9fb03d5777
Since version 6, some previously deprecated features have been removed: * Edge Side Includes (ESI) * access to the cache manager using the cache_object:// scheme - use http instead * the squdclient tool - use curl http://<squid-address>/squid-internal-mgr/menu instead * the cachemgr.cgi tool * the purge tool - use the http PURGE method instead * Ident protocol support * basic_smb_lm_auth and ntlm_smb_lm_auth helpers - use Samba's ntlm_auth instead - Update to 7.3 - Regression Bug 5520: ERR_INVALID_URL for CONNECT host with leading digit - Quit NTLM authenticate() on missing NTLM authorization header - Fix Auth::User::absorb() IP list transfer logic - Fix type mismatch in new/delete of addrinfo::ai_addr - Fix libntlmauth string parsing on big-endian machines - ... and some code cleanups - ... and some CI improvements - changes since squid 6.14 (bsc#1252281, CVE-2025-62168) - Bug 3390: Proxy auth data visible to scripts - Bug 5504: Document that Squid discards invalid rewrite-url - Bug 5407: Support at least 1000 groups per Kerberos user - Fix parsing of malformed quoted squid.conf strings - Fix off-by-one in helper args count assertion - Fix UDP log module opening and closing code - Fix BodyPipe debugging in handleChunkedRequestBody() - Fix debugging of Eui48::lookup() problems - Fix memory leak when parsing deprecated %rG logformat code - Fix SQUID_YESNO 'syntax error near unexpected token' - DNS: fix RRPack memcpy - DNS: Do not leak RR data upon RR data unpacking errors - FTP: Avoid null dereferences when handling ftp_port traffic
Adam Majer2025-11-06 19:29:48 +00:00
d9af867924
- Updated harden_squid.service.patch to include new startup sequence local-fs.target - Update to 6.14 - Bug 5352: Do not get stuck in RESPMOD after pausing peer read(2) - Bug 5489: Fix "make check" linking on Solaris - Fix SNMP cacheNumObjCount -- number of cached objects - Do not duplicate received Surrogate-Capability in sent requests - Fix Mem::Segment::open() stub to fix build without shm_open() - ... and CI and documentation updates
Adam Majer2025-11-06 18:55:20 +00:00
50777186fb
- Update to 6.12 - Fix validation of Digest auth header parameters - changes since squid-6.11: - Fix Kerberos detection when cross-compiling - Improve robustness of DNS code on reconfigure - Prevent slow memory leak in TCP DNS queries - Improve errors emitted when invalid ACLs are parsed
Adam Majer2024-12-09 13:10:14 +00:00
5521453c13
Accepting request 1183540 from server:proxy
Ana Guerrero2024-06-27 14:04:49 +00:00
a546da3270
- update to 6.10 - ESI: Disable by default (#1728) - Bug 5378: type mismatch in libTrie (#1830) (bsc#1227086, CVE-2024-37894) - testCacheManager: use cppunit exception tests (#1811) - testRandomUuid: use cppunit exception tests (#1814) - Docs: REQUIRED in ident_regex, proxy_auth_regex, ext_user_regex (#1818) - Fix build with clang v18 [-Wvla-cxx-extension] (#1813) (#1817)
Adam Majer2024-06-27 07:06:46 +00:00
3f696fa535
Accepting request 1177317 from server:proxy
Ana Guerrero2024-05-28 15:30:23 +00:00
eb70b5ef0f
- CVE-2024-33427.patch: fixes possible buffer overread leading to denial of service (bsc#1225417, CVE-2024-33427)
Adam Majer2024-05-28 08:55:47 +00:00
83753ab199
- update to 6.9 - Regression Bug 5349: basic_nis_auth build error: unterminated #ifndef - Bug 5069: Keep listening after getsockname() error - Bug 5360: FwdState::noteDestinationsEnd() assertion "err" - Reduce stale errno usage - Plug memory leak in handling cache manager requests - Fix error: template-id not allowed for constructor in C++20 - Improve release packaging automation - header_fixups.patch: upstreamed, removed - 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: upstreamed, removed
Adam Majer2024-05-28 08:50:04 +00:00
6cedc775e2
- update to 6.8 - Fix marking of problematic cached IP addresses (#1691) - Bug 5344: mgr:config segfaults without logformat (#1680) - Fix infinite recursion when parsing HTTP chunks (#1553) (bsc#1216715, CVE-2024-25111) - changes in 6.7 - Bug 5337: workaround for crash on startup if -a option is used - Bug 5274: Successful tunnels logged as TCP_TUNNEL/500 - Fix crash when NTLM and Negotiate helpers are queried with no HTTP request - Fix SslBump memory leak when mimicking certificates with Authority Key Identifier - Fix memory leak on SslBump certificates with Authority Key Identifier extension - Fix a possible integer overflow in FTP Gateway - Extend cache_log_message to Bug 5187 and job invalidation BUGs - Remove incorrect beta version warning
Adam Majer2024-03-06 12:28:13 +00:00
b9466b8dea
Accepting request 1151607 from server:proxy
Ana Guerrero2024-02-26 19:02:40 +00:00
f3ee015a17
Accepting request 1151577 from home:dimstar:rpm4.20:s
Martin Pluskal2024-02-26 13:40:54 +00:00
3e94cee43c
Accepting request 1142310 from server:proxy
Ana Guerrero2024-01-29 21:33:26 +00:00
07fb1be74a
- partial revert of earlier "fix PIDFile" - move pidfile back to /run/squid.pid and not in the directory owned by squid. The purpose of /run/squid/ is to facilitate SMP worker's IPC and not for the PID file. The PID file can live just fine in /run since it's written by root. (bsc#1210960)
Adam Majer2023-05-02 15:18:21 +00:00
eae485a694
with directories in pretrans section (bsc#1197333)
Adam Majer2022-03-29 12:32:38 +00:00
7a4d40ca76
- Fix upgrade path from squid 4.x where we replaced some symlinks with directories (bsc#1197333) - old_nettle_compat.patch: refresh patch
Adam Majer2022-03-29 12:30:01 +00:00
Ana Guerrero
Adam Majer
Dominique Leuenberger
Martin Pluskal
Lars Vogdt