Commit Graph

  • be00812e5d Accepting request 1229399 from server:proxy factory Ana Guerrero 2024-12-09 20:12:58 +0000
  • 50777186fb - Update to 6.12 - Fix validation of Digest auth header parameters - changes since squid-6.11: - Fix Kerberos detection when cross-compiling - Improve robustness of DNS code on reconfigure - Prevent slow memory leak in TCP DNS queries - Improve errors emitted when invalid ACLs are parsed devel Adam Majer 2024-12-09 13:10:14 +0000
  • 5521453c13 Accepting request 1183540 from server:proxy Ana Guerrero 2024-06-27 14:04:49 +0000
  • a546da3270 - update to 6.10 - ESI: Disable by default (#1728) - Bug 5378: type mismatch in libTrie (#1830) (bsc#1227086, CVE-2024-37894) - testCacheManager: use cppunit exception tests (#1811) - testRandomUuid: use cppunit exception tests (#1814) - Docs: REQUIRED in ident_regex, proxy_auth_regex, ext_user_regex (#1818) - Fix build with clang v18 [-Wvla-cxx-extension] (#1813) (#1817) Adam Majer 2024-06-27 07:06:46 +0000
  • 3f696fa535 Accepting request 1177317 from server:proxy Ana Guerrero 2024-05-28 15:30:23 +0000
  • eb70b5ef0f - CVE-2024-33427.patch: fixes possible buffer overread leading to denial of service (bsc#1225417, CVE-2024-33427) Adam Majer 2024-05-28 08:55:47 +0000
  • 83753ab199 - update to 6.9 - Regression Bug 5349: basic_nis_auth build error: unterminated #ifndef - Bug 5069: Keep listening after getsockname() error - Bug 5360: FwdState::noteDestinationsEnd() assertion "err" - Reduce stale errno usage - Plug memory leak in handling cache manager requests - Fix error: template-id not allowed for constructor in C++20 - Improve release packaging automation - header_fixups.patch: upstreamed, removed - 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: upstreamed, removed Adam Majer 2024-05-28 08:50:04 +0000
  • f5630c87ae Accepting request 1155563 from server:proxy Dominique Leuenberger 2024-03-06 22:06:03 +0000
  • 23219f8b97 - 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on client errors Adam Majer 2024-03-06 13:17:43 +0000
  • 17b414d940 - Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617) Adam Majer 2024-03-06 13:03:42 +0000
  • 8ef00f7fd9 - header_fixups.patch: added Adam Majer 2024-03-06 12:48:17 +0000
  • 6cedc775e2 - update to 6.8 - Fix marking of problematic cached IP addresses (#1691) - Bug 5344: mgr:config segfaults without logformat (#1680) - Fix infinite recursion when parsing HTTP chunks (#1553) (bsc#1216715, CVE-2024-25111) - changes in 6.7 - Bug 5337: workaround for crash on startup if -a option is used - Bug 5274: Successful tunnels logged as TCP_TUNNEL/500 - Fix crash when NTLM and Negotiate helpers are queried with no HTTP request - Fix SslBump memory leak when mimicking certificates with Authority Key Identifier - Fix memory leak on SslBump certificates with Authority Key Identifier extension - Fix a possible integer overflow in FTP Gateway - Extend cache_log_message to Bug 5187 and job invalidation BUGs - Remove incorrect beta version warning Adam Majer 2024-03-06 12:28:13 +0000
  • b9466b8dea Accepting request 1151607 from server:proxy Ana Guerrero 2024-02-26 19:02:40 +0000
  • f3ee015a17 Accepting request 1151577 from home:dimstar:rpm4.20:s Martin Pluskal 2024-02-26 13:40:54 +0000
  • 3e94cee43c Accepting request 1142310 from server:proxy Ana Guerrero 2024-01-29 21:33:26 +0000
  • 1b2dbe0e67 add missing CVEs Adam Majer 2024-01-29 13:38:27 +0000
  • 335a196703 add bugzilla entry Adam Majer 2024-01-29 11:23:56 +0000
  • 271189ebfc Accepting request 1135832 from server:proxy Dominique Leuenberger 2024-01-03 11:26:37 +0000
  • af1d180b1f Accepting request 1135796 from home:dirkmueller:Factory Martin Pluskal 2023-12-31 07:22:40 +0000
  • 311bd1e5b3 Accepting request 1135553 from home:seanlew:branches:server:proxy Martin Pluskal 2023-12-29 09:02:20 +0000
  • f4934e733f Accepting request 1122203 from server:proxy Ana Guerrero 2023-11-02 19:22:22 +0000
  • 62ba66243a - update to 6.4: * security fixes: + Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846) + Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824) + Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847) + Denial of Service in FTP (bsc#1216498, CVE-2023-46848) + Fix validation of certificates (bsc#1216803, CVE-2023-46724) * Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL * Bug 4981: Work around in-call job invalidation bugs * basic_smb_lm_auth: fix 'no previous declaration' warnings * CacheManager: require /squid-internal-mgr/ URL path prefix * ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion] * documentation changes Adam Majer 2023-11-02 08:45:54 +0000
  • 06806c2bd9 Accepting request 1112346 from server:proxy Dominique Leuenberger 2023-09-20 11:30:36 +0000
  • 452d72b5c9 - update to 6.3: - Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL - Bug 4981: Work around in-call job invalidation bugs - basic_smb_lm_auth: fix 'no previous declaration' warnings - CacheManager: require /squid-internal-mgr/ URL path prefix - ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion] Adam Majer 2023-09-19 16:22:38 +0000
  • 33fd7e9371 Accepting request 1103106 from server:proxy Dominique Leuenberger 2023-08-09 15:26:17 +0000
  • fcd32b7814 Accepting request 1103093 from home:polslinux:branches:server:proxy Adam Majer 2023-08-09 09:34:23 +0000
  • 9ce8aee8b8 Accepting request 1085760 from server:proxy Dominique Leuenberger 2023-05-10 14:17:59 +0000
  • 3be8318923 - update to 5.9: * Improve reply_body_max_size matching accuracy * fix gcc13 warning Adam Majer 2023-05-09 14:34:55 +0000
  • 2dda8e08c9 Accepting request 1084087 from server:proxy Dominique Leuenberger 2023-05-03 10:56:54 +0000
  • 07fb1be74a - partial revert of earlier "fix PIDFile" - move pidfile back to /run/squid.pid and not in the directory owned by squid. The purpose of /run/squid/ is to facilitate SMP worker's IPC and not for the PID file. The PID file can live just fine in /run since it's written by root. (bsc#1210960) Adam Majer 2023-05-02 15:18:21 +0000
  • 9497358eb1 Accepting request 1079395 from server:proxy Dominique Leuenberger 2023-04-14 11:14:09 +0000
  • 9f9d69b591 Accepting request 1079299 from home:dirkmueller:Factory Martin Pluskal 2023-04-14 07:58:30 +0000
  • c76636d04d Accepting request 1073989 from server:proxy Dominique Leuenberger 2023-03-24 14:21:18 +0000
  • 8ec6e276c4 Accepting request 1073988 from home:marxin:branches:server:proxy Adam Majer 2023-03-23 14:58:09 +0000
  • 374407c07e Accepting request 1060834 from server:proxy Dominique Leuenberger 2023-01-25 16:44:05 +0000
  • 85015dd9ad Accepting request 1060819 from home:kukuk:branches:server:proxy Adam Majer 2023-01-25 10:29:53 +0000
  • 6cca7078d5 Accepting request 1055875 from server:proxy Dominique Leuenberger 2023-01-04 16:53:50 +0000
  • 04b3f78d48 Accepting request 1046445 from home:schubi2:pam_usr_etc Martin Pluskal 2023-01-04 14:36:50 +0000
  • 2835498b26 Accepting request 1006088 from server:proxy Dominique Leuenberger 2022-09-26 16:48:40 +0000
  • 0c32424ab7 Accepting request 1003832 from home:schubi2:logrotate Adam Majer 2022-09-26 10:29:20 +0000
  • 7c543ee7fd Add CVE references Adam Majer 2022-09-26 10:23:09 +0000
  • 384314cf9f Accepting request 1003011 from server:proxy Dominique Leuenberger 2022-09-12 17:09:05 +0000
  • 221d387569 Accepting request 1002491 from home:dirkmueller:Factory Adam Majer 2022-09-12 15:32:36 +0000
  • e089dbe488 Accepting request 999925 from server:proxy Dominique Leuenberger 2022-08-30 12:49:06 +0000
  • e83ebc1600 Accepting request 999891 from home:computersalat:devel:proxy Adam Majer 2022-08-29 11:10:51 +0000
  • 7ab08601a3 Accepting request 985925 from server:proxy Dominique Leuenberger 2022-06-30 11:18:25 +0000
  • 3d5852fb75 Accepting request 985780 from home:schubi2 Lars Vogdt 2022-06-29 17:56:59 +0000
  • 828dd3c8c8 Accepting request 984871 from server:proxy Dominique Leuenberger 2022-06-25 08:24:14 +0000
  • 3db5ecbad9 - Update to 5.6: * Improve handling of Gopher responses (bsc#1200907, CVE-2021-46784) - Changes in 5.5: * fixes regression Bug 5192: esi_parser default is incorrect * Bug 5177: clientca certificates sent to https_port clients * Bug 5090: Must(!request->pinnedConnection()) violation * Kid restart leads to persistent queue overflows, delays/timeouts Adam Majer 2022-06-24 09:29:25 +0000
  • 24f7dcfe4b Accepting request 966241 from server:proxy Dominique Leuenberger 2022-04-01 19:35:36 +0000
  • 12b4ed7ebc - Do not try to set special permissions for basic_pam_auth (bsc#1197649) Adam Majer 2022-03-31 14:26:52 +0000
  • d6ca2748d9 Accepting request 965649 from server:proxy Dominique Leuenberger 2022-03-29 16:16:15 +0000
  • eae485a694 with directories in pretrans section (bsc#1197333) Adam Majer 2022-03-29 12:32:38 +0000
  • 7a4d40ca76 - Fix upgrade path from squid 4.x where we replaced some symlinks with directories (bsc#1197333) - old_nettle_compat.patch: refresh patch Adam Majer 2022-03-29 12:30:01 +0000
  • e84e29bcf2 Accepting request 961868 from server:proxy Dominique Leuenberger 2022-03-15 18:03:52 +0000
  • 3a4ba9cfbe Add CVE reference only Adam Majer 2022-03-08 11:45:31 +0000
  • 8c3c7904b6 Accepting request 958214 from server:proxy Dominique Leuenberger 2022-03-01 16:03:38 +0000
  • 487cb8560d Accepting request 957749 from home:AndreasStieger:branches:server:proxy Martin Pluskal 2022-03-01 08:14:36 +0000
  • 7fcf28aa05 Accepting request 952695 from server:proxy Dominique Leuenberger 2022-02-09 19:39:20 +0000
  • 2540ef9507 Accepting request 952643 from home:polslinux:branches:server:proxy Martin Pluskal 2022-02-08 13:46:41 +0000
  • 389d50ec6e Accepting request 942126 from server:proxy Dominique Leuenberger 2021-12-22 19:18:17 +0000
  • c791b32bc9 - Adjust harden_squid.service.patch to resolve boo#1193938 Martin Pluskal 2021-12-22 14:26:08 +0000
  • 11313c1e8a Accepting request 941860 from server:proxy Dominique Leuenberger 2021-12-21 17:40:50 +0000
  • da562559a5 Accepting request 939558 from home:dirkmueller:Factory Martin Pluskal 2021-12-21 14:30:33 +0000
  • 38338573ad Accepting request 936249 from server:proxy Dominique Leuenberger 2021-12-07 23:00:02 +0000
  • 1ba7c0f00b Accepting request 933486 from home:jsegitz:branches:systemdhardening:server:proxy Martin Pluskal 2021-12-07 12:01:22 +0000
  • b367df9e33 Accepting request 923558 from server:proxy Dominique Leuenberger 2021-10-07 22:05:48 +0000
  • 7540de6b79 Fix Source URLs Adam Majer 2021-10-06 17:10:48 +0000
  • 91cd7d9ece Accepting request 923273 from home:adamm:branches:server:proxy Martin Pluskal 2021-10-06 08:28:26 +0000
  • c66d86bb71 Accepting request 909881 from server:proxy Dominique Leuenberger 2021-08-03 20:48:45 +0000
  • f4a3ff6528 Accepting request 909588 from home:dirkmueller:Factory Martin Pluskal 2021-08-03 07:22:15 +0000
  • b62fb0f8f4 Accepting request 895417 from server:proxy Dominique Leuenberger 2021-06-01 08:36:47 +0000
  • 9d9e9e1d0b Add missing bug reference Adam Majer 2021-05-18 18:11:24 +0000
  • 6804707c59 Accepting request 893984 from server:proxy Dominique Leuenberger 2021-05-18 16:26:46 +0000
  • 3761d61a9d - fix building with SLE12 Adam Majer 2021-05-18 12:44:03 +0000
  • abcd5831a0 - Bug 5106: Broken cache manager URL parsing (bsc#1185918, CVE-2021-28652) (bsc#1185921, CVE-2021-28651) (bsc#1185919, CVE-2021-28662) - Handle more Range requests (bsc#1185916, CVE-2021-31806) - Handle more partial responses (bsc#1185923) Adam Majer 2021-05-18 08:58:40 +0000
  • 0cfadfd43c Accepting request 892494 from server:proxy Dominique Leuenberger 2021-05-12 17:32:42 +0000
  • b8860150b2 Accepting request 892304 from home:dirkmueller:Factory Martin Pluskal 2021-05-12 12:31:04 +0000
  • 3bf85069ce Accepting request 870771 from server:proxy Dominique Leuenberger 2021-02-10 20:31:00 +0000
  • 0e6d2ed89f Accepting request 870712 from home:dirkmueller:branches:server:proxy Martin Pluskal 2021-02-10 06:37:01 +0000
  • 035ce7c4e7 Accepting request 846311 from server:proxy Dominique Leuenberger 2020-11-05 20:56:20 +0000
  • 8d1748fdfd Accepting request 846223 from home:adamm:branches:server:proxy Adam Majer 2020-11-05 16:30:46 +0000
  • 04ac4278eb Accepting request 840300 from server:proxy Dominique Leuenberger 2020-10-09 22:29:08 +0000
  • 9446ddfb48 Unescape macros Adam Majer 2020-10-08 14:14:03 +0000
  • f80a1dd80c Accepting request 840239 from home:mgerstner:branches:server:proxy Adam Majer 2020-10-08 14:13:00 +0000
  • c9bc4ae547 Accepting request 831407 from server:proxy Dominique Leuenberger 2020-09-02 23:13:55 +0000
  • b0e79047c9 Added CVE number only Adam Majer 2020-08-26 08:32:58 +0000
  • 31a6238417 Accepting request 828922 from server:proxy Dominique Leuenberger 2020-08-25 07:33:38 +0000
  • 9f88e6bab0 - squid 4.13: * Enforce token characters for field-name (#700) * Fix livelocking in peerDigestHandleReply (#698) (bsc#1175671) * Improve Transfer-Encoding handling (#702) (bsc#1175665, CVE-2020-15811) * Forbid obs-fold and bare CR whitespace in framing header fields (#701) * Source Format Enforcement * Enforce token characters for field-name (#700) (bsc#1175664, CVE-2020-15810) * Do not stall while debugging a scan of an empty store_table (#699) * Fix livelocking in peerDigestHandleReply (#698) * Honor on_unsupported_protocol for intercepted https_port (#689) * Bug #5051: Some collapsed revalidation responses never expire (#683) * SslBump: Support parsing GREASEd (and future) TLS handshakes (#663) Adam Majer 2020-08-24 11:53:55 +0000
  • e3b6e0221f Accepting request 825214 from server:proxy Dominique Leuenberger 2020-08-10 13:01:05 +0000
  • f6f553d246 Accepting request 822709 from home:adamm:branches:server:proxy Martin Pluskal 2020-08-10 06:02:07 +0000
  • 8645cb2c21 Accepting request 817633 from server:proxy Dominique Leuenberger 2020-06-29 19:17:13 +0000
  • f54ff4bf28 Add missing CVE number Adam Majer 2020-06-29 08:00:27 +0000
  • cf1ad20812 * HTTP: validate Content-Length value prefix (CVE-CVE-2020-15049, bsc#1173455) Adam Majer 2020-06-29 07:59:39 +0000
  • 4afdd113d1 Accepting request 816822 from server:proxy Dominique Leuenberger 2020-06-24 13:50:24 +0000
  • cccd5fcd50 * Fixes a potential Denial of Service when processing TLS certificates during HTTPS or SSL-Bump connections (CVE-2020-14059, bsc#1173304) Adam Majer 2020-06-24 11:46:29 +0000
  • 3b3d2c2e9a Accepting request 816284 from server:proxy Dominique Leuenberger 2020-06-22 15:46:11 +0000
  • 90caa15be3 Accepting request 816219 from home:AndreasStieger:branches:server:proxy Martin Pluskal 2020-06-22 08:43:44 +0000
  • a8c49f5f4f Accepting request 796564 from server:proxy Dominique Leuenberger 2020-04-23 16:40:20 +0000
  • 8b38ddcc65 - Update to squid 4.11: * Fix incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (CVE-2019-12519, CVE-2019-12521, bsc#1169659) * Fixes possible information disclosure when translating FTP server listings into HTTP responses. (CVE-2019-12528, bsc#1162689) * Fixes possible denial of service caused by incorrect buffer management ext_lm_group_acl when processing NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691) * Fixes a potential remote execution vulnerability when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313) * Fixes problem when reconfigure killed Coordinator in SMP+ufs configurations (#556) Adam Majer 2020-04-23 13:47:01 +0000