forked from pool/squid
02444175b7
Fix build with glibc 2.17 OBS-URL: https://build.opensuse.org/request/show/141616 OBS-URL: https://build.opensuse.org/package/show/server:proxy/squid?expand=0&rev=23
1410 lines
59 KiB
Plaintext
1410 lines
59 KiB
Plaintext
-------------------------------------------------------------------
|
|
Sat Nov 17 09:38:19 UTC 2012 - aj@suse.de
|
|
|
|
- Fix build with glibc 2.17 (add patch squid-glibc217.patch).
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Oct 21 14:30:21 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.2.3 (21 Oct 2012):
|
|
- Regression: SMP crashes on startup with workers > 1
|
|
- Bug 3655: pinning failure breaks NTLM and Negotiate authentication
|
|
- SMP: Allow a UFS cache_dir entry to coexist with a shared memory cache entry
|
|
- HTTP/1.1: honour Cache-Control before Pragma:no-cache
|
|
- HTTP/1.1: Cache-Control compliance upgrade
|
|
- Remove obsoleted refresh_pattern ignore-no-cache option
|
|
- Fix IPv6 enabled squidclient
|
|
- ... and several compile fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Oct 20 11:52:33 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.2.2 (06 Oct 2012):
|
|
- Regression: Make login=PASS send no credentials when none available
|
|
- Regression: Handle dstdomain duplicates and overlapping names better
|
|
- Bug 3661: Segmentation fault when using more than 1 worker
|
|
- Bug 3660: ACLFilledChecklist::fd set with wrong fd for sslproxy_cert_error
|
|
- Bug 3658: ERR_ZERO_SIZE_OBJECT propagates out even after successful retry
|
|
- Bug 3648: polish String class files
|
|
- Bug 3647: parsing hier_code acl fails
|
|
- Bug 3626: forwarding loops on intercepted traffic
|
|
- Bug 3616: retrieve client connection for ACL checks from the related HttpRequest object
|
|
- Bug 3609: several RADIUS helper improvements
|
|
- Bug 3605: memory leak in Negotiate authentication
|
|
- Fix small memory leak in src ACL parse
|
|
- Fix maximum_single_addr_tries upgrade
|
|
- Fix chunked encoding on responses carrying a Content-Range header.
|
|
- Do not reuse persistent connections for PUTs to avoid ERR_ZERO_SIZE_OBJECT
|
|
- ... and several compile errors
|
|
- fix deps
|
|
* add missing Obsoletes/Provides for squid3
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 15 17:40:30 UTC 2012 - chris@computersalat.de
|
|
|
|
- package rename from squid3 back to squid
|
|
* old 'squid' (2.7STABLE9) now obsolete
|
|
* only one "stable" squid available >= 3.2
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 15 11:46:11 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.2.1 (15 Aug 2012):
|
|
- Bug 3605: memory leak in peer selection
|
|
- Bug 3478: better default handling without -DSTRICT_ORIGINAL_DST
|
|
- ... and some documentation updates
|
|
- rebase squid-config patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 3 11:27:00 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.2.0.19 (02 Aug 2012)
|
|
- Regression Bug 3580: IDENT request makes squid crash
|
|
- Regression Bug 3577: File Descriptors not properly closed
|
|
- Regression Bug 3478: Allow peer selection and connection auth on intercepted traffic
|
|
- Regression Fix: Restore memory caching ability
|
|
- Bug 3556 Workaround: epoll assertion failed: comm.cc:1093: isOpen(fd)
|
|
- Bug 3551: store_rebuild.cc:116: "store_errors == 0" assertion
|
|
- Bug 3525: Do not resend nibbled PUTs and avoid "mustAutoConsume" assertion.
|
|
- Avoid bogus "Disk space over limit" warnings when rebuidling dirty ufs index
|
|
- Support custom headers in [request|reply]_header_* manglers
|
|
- ... and much code polishing
|
|
- remove upstream patches
|
|
* 3.2-11611 - 3.2-11638
|
|
- rebase config, nobuilddates, compiled_without_RPM_OPT_FLAGS patches
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 30 23:52:17 UTC 2012 - chris@computersalat.de
|
|
|
|
- add upstream patches
|
|
* 3.2-11631 - 3.2-11638
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 27 13:11:15 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.2.0.18 (29 Jun 2012)
|
|
- Bug 3576: ICY streams being Transfer-Encoding:chunked
|
|
- Bug 3537: statistics histogram leaks memory
|
|
- Bug 3526: digest authentication crash
|
|
- Bug 3484: Docs: sslproxy_cert_error example flawed
|
|
- Bug 3462: Delay Pools and ICAP
|
|
- Bug 3405: ssl_crtd crashes failing to remove certificate
|
|
- Bug 3380: Mac OSX compile errors with CMSG_SPACE
|
|
- Bug 3258: Requests hang when Host forgery verify fails
|
|
- Bug 3186: Digest auth caches failed state without revalidating
|
|
- Bug 2976: ERR_INVALID_URL for transparently captured requests when reconfiguring
|
|
- Bug 2885: AIX: check and set required compiler flags
|
|
- Fix ssl_crtd compile issues with libsslutil
|
|
- Fix build with GCC 4.7 (and probably other C++11 compilers).
|
|
- Fix double-escape of %R on deny_info redirect responses
|
|
- Support status 308 Permanent Redirect
|
|
- Support for TLSv1.1 and TLSv1.2 options and methods
|
|
- Support passing external_acl_type credentials on ICAP
|
|
- Language Updates: fr, hy, pt_BR
|
|
- ... and many compile issues on Windows
|
|
- ... and some minor code polish
|
|
for more info please see ChangeLog
|
|
- remove obsolete swapdir, FSF patches
|
|
- rebase config, nobuilddates patches
|
|
- add upstream patches
|
|
* 3.2-11611 - 3.2-11630
|
|
- add compiled_without_RPM_OPT_FLAGS patch
|
|
* squid3 no-rpm-opt-flags <cmdline>:./cf_gen.cc
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 12 10:22:46 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.1.20
|
|
- Regression Bug 3545: FreeBSD dnsserver segfaults
|
|
- Regression Bug 3504: clientside_tos fails to mark traffic
|
|
- Bug 3539: CONNECT server connection not closed correctly on errors
|
|
- Bug 3502: client timeout uses server-side read_timeout, not request_timeout
|
|
- Bug 3466: Adaptation stuck on last single-byte body piece
|
|
- Bug 3463: dnsserver fails to compile
|
|
- Bug 3439: correct external_acl_type documented default for ipv4/ipv6 option
|
|
- Bug 3390: Proxy auth data visible to scripts
|
|
- Bug 3263: ssl_crtd: undefined references to squid_curtime
|
|
- Bug 3233: Invalid URL accepted with url host is white spaces
|
|
- Bug 3133: Memory leak handling requests for sites that don't exist
|
|
- Bug 3074: Improper URL handling with empty path (RFC 3986)
|
|
- Bug 3013: segmentation fault on shutdown commSetCloseOnExec at comm.cc:1889
|
|
- Regression: snmp/udp address directives not resolving hostname
|
|
- Better helper-to-Squid buffer size management.
|
|
- Support CoAP over HTTP (coap:// and coaps:// URLs)
|
|
- Support for 3.2 error template codes
|
|
- rebase config, swapdir patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 17 16:01:23 UTC 2012 - chris@computersalat.de
|
|
|
|
- some cleanup
|
|
* rebase patches (p0), remove version from patch_names
|
|
- add Source signature file
|
|
- add FSF patch (incorrect-fsf-address)
|
|
- add rpmlintrc file
|
|
* macro-in-comment
|
|
* no-manual-page-for-binary
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 15 20:50:59 UTC 2012 - chris@computersalat.de
|
|
|
|
- update to 3.1.19
|
|
- Regression Bug 3441: part 2: Prevent further cache size corruption of swap.state
|
|
- Bug 3473: erase last uses of obsolete auth_user_hash_pointer
|
|
- Bug 3470: GCC 4.7
|
|
- Bug 3442: assertion failed: external_acl.cc:908: ch->auth_user_request != NULL
|
|
- Bug 3441: part 1: Minimize cache size corruption by malformed swap.state
|
|
- Bug 3440: compile error in Adaptation
|
|
- Bug 3420: Request body consumption races and !theConsumer exception
|
|
- Bug 3370: external ACL sometimes skipping
|
|
- Bug 3085: Crash when parsing esi:include
|
|
- HTTP/1.1: do not add 110 and 111 Warnings to revalidated responses
|
|
- Fix SSL library dependency fixes
|
|
- remove obsolete upstream patches
|
|
* squid-3.1-10415 - ..421
|
|
- add squid source signature file
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 16 13:49:22 UTC 2012 - chris@computersalat.de
|
|
|
|
- add upstream patches
|
|
* 3.1-10419: Bug #3085: Crash when parsing esi:include
|
|
* 3.1-10420: Bug #3473: erase last uses of obsolete auth_user_hash_pointer
|
|
* 3.1-10421: Bug #3420: Request body consumption races and !theConsumer
|
|
exception.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 21 12:12:09 UTC 2011 - chris@computersalat.de
|
|
|
|
- fix for bnc#737905
|
|
* fix test EXPRESSION in post section
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 12 12:47:50 UTC 2011 - chris@computersalat.de
|
|
|
|
- add upstream patches
|
|
* 3.1-10417: Polish: debug messages on swap.state rename failure
|
|
* 3.1-10418: Bug #3442: assertion failed: external_acl.cc:908:
|
|
ch->auth_user_request != NULL
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 7 22:33:43 UTC 2011 - chris@computersalat.de
|
|
|
|
- fix build
|
|
* add upstream patches
|
|
- 3.1-10415: Portability: SSL library dependency fixes
|
|
- 3.1-10416: Bug #3440: compile error in Adaptation
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 5 09:21:26 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.18
|
|
- Regression: compile error in FTP
|
|
- Changes to squid-3.1.17 (03 Dec 2011):
|
|
- Bug 3432: Crash logging FTP errors
|
|
- Bug 3428: Active FTP data channel accepted twice
|
|
- Bug 3423: access violation in URL parser
|
|
- Bug 3422: Buffer overflow in recv-announce
|
|
- Bug 3412: External ACL Uses Invalid Cache Entry
|
|
- Bug 3408: Wrong header length leads to EFAULTs when creating UFS swap.log.new
|
|
- Bug 3398: persistent server connection closed after PUT/DELETE
|
|
- Bug 3299: dnsserver: various undefined references
|
|
- Bug 3077: '\' in url query strings cause Digest authentication to fail
|
|
- Bug 2910: MemBuf may grow beyond max_capacity
|
|
- Bug 2619: Excessive RAM growth due to unlimited adapted body data consumption
|
|
- Bug 1243: Build overrides configured AR setting
|
|
- Avoid crashes when processing bad X509 common names (CN).
|
|
- Support %% in external ACL format
|
|
- ... and several other compile error fixes
|
|
- ... and several documentation fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 30 18:58:11 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- make coolo's bot reviewer happy
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Nov 30 18:11:27 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Use service type "simple"
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 28 20:18:40 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Support systemd
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Nov 27 06:56:29 UTC 2011 - coolo@suse.com
|
|
|
|
- add libtool as buildrequire to avoid implicit dependency
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Oct 15 14:00:35 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.16
|
|
- Bug 3373: invalid URL in ERR_CACHE_ACCESS_DENIED
|
|
- Bug 3368: Unhandled exceptions are not logged (workaround)
|
|
- Bug 3326: miss_access incorrect default
|
|
- Bug 3320: miss_access description confusing
|
|
- Bug 3241: squid_kerb_auth cross compilation fix
|
|
- Bug 3237: seq fault in free() from rfc1035RRDestroy
|
|
- Bug 3190: Large HTTP POST stuck after early ICAP 400 error response
|
|
- db_auth: display available DSN drivers on connect error
|
|
- Updated OpenSSL 1.0.0 version checks
|
|
- ... and several documentation fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 5 00:32:36 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Build with -DOPENSSL_LOAD_CONF see OPENSSL_config(3) for detail
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 30 15:44:50 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.15
|
|
- Regression fix: vhost and defaultsite causing vport to be ignored
|
|
- Regression Bug 3295: broken escaping in rfc1738_do_escape
|
|
- Bug #3232: fails to compile with OpenSSL v1.0.0
|
|
- Bug #3222: cache_peer name is not logging on CONNECT
|
|
- Bug #3131: fd_table[fd].closing() assert
|
|
from ConnStateData::noteMoreBodySpaceAvailable()
|
|
- Bug #3217: "!fd_table[fd].closing()"
|
|
from ServerStateData::noteMoreBodySpaceAvailable
|
|
- Bug #3213: https sites (CONNECT) not open when using NTLM
|
|
- Bug #3114: Memory leak in SSL certificate verify code
|
|
- Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
|
|
- Bug #2662: cf_gen failure when cross compiling
|
|
- Bug #2655: passing wrong the username to the url_rewrite_program
|
|
- Bug #2495: ignore whitespace prefix on config lines
|
|
- Bug #2051: 'default' cache_peer option does not match documentation
|
|
- Bug #1842: Optimize order of tests in peerWouldBePinged() and peerHTTPOkay()
|
|
- Bug #1791: timestampsSet does not validate Date: if server sends very old date
|
|
- Correct parsing of large Gopher indexes
|
|
- Enable negative cacheing on unknown or -1 expiry timestamp
|
|
- Remove hierarchy_stoplist default value
|
|
- Migrate cf_gen tool from C-style to C++
|
|
- ... and several documentation and compiler warning fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Aug 18 04:33:40 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Disable "ident" lookups, obsolete and dangerous thing
|
|
to have enabled these days.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jul 24 14:29:24 UTC 2011 - chris@computersalat.de
|
|
|
|
- fix build for SLE_10
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 20 04:29:08 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- This is a long running network daemon, build with
|
|
full RELRO
|
|
- remove -fno-strict-aliasing, no longer needed.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 4 22:05:17 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.14
|
|
- Regression Bug 3261: Could not create a DNS socket and exit
|
|
- 3.1.13
|
|
- Regression Bug 3239: problems with myip/myport upgrade
|
|
- Bug 3153: hung ICAP RESPMOD transactions
|
|
- Update ssl_crtd to use 'OK' status inline with other helpers
|
|
- remove obsolete upstream patches (10319,10320)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jun 27 13:42:53 UTC 2011 - chris@computersalat.de
|
|
|
|
- add upstream patches
|
|
o 10319, SourceFormat Enforcemen
|
|
o 10320, Bug 3153: additional compile fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jun 19 18:37:40 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.12.3
|
|
- Bug 3236: Port of %oa, %<lp and %<lp and %<la log format options
|
|
- Bug 3214: unexpected read from ssl_crtd
|
|
- Bug 3153: Prevent ICAP RESPMOD transactions getting stuck with the adapted body
|
|
- Fix RADIUS helper resource leak
|
|
- Fix segfault parsing digest auth realm
|
|
- Fix segfault in parse_eol()
|
|
- Fixed bypass of SSL certificate validation errors
|
|
- Warn about myip/myport problems on interception proxies
|
|
- Polish: display easily grepped config lines on -k parse
|
|
- Fix squidclient -V option and allow non-HTTP protocols to be tested
|
|
- rework patches
|
|
o swapdir 3.1.10 -> 3.1.12.3
|
|
o nobuilddates 3.1.12 -> 3.1.12.3
|
|
- remove obsolete patches
|
|
o 3.1.11-unused
|
|
o 3.1.12-no-sslv2
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 2 14:33:36 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.12.2
|
|
- Bug 3226: Tags from external ACLs do not correctly expire
|
|
- Bug 3215: Malformed IPv6 DNS reverse lookup
|
|
- Bug 3209: ssl-bumped requests forwarded unencrypted to the parent proxies/caches
|
|
- Bug 3205: SSL-bump starts then hangs
|
|
- Bug 3178: gcc-4.6 complains unused variables
|
|
- Bug 3122: Unknown record type in WCCPv2 Packet (6)
|
|
- Bug 2965 (partial): Compile errors on MinGW
|
|
- Fix to only ssl-bump CONNECT requests if they are about to be tunneled
|
|
- Fix cache manager display of -i/+i in regex ACL config display
|
|
- Fix cache manager display of cache_peer options userhash and sourcehash
|
|
- Fix URL re-writer loosing many transaction details
|
|
- Fix always-true comparison in ICAP for some 32-bit platforms
|
|
- Support for 'slow' group ACLs in ssl_bump access control
|
|
- Support OpenSSL 1.0.0 built without SSLv2
|
|
- Support GCC 4.6 and binutils-gold
|
|
- Add CSS id attribute to BODY tag of generated error pages.
|
|
- Display WARNING and ERROR when max_filedescriptors has failed
|
|
|
|
-------------------------------------------------------------------
|
|
Thu May 5 19:27:36 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.12.1
|
|
- Port from 3.2: Dynamic SSL Certificate generation
|
|
- Bug 3194: selinux may prevent ntlm_smb_lm_auth from using /tmp
|
|
- Bug 3185: 3.1.11 fails to compile on OpenBSD 4.8 and 4.9
|
|
- Bug 3183: Invalid URL accepted with url host part of only '@'
|
|
- Display ERROR in cache.log for invalid configured paths
|
|
- Cache Manager: send User-Agent header from cachemgr.cgi
|
|
- ... and many portability compile fixes for non-GCC systems.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 3 17:57:56 UTC 2011 - chris@computersalat.de
|
|
|
|
- rework initscript
|
|
o rename source to squid.init
|
|
o ShouldStart winbind
|
|
o setup cache_dir only if defined in squid.conf
|
|
otherwise squid won't start, cause cache_dir is not set by default
|
|
o new vars to squid.sysconfig
|
|
default_opts '-sYD' -> '-sY' (-D obsolete)
|
|
- remove author from spec
|
|
- updated unused patch (idoenmez@novell.com)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 29 11:10:06 UTC 2011 - idoenmez@novell.com
|
|
|
|
- Add squid-3.1.11-unused.patch: remove write only variables to
|
|
fix compilation with gcc 4.6
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 21 16:05:07 UTC 2011 - chris@computersalat.de
|
|
|
|
- mv RPM_BUILD_ROOT to {buildroot}
|
|
- fdupes only on {buildroot}{_prefix}
|
|
o no symlinks on config files ;)
|
|
hence configs won't be overwritten on update
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 12 13:11:40 UTC 2011 - chris@computersalat.de
|
|
|
|
- rework config patch
|
|
o 3.1.4 -> 3.1.12
|
|
- add some comments for patches
|
|
- sort header TAGS
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 11 03:03:01 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
- Allow compile without SSLv2
|
|
o no-sslv2 patch
|
|
- Supress build dates in binaries.
|
|
o nobuilddates patch
|
|
- Default cache storage type should be "aufs" in Linux
|
|
o update config patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 6 14:15:58 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.12
|
|
(Bugs tracked by http://bugs.squid-cache.org/)
|
|
- Regression fix: Use bigger buffer for server reads.
|
|
- Regression fix: Add reply_header_replace directive for ability lost since 2.7
|
|
- Bug 3181: /dev/poll fails to build on Solaris with GCC 4.5.0
|
|
- Bug 3177: assertion failed: comm.cc:1583: "fd >= 0"
|
|
- Bug 3175: IPv6 PTR lookup crashes on raw-IP URLs when IPv6 disabled
|
|
- Bug 3173: Assertion bodyPipe!=NULL on SslBump CONNECT response writing failure
|
|
- Bug 3164: Total memory info display 32-bit overflows
|
|
- Bug 3155: Werror is hard-coded in libTrie build
|
|
- Bug 3151: squid_kerb_auth: use autoconf LIBS instead of FLAGS for library linkage
|
|
- Bug 2976: invalid URL on intercepted requests during reconfigure
|
|
- Bug 2720: comment in same line as cache/mem_replacement_policy causes error
|
|
- Bug 2621: Provide request headers to RESPMOD when using cache_peer.
|
|
- Bug 2330: AuthUser objects are never unlocked
|
|
- Prevent CONNECT request relaying to origin servers
|
|
- squidclient HTTP/1.1 compliance updates (Pragma and User-Agent headers)
|
|
- squidclient: send Cache Manager password using -w
|
|
- eCAP: give full Request-URI to adapters
|
|
- ... and several debug and error display cleanups
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 13 17:03:55 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.11
|
|
- Bug 3149: not caching eCAP adapted body
|
|
- Bug 3144: redirector program blocks while reading STDIN
|
|
- Bug 3140: memory leak in error page generation
|
|
- Bug 3137: RADIUS auth helper does not send identifier to RADIUS server
|
|
- Bug 3115: logging segfaults if access_log is set to a directory
|
|
- Bug 2968: Show the Vary: headers information in cachemgr objects report
|
|
- Bug 2959: remove SAMBAPREFIX dependency
|
|
- Bug 2868: icc doesn't like string literal in assert checks
|
|
- HTTP/1.1: Send 307 status on deny_info redirection
|
|
- HTTP/1.1: Support POST/PUT with no body
|
|
- HTTP/1.1: Allow persistent connections for Mozilla/3.0 User-Agents
|
|
- Support RFC 5861 Cache-Control: stale-if-error option
|
|
- Add ftp_eprt directive to disable EPRT extensions in FTP
|
|
- Fix external_acl_type grace=0 to obey TTL
|
|
- Fix IP/FQDN cache accounting to avoid idle caches on busy servers
|
|
- Prevent pipeline_prefetch misconfigurations breaking NTLM/Negotiate auth
|
|
- ... and some documentation updates and corrections
|
|
- ... and some portability and stability fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 4 11:49:40 UTC 2011 - chris@computersalat.de
|
|
|
|
- update to 3.1.10
|
|
- Bug 3121: memory leak in DigestAuth: AuthUser object is locked twice
|
|
- Bug 3113: Consuming too much memory when uploading files
|
|
- Bug 3110: 'reply_body_max_size none' does not work with x-forwarded-for
|
|
- Bug 3096: Consuming too much memory when delaying traffic
|
|
- Bug 3091: Bypassed ICAP errors are not counted as service failures
|
|
- Bug 3090: Polish FTP login error handing
|
|
- Bug 3068: cache_dir capacity and usage overflows
|
|
- Bug 3028: Permit wbinfo_group.pl to authenticate Kerberos users with NT domain
|
|
- Bug 427: HTTP Compliance: Support If-Match and If-None-Match requests
|
|
- Fix memory leak in adaptation_access
|
|
- Fix /dev/poll and poll() selection priority
|
|
- Fix PREFIX/var/run creation during install
|
|
- Fix cachemgr http_port config report display
|
|
- Add upgrade help process for obsolete options
|
|
- Accept RFC 2965 Set-Cookie2 / Cookie2 headers as 'known'
|
|
- HTTP/1.1: entry is stale if request has max-age=0
|
|
- HTTP/1.1: do not forward TRACE with Max-Forwards: 0 after REQMOD
|
|
- Toolchain update to support newer auto-tools
|
|
- ... and updated error page translations
|
|
- ... and updated documentation
|
|
- ... and some code optimization/simplification polish
|
|
- reworked swapdir patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 29 23:57:39 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 3.1.9
|
|
- Bug 3088: dnsserver is segfaulting
|
|
- Bug 3084: IPv6 without Host: header in request causes connection to hang
|
|
- Bug 3082: Typo in error message
|
|
- Bug 3073: tunnelStateFree memory leak of host member
|
|
- Bug 3058: errorSend and ICY leak MemBuf object
|
|
- Bug 3057: 64-bit Solaris 9 Squid unable to determine peer IP and port
|
|
- Bug 3056: comm.cc "!fd_table[fd].closing()" assertion crash when a helper dies
|
|
- Bug 3053: cache version 1 LFS support detection broken
|
|
- Bug 3051: integer display overflow
|
|
- Bug 3040: Lower-case domain entries from hosts and resolv.conf files
|
|
- Bug 3036: adaptation_access acls cannot see myportname
|
|
- Bug 3023: url_rewrite_program silently fails to rewrite on broken URLs
|
|
- Bug 2964: Prevent memory leaks when ICAP transactions fail
|
|
- Bug 2808: getRoundRobinParent not handling weights correctly
|
|
- Bug 2793: memory statistics sometimes display wrong
|
|
- Bug 2356: Port from 2.7: Solaris /dev/poll event ports support
|
|
- Bug 2311: crashes with ICAP RESPMOD for HTTP body size greater than 100kb
|
|
- Ensure /var/cache or jail equivalent exists on install
|
|
- HTTP/1.1: delete Warnings that have warning-date different from Date
|
|
- HTTP/1.1: do not remove ETag header from partial responses
|
|
- HTTP/1.1: make date parser stricter to better handle malformed Expires
|
|
- HTTP/1.1: improve age calculation
|
|
- HTTP/1.1: reply with a 504 error if required validation fails
|
|
- HTTP/1.1: add appropriate Warnings if serving a stale hit
|
|
- HTTP/1.1: support requests with Cache-Control: min-fresh
|
|
- HTTP/1.1: do not cache replies to requests with Cache-Control: no-store
|
|
- squidclient: Display IP(s) connected to in verbose (-v) display
|
|
- Fixes several issues with ICAP persistent connections
|
|
- Fixes small leaks in Netdb, DNS, ICAP, ICY, HTTPS
|
|
- ... and some cosmetic polishing
|
|
- removed obsolete patches
|
|
o squid-beta-3.0-ia64 (upstream)
|
|
o squid-beta-3.0-mem_node_64bit (not needed, Amos)
|
|
o squid-3.1.4-openldap (not needed, Amos)
|
|
- reworked swapdir patch
|
|
o send upstream
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Sep 5 18:49:46 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 3.1.8
|
|
- Bug 3033: incorrect information regarding TOS
|
|
- Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL
|
|
- Bug 3005,2972: Locate LTDL headers correctly (again)
|
|
- Bug 2872: leaking file descriptors
|
|
- Bug 2583: pure virtual method called
|
|
- Hardened DNS client against packet queue attacks
|
|
- Hardened HTTP request-line parser
|
|
- Several HTTP/1.1 support improvements
|
|
- Improved cross-compile support
|
|
- .. and several internal pointer safety fixes
|
|
- remove obsolete patches
|
|
o bug2972-real-fix.patch
|
|
o squid-bootstrap.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 31 13:43:26 UTC 2010 - chris@computersalat.de
|
|
|
|
- added bug2972-real-fix.patch
|
|
o fix build for SLE_10
|
|
o but impossible to apply LDAP patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 25 09:46:36 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 3.1.7
|
|
- Regression Bug 3021: Large DNS reply causes crash
|
|
- Regression Bug 3011: ICAP, HTTPS, cache_peer probe IPv4-only port fixes
|
|
- Regression Bug 2997: visible_hostname directive no longer matches docs
|
|
- Bug 3012: deprecate sslBump and support ssl-bump spelling in http_port
|
|
- Bug 3006: handle IPV6_V6ONLY definition missing
|
|
- Bug 3004: Solaris 9 SunStudio 12 build failure
|
|
- Bug 3003: inconsistent concepts in documentation of cache_dir
|
|
- Bug 3001: dnsserver link issues
|
|
- HTTP/1.1: default keep-alive for 1.1 clients (bug 3016)
|
|
- HTTP/1.1: Improved Range header field validation
|
|
- HTTP/1.1: Forward multiple unknown Cache-Control directives
|
|
- HTTP/1.1: Stop sending Proxy-Connection header
|
|
- Fix 32-bit wrap in refresh_pattern min/max values
|
|
- ... and several documentation corrections.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 10 11:07:29 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 3.1.6
|
|
- Bug 2994, 2995: IPv4-only regressions
|
|
- Bug 2991: Wrong parameters to fcntl() in commSetCloseOnExec()
|
|
- Bug 2975: chunked requests not supported after regular ones
|
|
- Fix: 32-bit overflow in reported bytes received from next hop
|
|
- Fix Libtool build regressions
|
|
- Limited split-stack IPv6 support.
|
|
- squid_db_auth support MD5 encrypted passwords
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jul 25 16:16:47 UTC 2010 - chris@computersalat.de
|
|
|
|
- update to 3.1.5
|
|
- Bug 2967: raw-IPv6 address URL with append_domain broken
|
|
- Bug 2950: HTTP responses with no Date, L-M or Expires can now be cached
|
|
- Bug 2943: ICAP tokens not logged when using multiple access
|
|
- Bug 2937: Fails to detect chunked encoding if not given in all lower case
|
|
- Bug 2903: does not send indirect X-Client-Ip in ICAP respmod
|
|
- Fix free memory corruption and off-by-one error when comparing SNMP OIDs
|
|
- Port from 2.7: max_filedescriptor config option
|
|
- Fix persistent_connection_after_error is meant to be on by default
|
|
- ... and several build errors.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 9 11:51:33 UTC 2010 - chris@computersalat.de
|
|
|
|
- fix build for SLE_10
|
|
o added bootstrap patch
|
|
o fix permissions.secure for pam_auth
|
|
- spec mods
|
|
o build with --mandir
|
|
o add BuildReq libcap-devel (TPROXY)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 8 20:54:20 UTC 2010 - chris@computersalat.de
|
|
|
|
- new version 3.1.4
|
|
- Bug 2933: Verification of the max. port number for WCCP2 dynamic service
|
|
- Bug 2924: RADIUS helper compile issues
|
|
- Bug 2922: Fix assertion failed: HttpHeader.cc: "Headers[id].stat.aliveCount"
|
|
- Bug 2919: tcp_outgoing_address ACLs not obeying acl_uses_indirect_client
|
|
- Bug 2896: Fix assertion failed: comm.cc:2063: "!fd_table[fd].closing()"
|
|
- Bug 2879: pt2: 3.0 regression in headers end finding
|
|
- Bug 2877: pt2: only output zero-size warning on reverse-proxy requests
|
|
- Bug 2876: FD_SETSIZE override not working on all linux distributions
|
|
- Bug 2810: common log format generates 2 lines of syslog
|
|
- Bug 2789: Optimize unlimited memory pools, and correctly handle limits over 2GB
|
|
- Bug 2753: Fall back on IPv4 if IPv6 is not present
|
|
- Bug 2697: Adaptation leaks and extra requests after reconfiguration
|
|
- Bug 2633: Fix Ecap::HeaderRep::value(name) fails when there is no named header field
|
|
- Change LDAP helpers to default to LDAP version 3 if available
|
|
- Add Joomla and Salted Hash support to squid_db_auth helper
|
|
- Fixed IpAddress port printing for ports higher than 9999
|
|
- Disable chunked memory pooling by default.
|
|
- ... and several build errors.
|
|
- reworked config patch with fuzz=0
|
|
- removed libxml2 patch
|
|
- added swapdir patch
|
|
- reworked ldap patch
|
|
- adopt build_option storeio: (build all)
|
|
o --enable-storeio=aufs,diskd,null,ufs -> --enable-storeio
|
|
- adopt build_option ntlm-auth-helpers: SMB -> smb_lm
|
|
o ntlm_auth -> ntlm_smb_lm_auth
|
|
- enable parallel build
|
|
- fix permissions file
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 16 22:18:08 UTC 2010 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE25
|
|
- Bug 2845: Rework the http digest auth parser
|
|
- Bug 2787: unknown/unexpected status code messages
|
|
- Bug 2507: squid_ldap_group: Strip Domain name separated by +
|
|
- Bug 2367: stale=true on digest requests with unknown nonce
|
|
- ... and several other minor corrections
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Feb 16 09:33:33 UTC 2010 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE24
|
|
* Bug 2858: Segment violation in HTCP
|
|
* Updated refresh pattern for dynamic pages
|
|
- version 3.0.STABLE23
|
|
* Bug 2856: removing assert() required for 3.0 patch for SQUID-2010:1
|
|
* Regression Fix: Build error in Kerberos helper after library removal.
|
|
- version 3.0.STABLE22
|
|
* Regression Fix: Make Squid abort on all config parse failures.
|
|
* Bug 2787: Reduce unexpected http status to non-critical warnings.
|
|
* Bug 2496: Downloading some variants in full before relaying
|
|
* Bug 2452: Add upper limit to external_acl_type entries.
|
|
* Removed optional kerberos/spnegohelp/ library due to licensing issues
|
|
* Add client_ip_max_connections
|
|
* Handle DNS header-only packets as invalid.
|
|
- version 3.0.STABLE21
|
|
* Bug 2830: Clarify where NULL byte is in headers.
|
|
* Bug 2778: Linking issues using SunCC
|
|
* Bug 2395: FTP errors not displayed
|
|
* Bug 2155: Assertion failures on malformed Content-Range response headers
|
|
* Fix parsing and a few bugs in ACL time type
|
|
* Fix RFC keep-alive compliance on intercepted replies
|
|
* Improved security hardening on %nn parser
|
|
* Replace several GCC-specific code snippets.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 9 20:40:30 UTC 2009 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE20
|
|
* Bug 2794: ESI parsing on FreeBSD
|
|
* Bug 2791: assertion failed: MemBuf.cc:400: new_cap > (size_t) capacity
|
|
* Bug 2779: Support GNU/kFreeBSD
|
|
* Bug 2773: Segfault in RFC2069 Digest authantication
|
|
* Bug 2768: squid_ldap_group argument parsing error
|
|
* Bug 2761: Gopher and double HTTP response header
|
|
* Bug 2735: Incomplete -fhuge-objects detection
|
|
* Bug 2722: prevent CONNECT via http_port with accel
|
|
* Bug 2624: Invalid response for IMS request
|
|
* Bug 2510: digest_ldap_auth TLS support
|
|
* Correct LINUX_CAPABILITY actions on non-Linux
|
|
- removed old upstream patches
|
|
o squid-3.0-9107.patch - squid-3.0-9124.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Oct 7 23:58:37 CEST 2009 - chris@computersalat.de
|
|
|
|
- added upstream patches
|
|
o squid-3.0-9107.patch - squid-3.0-9124.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 14 13:37:55 UTC 2009 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE19
|
|
* Bug 2745: Invalid Response error on small reads
|
|
* Bug 2739: DNS resolver option ndots can't be parsed from resolv.conf
|
|
* Bug 2734: some compile errors on Solaris
|
|
* Bug 2648: stateful helpers stuck in reserved if client disconnects while helper busy
|
|
* Bug 2541: Hang in 100% CPU loop while extacting header details
|
|
using a delimiter other than comma
|
|
* Bug 2362: Remove support for deferred state in stateful helpers
|
|
* Add 0.0.0.0 as a to_localhost address
|
|
* Docs: Improve chroot directive documentation slightly
|
|
* Fixup libxml2 include magics, was failing when a configure cache was used
|
|
* ... and some minor testing improvements.
|
|
- spec mods
|
|
o adding group winbind, add squid to group winbind
|
|
when using squid with samba-winbind for ntlm_auth
|
|
squid needs read access to /var/lib/samba/winbindd_privileged
|
|
group winbind is added if squid is installed before winbind ;)
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 5 20:21:53 CEST 2009 - chris@computersalat.de
|
|
|
|
- added upstream patches
|
|
o b9097 - b9103
|
|
- rpmlint
|
|
o added fdupes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 2 13:15:45 UTC 2009 - chris@computersalat.de
|
|
|
|
- cleanup spec
|
|
o removed #--------
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 1 10:04:02 CEST 2009 - coolo@novell.com
|
|
|
|
- remove outdated patches
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 31 10:30:54 CEST 2009 - coolo@novell.com
|
|
|
|
- merge factory changes with buildservice
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 30 20:03:46 UTC 2009 - aj@suse.de
|
|
|
|
- Fix patch numbering for rpm 4.7.
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 26 12:53:54 CEST 2009 - mls@suse.de
|
|
|
|
- make patch0 usage consistent
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 21 13:27:52 UTC 2009 - chris@computersalat.de
|
|
|
|
- added upstream patches
|
|
o b9095, b9096
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Aug 15 16:26:30 CEST 2009 - chris@computersalat.de
|
|
|
|
- added upstream patches
|
|
o b9089 - b9094
|
|
o disabled b9089,b9090,b9092 cause can not patch inexistent file
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 11 11:10:13 UTC 2009 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE18:
|
|
* Bug 2728: regression: assertion failed: !eof
|
|
* Bug 2732: reply_body_max_size smaller than error page loops
|
|
infinitely until out of memory
|
|
* Bug 2725: pconn failure if domain or client_address are unset
|
|
* Bug 2648: reserved helpers not shut down after reconfigure/rotate
|
|
* Bug 2462: make check should tell when cppunit is missing
|
|
* Remove excess messages about headers < minimum size
|
|
* Support Libtool 2.2.6
|
|
- Changes to squid-3.0.STABLE17 (27 Jul 2009):
|
|
* Bug 2680 regression: Crash after rotate with no helpers running
|
|
* Bug 2710: squid_kerb_auth non-terminated string
|
|
* Bug 2679: strsep and strtoll detection failure
|
|
* Bug 2674: Remove limit on HTTP headers read.
|
|
* Bug 2659: String length overflows on append, leading to segfaults
|
|
* Bug 2620: Invalid HTTP response codes causes segfault
|
|
* Bug 2080: wbinfo_group.pl - false positive under certain conditions
|
|
* Bug 1087: ESI processor not quoting attributes correctly.
|
|
* Fix: issue with AUFS/UFS/DiskD writing objects to disk cache
|
|
* Several small build issues with previous release.
|
|
for full changes list, see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE18-RELEASENOTES.html
|
|
- removed squid-3.0.STABLE16-gcc_warn_kerb_auth.patch
|
|
- removed changed, deprectated configure options
|
|
o deprecated:
|
|
--enable-poll
|
|
o changed to default:
|
|
--enable-htcp
|
|
--enable-snmp
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Jul 25 19:27:34 CEST 2009 - chris@computersalat.de
|
|
|
|
- spec mods
|
|
* removed ^----------
|
|
* removed ^#---------
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 23 18:22:09 CEST 2009 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE16:
|
|
* Bug 2672: cacheMemMaxSize 32-bit overflow during snmpwalk
|
|
* Bug 2481: Don't set expires: now in generated error responses
|
|
* Bug 2387: The calculation of the number of hash buckets correctly
|
|
* Fix infinite loop in MSNT auth helper
|
|
* Fix FD_SETSIZE on FreeBSD
|
|
* Fix stripping NT domain in squid_ldap_group
|
|
* Fix RADIUS auth helper build
|
|
* Add Translate: and Unless-Modified-Since: headers to known list
|
|
* Make fakeauth handle NTLMv2 better
|
|
* Better Kerberos support detection
|
|
* Several Widows port fixes
|
|
- Changes to squid-3.0.STABLE16-RC1 (16 May 2009):
|
|
* Bug 1148: Ported from 3.1: Chunked Transfer Encoding
|
|
* Bug 2648: NTLM helpers not shutting down when deferred
|
|
- Changes to squid-3.0.STABLE15 (06 May 2009):
|
|
* Regression Bug 2635: Incorrect Max-Forwards header type
|
|
* Bug 2652: 'Success' error on CONNECT requests
|
|
* Bug 2625: IDENT receiving errors
|
|
* Bug 2610: ipfilter support detection
|
|
* Bug 2578: FTP download resume failure
|
|
* Bug 2536: %H on HTTPS error pages
|
|
* Bug 2491: assertion "age >= 0"
|
|
* Bug 2276: too many NTLM helpers running
|
|
* Endian system and compiler fixes provided by the NetBSD project
|
|
* documentation fixes provided by the Debian project
|
|
- Changes to squid-3.0.STABLE14 (11 Apr 2009):
|
|
* Regression Fix: HTTP/0.9 in accelerator mode
|
|
* Bug 1232: cache_dir parameter limited to only 63 entries
|
|
* Bug 1868: support HTTP 207 status
|
|
* Bug 2518: assertion failure on restart/reconfigure
|
|
* Bug 2588: coredump in rDNS lookup
|
|
* Bug 2595: Out of bounds memory write in squid_kerb_auth
|
|
* Bug 2599: Idempotent start
|
|
* Bug 2605: Prevent setsid() on helpers in daemon mode
|
|
* Fix external_acl_type option parsing
|
|
* Fix delay pools counters on FTP
|
|
* Fix several issues with ident (some remain)
|
|
* Fix performance issues with persistent connections
|
|
* Fix performance issues with delay pools
|
|
* Fix forwarding of OPTIONS requests
|
|
* Add support for HTTP 1.1 Content-Disposition header
|
|
* Add support for Windows 7, Windows Server 2008 R2 and later
|
|
* ... and many small documentation updates
|
|
for full changes list, see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE16-RELEASENOTES.html
|
|
- reworked gcc_warn_kerb_auth
|
|
* was partially added
|
|
- added after RELEASE patches
|
|
* b9052 - b9067
|
|
for full changes list, see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE16.html
|
|
- some spec mods
|
|
* removed {rel}
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 10 16:54:49 CEST 2009 - ro@suse.de
|
|
|
|
- strchr returns a const char* now, work around
|
|
|
|
-------------------------------------------------------------------
|
|
Sun May 3 15:34:27 CEST 2009 - chris@computersalat.de
|
|
|
|
- some spec fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 19 19:53:26 UTC 2009 - chris@computersalat.de
|
|
|
|
- new version 3.0.STABLE13:
|
|
* following patches removed from build
|
|
* b8898.patch
|
|
* b8900.patch
|
|
* b8902.patch
|
|
* b8904.patch
|
|
* b8905.patch
|
|
* b8906.patch
|
|
* b8907.patch
|
|
- some rpmlint fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Feb 18 12:37:05 UTC 2009 - chris@computersalat.de
|
|
|
|
- fixed failing fillup
|
|
- fixed expansion error for SLES_9
|
|
- added KRB5_KTNAME to sysconfig file
|
|
mods to init script
|
|
- added README.kerberos
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 28 16:40:00 CET 2009 - kssingvo@suse.de
|
|
|
|
- update to squid-3.0.STABLE13 with these fixes:
|
|
* ICAP filters break download resume
|
|
* HTCP fails without icp_port
|
|
* logformat '%tl' field not working as advertised
|
|
* Policy: Change half_closed_clients default to off
|
|
* Policy: Removed -V command line option, deprecated by 2.6
|
|
* filedescriptors being left unnecessary opened
|
|
* fault passing ICAP filtered traffic to peers
|
|
* Sefgaults in MemBuf::reset during idnsSendQuery
|
|
* bad default in ACLChecklist
|
|
* access.log request size tag
|
|
* cache_peer forceddomainname=X option
|
|
... and few minor ones. For complete list see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE12.html
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 6 15:59:17 CET 2008 - kssingvo@suse.de
|
|
|
|
- reworked on sysconfig files (bnc#439006)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 27 16:48:56 CET 2008 - kssingvo@suse.de
|
|
|
|
- update to squid-3.0.STABLE10, fixes mainly:
|
|
bad assert in forwarding
|
|
Segfault on failed TCP DNS query
|
|
DNS requests getting stuck in idns queue
|
|
FTP PUT gives bad gateway
|
|
... and few minor ones. For complete list see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE10.html
|
|
- removed old patches, which were included upstream now
|
|
- renamed sysconfig.squid to sysconfig.squid3 (bnc#439006)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 13 14:52:39 CEST 2008 - kssingvo@suse.de
|
|
|
|
- reenabled linux-netfilter in configure as seems to work now again
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 2 14:36:14 CEST 2008 - kssingvo@suse.de
|
|
|
|
- added official patches:
|
|
* assertion fix in forward.cc
|
|
* bad links in ./configure due to website changes
|
|
* define DEFAULT_CACHEMGR_CONFIG before its first use
|
|
* don't strcmp Config.Log.store if it's NULL in storeLogOpen
|
|
* workaround: When dns_error_message value is lost
|
|
* ftp put gives bad gateway but put is correct
|
|
* fix of a compilation error
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 10 12:40:46 CEST 2008 - kssingvo@suse.de
|
|
|
|
- new version 3.0.STABLE9:
|
|
* Correct HTCP stats
|
|
* fix: mgr:active_requests always returns "delay_pool 0"
|
|
* fix: 3.0 must still wrap CARP properly
|
|
* Improve display on fd debug output
|
|
* Correct ICAP notes: *_postcache vector points not coded
|
|
* fix: squid_ldap_group -h reports the old % codes for -f
|
|
* Fix: Unsupported method in request may show raw binary data in log
|
|
* Fix: cppunit tests broken by squid.h defines
|
|
* fix: no_check.pl ntlm helper never sends challenge
|
|
* Increase buffer in authenticateNegotiateStart / squid_kerb_auth
|
|
* peer name not logged in access.log like expected, instead the ip
|
|
address is logged
|
|
* Fixed typo in squid.h which would prevent leak checking for arrays
|
|
* COSS removal from 3.0
|
|
* Use safe functions in basic auth MSNT helper
|
|
for full changes list, see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE8.html
|
|
- removed coss as disk storage method, as it became unstable now
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Aug 20 12:29:36 CEST 2008 - kssingvo@suse.de
|
|
|
|
- fixed configure option:
|
|
* change from "with-large-files" to "enable-large-files"
|
|
* removed netfilters (kernel 2.4) option
|
|
- fixed init script
|
|
- added sysconfig as in squid
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jul 22 16:08:26 CEST 2008 - kssingvo@suse.de
|
|
|
|
- new version 3.0.STABLE8:
|
|
* Support for cachemgr sub-actions
|
|
* userhash peer selection method
|
|
* sourcehash peer selection method
|
|
* round-robin balancing fixes
|
|
* acl documentation cleanup
|
|
* cachemgr.cgi HTML output encoding
|
|
* Regression: Log format size options
|
|
* Correct the opening of PF device file.
|
|
* ICAP accept mechanism
|
|
* Regression: fakeauth_auth crashes
|
|
* Boost error pages HTML standards.
|
|
* Fixes several issues on 64-bit systems
|
|
* Fixes several issues on older or stricter compilers
|
|
* Linux-2.6.24/2.6.25 netfilter_ipv4.h __u32 workaround
|
|
* Update Release Notes: 'all' ACL is built-in since 3.0.STABLE1
|
|
for full changes list, see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE8.html
|
|
- removed unneccesary compiler warning patch
|
|
- added new patch for warnings in kerberos auth
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 2 16:13:35 CEST 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE7, which is mainly a bugfix version only:
|
|
* important fix for ASN.1 DoS (no CVE)
|
|
* spelling corrections
|
|
* assertion on ESI page
|
|
* in snmp reporting
|
|
* (extra) whitespaces in logfile
|
|
* added note that negative_ttl is a HTTP violation
|
|
* Memory allocation problem in restoreCapabilities(), tools.cc
|
|
* etc.
|
|
for full change list see:
|
|
http://www.squid-cache.org/Versions/v3/3.0/changesets/SQUID_3_0_STABLE7.html
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 21 17:39:14 CEST 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE5, which is mainly a bugfix version only:
|
|
* fix in parsing cachemgr.conf
|
|
* segfault in tunnelConnectTimeout()
|
|
* segfault in MemBuf::append()
|
|
* basic auth leaks memory
|
|
* access_log syslog results in blanks syslog lines
|
|
* umask support with porting from 2.6
|
|
* segfault in AuthDigestUserRequest::authUser
|
|
* ntlm_auth helper resolves DC hostname to 0
|
|
... and some minor bugfixes more
|
|
- added cachemngr.conf.default to files
|
|
|
|
-------------------------------------------------------------------
|
|
Mon May 19 19:39:48 CEST 2008 - kssingvo@suse.de
|
|
|
|
- added "sharedscripts" to logrotate (bnc#388088)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri May 9 15:36:15 CEST 2008 - schwab@suse.de
|
|
|
|
- Use autoreconf.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 29 17:39:40 CEST 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE5, which is mainly a bugfix version only:
|
|
* Bypassing 403 and 404 status to ICAP using icap_access - Failed
|
|
* file uploads (RFC1867) fail with "error:double-CR"
|
|
* Range tests failing.
|
|
* crashes/restarts when ICAP enabled on respmod for HTTP body size
|
|
greater than 100kb
|
|
* Support for resolv.conf 'domain' option
|
|
* Fix for incorrect default time/date log format
|
|
* Fix: reentrant debugging crashes Squid
|
|
* better handling of intercepted URI
|
|
* better port for non-FQDN URI lookups
|
|
* Improved logging, including incorrect timestamp format in earlier
|
|
3.0 releases
|
|
* Support for profiling on x86 64-bit systems
|
|
- removed upstream patches, which are now included in source tarball
|
|
- removed own compiler warning patch (now upstream)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 17 12:07:17 CEST 2008 - kssingvo@suse.de
|
|
|
|
- added official patches:
|
|
* increase MAX_URL to 8192
|
|
* Honor 0x and 0 prefixes as numeric base indication when parsing
|
|
squid.conf integer options.
|
|
* Correct and simplify parsing of list headers
|
|
* Fix processing of large reply headers
|
|
* Removed execute bit from various non-executable source files
|
|
* assertion failed: HttpHdrContRange.cc:100: "spec->length >= 0"
|
|
* Fallback on transparent interception mode even if the connection
|
|
didn't seem to be transparently intercepted
|
|
* fix pt 2: DIRECT/<ip> mixed with DIRECT/
|
|
* Fallout from build-testing the new backports.
|
|
- fixed a compiler warning, which got treated as an error
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 7 18:46:46 CEST 2008 - kssingvo@suse.de
|
|
|
|
- fix for unpackaged non-man pages (SLE9, SLE10 build failures)
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Apr 7 18:26:43 CEST 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE2:
|
|
* improved HTTP 1.1 support
|
|
* Proxy-Authentication regression
|
|
* Strip Domain from NTLM usernames for use in class 4 Delay Pools
|
|
* compile error slipped into STABLE3
|
|
* ... and as usual Many bug fixes since STABLE 2.
|
|
Please, have a look into included ChangeLog file for details.
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 18 16:11:37 CET 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE2:
|
|
* Add myportname ACL for matching the accepting port name (see
|
|
release notes)
|
|
* Add include directive for squid.conf (see release notes)
|
|
* Add ability to strip kerberos realm from usernames during Auth
|
|
* License cleanup to comply with GPLv2 or later
|
|
* Updated Error Pages and Translations
|
|
* Updated configuration examples
|
|
* Updated valgrind support for valgrind-3.3.0
|
|
* Improved support for Windows and MacOS X Leopard
|
|
* Improved support for files larger than 2GB
|
|
* Improved support for CARP arrays and WCCPv2
|
|
* Improved cachmgr, SNMP, and log reporting
|
|
* ... and as usual Many bug fixes since STABLE 1
|
|
- removed unnecessary, official patches for STABLE1
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 12 13:39:43 CET 2008 - kssingvo@suse.de
|
|
|
|
- added many official patches:
|
|
* Squid Bugzilla #2250: double-freeing memory in http_port name=
|
|
option code.
|
|
* Optimisation cleanup of fake_auth
|
|
* Fix Castings slipped out of back-ported patches from 3.1.
|
|
* Update errors/list to match the actual list of error pages used
|
|
* Added a CPPUNIT assertion to test whether a failed CPPUNIT test
|
|
case properly
|
|
* Several String fixes.
|
|
* The connect(2) system call might return "connection ready"
|
|
* Sort cache list in wccpv2 to ensure a consistent hash
|
|
allocation across all serv
|
|
* Squid Bugzilla #1978: fwdServerClose retries non-idempotent
|
|
methods
|
|
* Squid Bugzilla #2172: When user fails authentification Squid
|
|
restarts
|
|
* Squid Bugzilla #2186: NONE/- due to persistent connections
|
|
* Squid Bugzilla #2189 fix: when dumping SNMP oids, do not
|
|
overrun the result buffer.
|
|
* Assert that checklist and request are set instead of
|
|
segfaulting as in bug 2168
|
|
* Squid Bugzilla #1923 fix: Do not send hop-by-hop headers to the
|
|
ICAP server.
|
|
* Squid Bugzilla #1933 fix: Fixed memory pools configuration
|
|
reporting.
|
|
* Squid Bugzilla #2110 fix: When Squid is shutting down, disable
|
|
persistent connections
|
|
* Squid Bugzilla #2153: Use the cache_peer name in CARP hashing
|
|
to support multiple peers on the same host
|
|
* Add check for glob() and glob.h availability
|
|
* make include support wildcards, and document the directive
|
|
(copied from squid-2)
|
|
* Use our own strwordtok instead of strtok_r. Not only is it
|
|
portable, but also understands quoting and escaping
|
|
* Squid Bugzilla #2180 (update) - include minor issues
|
|
* include directive for squid.conf
|
|
* More off_t related cleanups triggered by Squid Bugzilla #2164.
|
|
* Squid Bugzilla #2164: assertion failed: stmem.cc:321:
|
|
"candidate.offset >= 0"
|
|
* Squid Bugzilla #2150: Connection hangs on automatic retry
|
|
* Squid Bugzilla #2175: Update valgrind support for
|
|
valgrind-3.3.0
|
|
* Random authenticaiton failures when using Digest authentication
|
|
* digest auth related memory corruption
|
|
* Allow informal errors on stderr when using -k parse
|
|
* Squid Bugzilla #2063: Hide debugging messages before cache.log
|
|
is opened
|
|
* Squid Bugzilla #2018: dead_peer_timeout fails to declare peer
|
|
dead
|
|
* Squid Bugzilla #2114: cache memory accounting not working well
|
|
* Fix some minor casting errors affecting cachemgr reporting when
|
|
cache/mem >2GB
|
|
* Squid Bugzilla #2231: Compile error in squid_kerb_auth under
|
|
Mac OS X 10.5.2
|
|
* Squid Bugzilla #2101: Reuse pconns using LIFO
|
|
* Squid Bugzilla #2159: WCCPv2 assertion failure on Mask
|
|
assignment
|
|
* Kill unused body_size variable
|
|
* Kill obsolete phttpd/0.99.72 malformed HEAD response
|
|
workaround.
|
|
* License cleanup to comply with GPLv2 or later.
|
|
* Sync store meta assignments with Squid-2.
|
|
* Don't be so verbose about not yet implemented store meta data
|
|
types
|
|
* Accept some unknown store meta entries without throwing away
|
|
the rest.
|
|
* Patch to strip kerberos realm from username
|
|
* Clean up of deferred reads and delay pools was not applied to
|
|
comm_select_win32.cc
|
|
* Fix missing default disk store type into QUICKSTART example.
|
|
* Alter caching policy for Dynamic Objects.
|
|
* Squid Bugzilla #2166 - Error compiling on Mac OS X 10.5 Leopard
|
|
* Correct example IPs in tcp_outgoing_address config
|
|
* Squid Bugzilla #2189 - wrong parameters used for memset
|
|
- removed our patches, which are upstream included now
|
|
- worked on BuildRequires:
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 15 15:04:06 CET 2008 - kssingvo@suse.de
|
|
|
|
- update to version 3.0.STABLE1:
|
|
* Updated changelog for 3.0.STABLE1 release
|
|
* MFC
|
|
* Name the upcoming release 3.0.STABLE1 MFC
|
|
* Remove references to myself and NLANR, add pointer to COPYRIGHT
|
|
file
|
|
* Change old info@ircache.net contact address to
|
|
info@squid-cache.org
|
|
* Fixed more compile errors after removal of snprintf.h
|
|
* Fix compile errors after removal of snprintf.h
|
|
* Removed the following debugging line, numerous copies of which
|
|
used to appear
|
|
* Set default formatting flags for the debugging stream to
|
|
"fixed" with a
|
|
* Delete now unused snprintf.h header file
|
|
* removed lib/snprintf.c credits as it's no longer shipped with
|
|
Squid
|
|
* Kill GPL-incompatible (Apache) lib/snprintf.c source.
|
|
* assertion failed: comm.cc:116: "ccb->active == false"
|
|
* squid.conf, others overwrite -X
|
|
* Wrap equation argument to debugs() properly.
|
|
* Correct attribution of current MD5 changes.
|
|
* Fix typo added during some patch.
|
|
* Fix SegFault when NetDB asked to ping a zero-length
|
|
domain/hostname
|
|
* allow pending cache hits when delay pools not compiled in pack
|
|
header entries on cache updates
|
|
* Update to Squid MD5 syntax
|
|
* Correct update of 304 headers
|
|
* Make squid_db_auth reopen the database connection on each query
|
|
by default
|
|
* Updated MD5 credits (no longer RSA). Removed winbind credits
|
|
(no longer shipped with Squid)
|
|
* Drop the RSA licensed MD5 implementation, and use the one
|
|
shipped with Squid instead
|
|
* Change priority of proxy auth and extacl provided username in
|
|
login=*:pass
|
|
* Declare Squid 3 Windows support NOT STABLE.
|
|
* Fix build failure caused by a typo.
|
|
* Renamed "SQUID_ESI" to "USE_SQUID_ESI" at request of other
|
|
developers
|
|
* Change 'ESI' define to 'SQUID_ESI'
|
|
* More fixes for recent MD5 mixups
|
|
* Fix-fix for MD5.
|
|
* fix GCC 4.3 warnings, part 1
|
|
* operator != declared outside of the HttpRequestMethod class
|
|
results in
|
|
* Returning -1 in the unreached portion of u_short GetService()
|
|
code results in
|
|
* partial fix: Allocate space for a NULL terminator of the helper
|
|
* RFC 1157 - SNMP v1 Protocol is used by squid.
|
|
* Enable squid to lookup /etc/services for named peer ports.
|
|
* Re-fix libmd5 detection on configure
|
|
* Solaris 10 appears to provide MD5 natively
|
|
* Add some include-protection to IPInterception.cc
|
|
* Extended the Squid -> Rewriter interface with key=value pairs
|
|
* Close three possible buffer over/under-runs
|
|
* Looks like 'dstdomain' and 'dstdomain_regex' ACLs were broken.
|
|
* Spelling.
|
|
* Code cleanup.
|
|
* NetBIOS is now officially obsolete.
|
|
* fix: Better handling of HTTP 206 Partial Content responses.
|
|
* Added debugging while investigating
|
|
* RFC bits omitted earlier.
|
|
* RFC 3162 - updated RADIUS authentication protocol
|
|
* Policy Change: Make all ACL a predefined default.
|
|
* Add RFC 1902, 1905 - SNMP Protocols used by squid.
|
|
* Close several unsafe control paths after fatalf()
|
|
* Close several unsafe control paths after self_destruct()
|
|
* fix: handle REQMOD HTTP responses without body
|
|
* fix: SegFault in tunnelConnectTimeout error page generation.
|
|
* Need to read clearer. We agreed on allow localnet->deny all.
|
|
* Alter policy of ICP and HTCP access to default allow only local
|
|
networks
|
|
* autoconf 2.61 works.
|
|
* Add notes about htcp_access effects on HTCP peers to config.
|
|
* Update udp_(incoming|outgoing)_address option docs to reflect
|
|
current state.
|
|
* Respect DNS ttl=0
|
|
* Digest delays are no longer bound to any fixed unit of time.
|
|
* digest_generation docs should reference compile option not
|
|
internal macro.
|
|
* 3.0RC1: Add stub ERR_ESI and ERR_ICAP_FAILURE documents to
|
|
errors/Armenian
|
|
* Likely fix for helper-related SEGV shortly after reconfigure
|
|
* automake 1.10 also works..
|
|
* More >2GB fixes. BodyPipe::unproducedSize() method should also
|
|
return an uint64_t
|
|
- squid3 now obsoletes squid (= squid2)
|
|
- renamed patches, removed unused patches
|
|
- removed obsolete use of suse 8.0 version requirement
|
|
- changed X-UnitedLinux-Should-XXX to Should-XXX in init script
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Dec 12 18:25:27 CET 2007 - kssingvo@suse.de
|
|
|
|
- BuildRequires doesn't need openldap2 anymore. fixed.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 29 11:10:33 CET 2007 - kssingvo@suse.de
|
|
|
|
- removed gcc-4.3 patch, now in upstream
|
|
- added many upstream patches:
|
|
* Fix typo added during some patch.
|
|
* Fix SegFault when NetDB asked to ping a zero-length
|
|
domain/hostname
|
|
* Bug #2096: allow pending cache hits when delay pools not
|
|
compiled in
|
|
* pack header entries on cache updates
|
|
* Update to Squid MD5 syntax
|
|
* Correct update of 304 headers
|
|
* Make squid_db_auth reopen the database connection on each
|
|
query by default
|
|
* Updated MD5 credits (no longer RSA). Removed winbind credits
|
|
(no longer shipped with Squid)
|
|
* Drop the RSA licensed MD5 implementation, and use the one
|
|
shipped with Squid instead
|
|
* Change priority of proxy auth and extacl provided username in
|
|
login=*:pass
|
|
* Declare Squid 3 Windows support NOT STABLE.
|
|
* Fix build failure caused by a typo.
|
|
* Renamed "SQUID_ESI" to "USE_SQUID_ESI" at request of other
|
|
developers
|
|
* Change 'ESI' define to 'SQUID_ESI'
|
|
* More fixes for recent MD5 mixups
|
|
* Fix-fix for MD5.
|
|
* Bug #2123 fix, part 1: GCC 4.3 warnings
|
|
* operator != declared outside of the HttpRequestMethod class
|
|
results in
|
|
* Returning -1 in the unreached portion of u_short GetService()
|
|
code results in
|
|
* Bug #2123 partial fix: Allocate space for a NULL terminator
|
|
of the helper
|
|
* RFC 1157 - SNMP v1 Protocol is used by squid.
|
|
* Enable squid to lookup /etc/services for named peer ports.
|
|
* Re-fix libmd5 detection on configure
|
|
* Solaris 10 appears to provide MD5 natively
|
|
* Add some include-protection to IPInterception.cc
|
|
* Extended the Squid -> Rewriter interface with key=value pairs
|
|
* Close three possible buffer over/under-runs
|
|
* Looks like 'dstdomain' and 'dstdomain_regex' ACLs were
|
|
broken.
|
|
* Spelling.
|
|
* Code cleanup.
|
|
* NetBIOS is now officially obsolete.
|
|
* Bug #2116 fix: Better handling of HTTP 206 Partial Content
|
|
responses.
|
|
* Added debugging while investigating bug #2116.
|
|
* RFC bits omitted earlier.
|
|
* RFC 3162 - updated RADIUS authentication protocol
|
|
* Policy Change: Make all ACL a predefined default.
|
|
* Add RFC 1902, 1905 - SNMP Protocols used by squid.
|
|
* Close several unsafe control paths after fatalf()
|
|
* Close several unsafe control paths after self_destruct()
|
|
* Author:Rafael Martinez <rmartine@fdi.ucm.es>
|
|
* Author: Rafael Martinez <rmartine@fdi.ucm.es>
|
|
* Bug #2104 fix: handle REQMOD HTTP responses without body
|
|
* Bug #2098 fix: SegFault in tunnelConnectTimeout error page
|
|
generation.
|
|
* Need to read clearer. We agreed on allow localnet->deny all.
|
|
* Alter policy of ICP and HTCP access to default allow only
|
|
local networks
|
|
* autoconf 2.61 works.
|
|
* Add notes about htcp_access effects on HTCP peers to config.
|
|
* Update udp_(incoming|outgoing)_address option docs to reflect
|
|
current state.
|
|
* Bug #2100: Respect DNS ttl=0
|
|
* Digest delays are no longer bound to any fixed unit of time.
|
|
* digest_generation docs should reference compile option not
|
|
internal macro.
|
|
* Bug #2094: 3.0RC1: Add stub ERR_ESI and ERR_ICAP_FAILURE
|
|
documents to errors/Armenian
|
|
* Likely fix for helper-related SEGV shortly after reconfigure
|
|
* automake 1.10 also works..
|
|
* More >2GB fixes. BodyPipe::unproducedSize() method should
|
|
also return an uint64_t
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 20 12:30:45 CET 2007 - kssingvo@suse.de
|
|
|
|
- added "squid-beta" to Conflicts: section
|
|
- removed unneeded snprintf.c due to license issue (bugzilla#341246)
|
|
- replace md5.c and md5.h by GPL version (bugzilla#341246)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Nov 13 11:42:02 CET 2007 - kssingvo@suse.de
|
|
|
|
- fixed gcc-4.3 "-Wall -Werror" issues
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 8 10:00:27 CET 2007 - kssingvo@suse.de
|
|
|
|
- initial try with RC1, based on squid-beta
|
|
|