCacheManager: use cppunit exception tests (#1811 )
- testRandomUuid: use cppunit exception tests (#1814 )
- Docs: REQUIRED in ident_regex, proxy_auth_regex, ext_user_regex (#1818 )
- Fix build with clang v18 [-Wvla-cxx-extension] (#1813 ) (#1817 )
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=299
2024-06-27 07:06:46 +00:00
Ana Guerrero
3f696fa535
Accepting request 1177317 from server:proxy
...
- update to 6.9
- Regression Bug 5349: basic_nis_auth build error: unterminated #ifndef
- Bug 5069: Keep listening after getsockname() error
- Bug 5360: FwdState::noteDestinationsEnd() assertion "err"
- Reduce stale errno usage
- Plug memory leak in handling cache manager requests
- Fix error: template-id not allowed for constructor in C++20
- Improve release packaging automation
- header_fixups.patch: upstreamed, removed
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: upstreamed, removed
- CVE-2024-33427.patch: fixes possible buffer overread leading to
denial of service (bsc#1225417, CVE-2024-33427)
OBS-URL: https://build.opensuse.org/request/show/1177317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=121
2024-05-28 15:30:23 +00:00
eb70b5ef0f
- CVE-2024-33427.patch: fixes possible buffer overread leading to
...
denial of service (bsc#1225417, CVE-2024-33427)
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=297
2024-05-28 08:55:47 +00:00
83753ab199
- update to 6.9
...
- Regression Bug 5349: basic_nis_auth build error: unterminated #ifndef
- Bug 5069: Keep listening after getsockname() error
- Bug 5360: FwdState::noteDestinationsEnd() assertion "err"
- Reduce stale errno usage
- Plug memory leak in handling cache manager requests
- Fix error: template-id not allowed for constructor in C++20
- Improve release packaging automation
- header_fixups.patch: upstreamed, removed
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: upstreamed, removed
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=296
2024-05-28 08:50:04 +00:00
Dominique Leuenberger
f5630c87ae
Accepting request 1155563 from server:proxy
...
- update to 6.8
- Fix marking of problematic cached IP addresses (#1691 )
- Bug 5344: mgr:config segfaults without logformat (#1680 )
- Fix infinite recursion when parsing HTTP chunks (#1553 )
(bsc#1216715, CVE-2024-25111)
- changes in 6.7
- Bug 5337: workaround for crash on startup if -a option is used
- Bug 5274: Successful tunnels logged as TCP_TUNNEL/500
- Fix crash when NTLM and Negotiate helpers are queried with no HTTP request
- Fix SslBump memory leak when mimicking certificates with Authority Key Identifier
- Fix memory leak on SslBump certificates with Authority Key Identifier extension
- Fix a possible integer overflow in FTP Gateway
- Extend cache_log_message to Bug 5187 and job invalidation BUGs
- Remove incorrect beta version warning
- squid.keyring: updated
- header_fixups.patch: added
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on
client errors
- Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617)
OBS-URL: https://build.opensuse.org/request/show/1155563
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=120
2024-03-06 22:06:03 +00:00
23219f8b97
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on
...
client errors
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=294
2024-03-06 13:17:43 +00:00
17b414d940
- Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617)
...
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=293
2024-03-06 13:03:42 +00:00
8ef00f7fd9
- header_fixups.patch: added
...
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=292
2024-03-06 12:48:17 +00:00
6cedc775e2
- update to 6.8
...
- Fix marking of problematic cached IP addresses (#1691 )
- Bug 5344: mgr:config segfaults without logformat (#1680 )
- Fix infinite recursion when parsing HTTP chunks (#1553 )
(bsc#1216715, CVE-2024-25111)
- changes in 6.7
- Bug 5337: workaround for crash on startup if -a option is used
- Bug 5274: Successful tunnels logged as TCP_TUNNEL/500
- Fix crash when NTLM and Negotiate helpers are queried with no HTTP request
- Fix SslBump memory leak when mimicking certificates with Authority Key Identifier
- Fix memory leak on SslBump certificates with Authority Key Identifier extension
- Fix a possible integer overflow in FTP Gateway
- Extend cache_log_message to Bug 5187 and job invalidation BUGs
- Remove incorrect beta version warning
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=291
2024-03-06 12:28:13 +00:00
Ana Guerrero
b9466b8dea
Accepting request 1151607 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1151607
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=119
2024-02-26 19:02:40 +00:00
Martin Pluskal
f3ee015a17
Accepting request 1151577 from home:dimstar:rpm4.20:s
...
Prepare for RPM 4.20
OBS-URL: https://build.opensuse.org/request/show/1151577
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=289
2024-02-26 13:40:54 +00:00
Ana Guerrero
3e94cee43c
Accepting request 1142310 from server:proxy
...
changes only changes, CVEs, bugs, etc.
OBS-URL: https://build.opensuse.org/request/show/1142310
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=118
2024-01-29 21:33:26 +00:00
1b2dbe0e67
add missing CVEs
...
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=287
2024-01-29 13:38:27 +00:00
335a196703
add bugzilla entry
...
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=286
2024-01-29 11:23:56 +00:00
Dominique Leuenberger
271189ebfc
Accepting request 1135832 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1135832
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=117
2024-01-03 11:26:37 +00:00
Martin Pluskal
af1d180b1f
Accepting request 1135796 from home:dirkmueller:Factory
...
drop old, not referenced assets
OBS-URL: https://build.opensuse.org/request/show/1135796
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=284
2023-12-31 07:22:40 +00:00
Martin Pluskal
311bd1e5b3
Accepting request 1135553 from home:seanlew:branches:server:proxy
...
Updated squid to 6.6
OBS-URL: https://build.opensuse.org/request/show/1135553
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=283
2023-12-29 09:02:20 +00:00
Ana Guerrero
f4934e733f
Accepting request 1122203 from server:proxy
...
- update to 6.4:
* security fixes:
+ Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846)
+ Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824)
+ Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847)
+ Denial of Service in FTP (bsc#1216498, CVE-2023-46848)
+ Fix validation of certificates (bsc#1216803, CVE-2023-46724)
* Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
* Bug 4981: Work around in-call job invalidation bugs
* basic_smb_lm_auth: fix 'no previous declaration' warnings
* CacheManager: require /squid-internal-mgr/ URL path prefix
* ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
* documentation changes
OBS-URL: https://build.opensuse.org/request/show/1122203
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=116
2023-11-02 19:22:22 +00:00
62ba66243a
- update to 6.4:
...
* security fixes:
+ Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846)
+ Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824)
+ Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847)
+ Denial of Service in FTP (bsc#1216498, CVE-2023-46848)
+ Fix validation of certificates (bsc#1216803, CVE-2023-46724)
* Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
* Bug 4981: Work around in-call job invalidation bugs
* basic_smb_lm_auth: fix 'no previous declaration' warnings
* CacheManager: require /squid-internal-mgr/ URL path prefix
* ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
* documentation changes
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=281
2023-11-02 08:45:54 +00:00
Dominique Leuenberger
06806c2bd9
Accepting request 1112346 from server:proxy
...
- update to 6.3:
- Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
- Bug 4981: Work around in-call job invalidation bugs
- basic_smb_lm_auth: fix 'no previous declaration' warnings
- CacheManager: require /squid-internal-mgr/ URL path prefix
- ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
OBS-URL: https://build.opensuse.org/request/show/1112346
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=115
2023-09-20 11:30:36 +00:00
452d72b5c9
- update to 6.3:
...
- Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
- Bug 4981: Work around in-call job invalidation bugs
- basic_smb_lm_auth: fix 'no previous declaration' warnings
- CacheManager: require /squid-internal-mgr/ URL path prefix
- ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=279
2023-09-19 16:22:38 +00:00
Dominique Leuenberger
33fd7e9371
Accepting request 1103106 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1103106
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=114
2023-08-09 15:26:17 +00:00
fcd32b7814
Accepting request 1103093 from home:polslinux:branches:server:proxy
...
- update to 6.2:
* Major UI changes:
- Remove 8K limit for single access.log line
- Add tls_key_log to report TLS communication secrets
* Minor UI changes:
- Add %transport::>connection_id logformat code
- Add paranoid_hit_validation directive
- Report SMP store queues state (mgr:store_queues)
- Addcache_log_message directive
* Developer Interest changes:
- Replaced X-Cache and X-Cache-Lookup headers with Cache-Status
- Reject HTTP/1.0 requests with unusual framing
- codespell check added to source maintenance enforcement
- Streamlined ./configure handling of optional libraries
- Add –progress option to test-builds.sh
- Remove layer-00-bootstrap from test script
- Convert LRU map into a CLP map
- Remove legacy context-based debugging in favor of CodeContext
* Removed features:
- Remove unused cache_diff binary
- Remove obsolete membanger test
- Remove deprecated leakfinder (–enable-leakfinder)
OBS-URL: https://build.opensuse.org/request/show/1103093
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=277
2023-08-09 09:34:23 +00:00
Dominique Leuenberger
9ce8aee8b8
Accepting request 1085760 from server:proxy
...
- update to 5.9:
* Improve reply_body_max_size matching accuracy
* fix gcc13 warning
OBS-URL: https://build.opensuse.org/request/show/1085760
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=113
2023-05-10 14:17:59 +00:00
3be8318923
- update to 5.9:
...
* Improve reply_body_max_size matching accuracy
* fix gcc13 warning
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=275
2023-05-09 14:34:55 +00:00
Dominique Leuenberger
2dda8e08c9
Accepting request 1084087 from server:proxy
...
- partial revert of earlier "fix PIDFile"
- move pidfile back to /run/squid.pid and not in the directory
owned by squid. The purpose of /run/squid/ is to facilitate
SMP worker's IPC and not for the PID file. The PID file can
live just fine in /run since it's written by root. (bsc#1210960)
OBS-URL: https://build.opensuse.org/request/show/1084087
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=112
2023-05-03 10:56:54 +00:00
07fb1be74a
- partial revert of earlier "fix PIDFile"
...
- move pidfile back to /run/squid.pid and not in the directory
owned by squid. The purpose of /run/squid/ is to facilitate
SMP worker's IPC and not for the PID file. The PID file can
live just fine in /run since it's written by root. (bsc#1210960)
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=273
2023-05-02 15:18:21 +00:00
Dominique Leuenberger
9497358eb1
Accepting request 1079395 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1079395
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=111
2023-04-14 11:14:09 +00:00
Martin Pluskal
9f9d69b591
Accepting request 1079299 from home:dirkmueller:Factory
...
- update to 5.8:
* Bug 5162: mgr:index URL do not produce MGR_INDEX template
* Bug 5241: Block all non-localhost requests by default
* Bug 5241: Block to-localhost, to-link-local requests by
default
* ext_kerberos_ldap_group_acl: Support -b with -D
* Fix ACL type typo in req_header, rep_header key-changing
ERRORs
* ... and several compile fixes
* ... and some code cleanup and polishing
OBS-URL: https://build.opensuse.org/request/show/1079299
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=271
2023-04-14 07:58:30 +00:00
Dominique Leuenberger
c76636d04d
Accepting request 1073989 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1073989
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=110
2023-03-24 14:21:18 +00:00
8ec6e276c4
Accepting request 1073988 from home:marxin:branches:server:proxy
...
- Enable LTO again as it survives tests now.
OBS-URL: https://build.opensuse.org/request/show/1073988
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=269
2023-03-23 14:58:09 +00:00
Dominique Leuenberger
374407c07e
Accepting request 1060834 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1060834
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=109
2023-01-25 16:44:05 +00:00
85015dd9ad
Accepting request 1060819 from home:kukuk:branches:server:proxy
...
- Disable NIS auth module (NIS is deprecated and get's currently
removed)
OBS-URL: https://build.opensuse.org/request/show/1060819
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=267
2023-01-25 10:29:53 +00:00
Dominique Leuenberger
6cca7078d5
Accepting request 1055875 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1055875
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=108
2023-01-04 16:53:50 +00:00
Martin Pluskal
04b3f78d48
Accepting request 1046445 from home:schubi2:pam_usr_etc
...
- Migration of PAM settings to /usr/lib/pam.d.
OBS-URL: https://build.opensuse.org/request/show/1046445
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=265
2023-01-04 14:36:50 +00:00
Dominique Leuenberger
2835498b26
Accepting request 1006088 from server:proxy
...
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
and CVE references,
- Regression Fix: Typo in manager ACL (bsc#1203677, CVE-2022-41317)
(bsc#1203680, CVE-2022-41318)
OBS-URL: https://build.opensuse.org/request/show/1006088
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=107
2022-09-26 16:48:40 +00:00
0c32424ab7
Accepting request 1003832 from home:schubi2:logrotate
...
- Migration to /usr/etc: Saving user changed configuration files
in /etc and restoring them while an RPM update.
OBS-URL: https://build.opensuse.org/request/show/1003832
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=263
2022-09-26 10:29:20 +00:00
7c543ee7fd
Add CVE references
...
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=262
2022-09-26 10:23:09 +00:00
Dominique Leuenberger
384314cf9f
Accepting request 1003011 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/1003011
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=106
2022-09-12 17:09:05 +00:00
221d387569
Accepting request 1002491 from home:dirkmueller:Factory
...
- update to 5.7:
- Regression Fix: Typo in manager ACL
- Bug 5186: noteDestinationsEnd check failed: transportWait
- Bug 5160: Test suite fails with -flto=auto
- Bug 3193 pt2: NTLM decoder truncating strings
- Bug 5133: OpenSSL 3.0 support
- ext_session_acl: fix TDB key lookup
- forward_max_tries: Do not count discarded connections
- ... and many compile and debugging fixes
OBS-URL: https://build.opensuse.org/request/show/1002491
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=260
2022-09-12 15:32:36 +00:00
Dominique Leuenberger
e089dbe488
Accepting request 999925 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/999925
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=105
2022-08-30 12:49:06 +00:00
e83ebc1600
Accepting request 999891 from home:computersalat:devel:proxy
...
fix PIDFile
OBS-URL: https://build.opensuse.org/request/show/999891
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=258
2022-08-29 11:10:51 +00:00
Dominique Leuenberger
7ab08601a3
Accepting request 985925 from server:proxy
...
OBS-URL: https://build.opensuse.org/request/show/985925
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=104
2022-06-30 11:18:25 +00:00
Lars Vogdt
3d5852fb75
Accepting request 985780 from home:schubi2
...
- Moved logrotate files from user specific directory /etc/logrotate.d
to vendor specific directory /usr/etc/logrotate.d.
OBS-URL: https://build.opensuse.org/request/show/985780
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=256
2022-06-29 17:56:59 +00:00
Dominique Leuenberger
828dd3c8c8
Accepting request 984871 from server:proxy
...
- Update to 5.6:
* Improve handling of Gopher responses (bsc#1200907, CVE-2021-46784)
- Changes in 5.5:
* fixes regression Bug 5192: esi_parser default is incorrect
* Bug 5177: clientca certificates sent to https_port clients
* Bug 5090: Must(!request->pinnedConnection()) violation
* Kid restart leads to persistent queue overflows, delays/timeouts
OBS-URL: https://build.opensuse.org/request/show/984871
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=103
2022-06-25 08:24:14 +00:00
3db5ecbad9
- Update to 5.6:
...
* Improve handling of Gopher responses (bsc#1200907, CVE-2021-46784)
- Changes in 5.5:
* fixes regression Bug 5192: esi_parser default is incorrect
* Bug 5177: clientca certificates sent to https_port clients
* Bug 5090: Must(!request->pinnedConnection()) violation
* Kid restart leads to persistent queue overflows, delays/timeouts
OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=254
2022-06-24 09:29:25 +00:00
Dominique Leuenberger
24f7dcfe4b
Accepting request 966241 from server:proxy
...
- Do not try to set special permissions for basic_pam_auth (bsc#1197649)
OBS-URL: https://build.opensuse.org/request/show/966241
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/squid?expand=0&rev=102
2022-04-01 19:35:36 +00:00