Skip to content

Releases: kinkie/squid

v4.9

25 Dec 23:16
@kinkie kinkie
SQUID_4_9
69be6ba
Compare
Choose a tag to compare
v4.9

Changes to squid-4.9 (05 Nov 2019):

- Bug 4978: eCAP crash after using MyHost().newRequest()
- Bug 4970: excessive gnutls_certificate_credentials debug msgs
- Bug 4969: GCC-9 build failure: stringop-truncation
- Bug 4966: Lower cache_peer hostname
- Bug 4918: Crashes when using OpenSSL prior to v1.0.2
- TLS: Fix parsing of certificate validator responses
- TLS: Fix parsing of TLS messages that span multiple records
- TLS: Fix on_unsupported_protocol tunnel action
- TLS: Fix expiration of self-signed generated certs to be 3 years
- HTTP: Ignore malformed Host header in intercept and reverse proxy mode
- HTTP: RFC 7230: server MUST reject messages with BWS after field-name
- HTTP: Fix URN response handling
- HTTP: Hash Digest noncedata
- Update URI parser to use SBuf parsing APIs
- Prevent truncation for large origin-relative domains
- Fix several rock cache_dir corruption issues
- Debug detail validation errors for loaded-from-file certificate chains
- smblib: Improve SMB server name maintenance
- cachemgr.cgi: Add validation for hostname parameter
- ... and several compile issues
- ... and some documentation updates
Assets 8
Loading

v4.8

25 Dec 23:16
@kinkie kinkie
SQUID_4_8
fede82b
Compare
Choose a tag to compare
v4.8

Changes to squid-4.8 (09 Jul 2019):

- Bug 4957: Multiple XSS issues in cachemgr.cgi
- Bug 4953: to_localhost does not include ::
- Bug 4937: cachemgr.cgi: unallocated memory access
- Bug 4936: terminating c-strings beyond BASE64_DECODE_LENGTH
- Bug 4889: Ignore ECONNABORTED in accept(2)
- Bug 4842: Memory leak when http_reply_access uses external_acl
- TLS: Fix tls-min-version= being ignored
- TLS: Add the NO_TLSv1_3 option to available tls-options values
- HTTP: RFC 7230 forbids generation of userinfo subcomponent of https URL
- HTTP: Remove userinfo support from old protocols
- HTTP: Fix Digest auth parameter parsing
- HTTP: Send Connection:close with the known-last request on a connection
- HTTP: Fix handling of tiny invalid responses
- Replace uudecode with libnettle base64 decoder
- Update HttpHeader::getAuth to SBuf
- ... and some compile issues
Assets 8
Loading

v4.7

25 Dec 23:16
@kinkie kinkie
SQUID_4_7
2e17b02
Compare
Choose a tag to compare
v4.7

Changes to squid-4.7 (06 May 2019):

- Bug 4942: --with-filedescriptors does not do anything
- Bug 4928: Cannot convert non-IPv4 to IPv4
- Bug 4823: assertion failed: "lowestOffset () <= target_offset"
- Bug 4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
- Fix squidclient authentication to origin servers
- Fix stack-based buffer-overflow when parsing SNMP messages
- Add support for buffer-size= to UDP logging
- TLS: When using OpenSSL, trust intermediate CAs from trusted store
Assets 8
Loading

v4.6

25 Dec 23:16
@kinkie kinkie
SQUID_4_6
227df18
Compare
Choose a tag to compare
v4.6

Changes to squid-4.6 (19 Feb 2019):

- Bug 4915: Detect IPv6 loopback binding errors
- Bug 4914: Do not call setsid() in --foreground mode
- Bug 4875 pt2: GCC-8 compile errors with -O3 optimization
- Bug 4856: Exit when GoIntoBackground() fork() call fails
- basic_ldap_auth: Return BH on internal errors; polished messages
- Fix BodyPipe/Sink memory leaks associated with auto-consumption
- Fix OpenSSL builds that define OPENSSL_NO_ENGINE
- Fix several cases of rock cache corruption
- Add Georgian (ka) language translation
Assets 8
Loading

v4.5

25 Dec 23:16
@kinkie kinkie
SQUID_4_5
a76f7bb
Compare
Choose a tag to compare
v4.5

Changes to squid-4.5 (01 Jan 2019):

- Bug 4253: ssl_bump prevents access to some web contents
- TLS: add %>handshake logformat code
- Redesign forward_max_tries to count TCP connection attempts
- Fix client_connection_mark ACL handling of clientless transactions
- Fix netdb exchange with a TLS cache_peer
- Update netdb when tunneling requests
- Use pkg-config for detecting libxml2
- ... and some documentation updates
- ... and some code compile fixes
Assets 8
Loading

v4.4

25 Dec 23:15
@kinkie kinkie
SQUID_4_4
ef968e8
Compare
Choose a tag to compare
v4.4

Changes to squid-4.3 (28 Oct 2018):

- Bug 4893: Malformed %>ru URIs for CONNECT requests
- Fix %USER_CA_CERT_xx and %USER_CERT_xx crashes
- SSL: support compilation with minimal OpenSSL
- SSL: certificate fields injection via %D in ERR_SECURE_CONNECT_FAIL
- Fix netdb not saving to disk
- Fix memory leak when parsing SNMP packet
- ... and some compile issues
Assets 8
Loading

v4.3

25 Dec 23:15
@kinkie kinkie
SQUID_4_3
060539a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.3

Changes to squid-4.3 (01 Oct 2018):

- Bug 4885: Excessive memory usage when running out of descriptors
- Bug 4877: Add missing text about external_acl_type %DATA changes
- Bug 4875 pt1: GCC-8 compile errors with -O3 optimization
- Bug 4716: Blank lines in cachemgr.conf are not skipped
- Bug 4691: balance_on_multiple_ip config option docs
- basic_pop3_auth: fix startup errors
- langpack: Add missing dialect aliases
- Fix range_offset_limit debugging
- Fix icc build errors
- Update systemd dependencies in squid.service
Assets 8
Loading

v3.5.27

25 Dec 23:12
@kinkie kinkie
SQUID_3_5_27
c321737
Compare
Choose a tag to compare
v3.5.27

Changes to squid-3.5.27 (20 Aug 2017):

- Regression Bug #4112: ssl_engine does not accept cryptodev
- Bug 4687: Wrong names of components in man page, section SEE ALSO
- Bug 4671: various GCC 7 compile errors
- Bug 4464: Reduce "!Comm::MonitorsRead(serverConnection->fd)" assertions
- Bug 2833: Collapse internal revalidation requests (SMP-unaware caches)
- Bug 2833: Do not respond with HTTP/304 to unconditional requests
- Fix message packing error handling in mgr and snmp SMP Forwarders
- Fix mgr query handoff from the original recipient to Coordinator.
- ... and some documentation updates
Assets 8
Loading

v4.2

25 Dec 23:15
@kinkie kinkie
SQUID_4_2
6d8f397
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.2

Changes to squid-4.2 (04 Aug 2018):

- Regression fix: support for https_port clientca= option
- Regression Bug 4870: milliseconds logformats prepend 0s instead of spaces
- Bug 4861: HTTPMSGLOCK missing pointer safety
- Bug 4843 pt3: GCC-8 fixes and refactoring
- HTTP: Do not update stored headers on 304 responses
- Fix segmentation fault on -k parse
- Fix %>ru logging of huge URLs
- ... and several performance optimizations
- ... and some documentation updates
- ... and all fixes from 3.5.28
Assets 8
Loading

v3.5.28

25 Dec 23:12
@kinkie kinkie
SQUID_3_5_28
6cfeb30
Compare
Choose a tag to compare
v3.5.28

Changes to squid-3.5.28 (15 Jul 2018):

- SQUID-2018:1: crash processing SSL-Bumped traffic containing ESI
- SQUID-2018:2: crash handling responses to internally generated requests
- SQUID-2018:3 / CVE-2018-1172: crash in ESI Response processing
- Bug 4861: HTTPMSGLOCK missing pointer safety
- Bug 4829: IPC shared memory leaks when disker queue overflows
- Bug 4767: SMP breaks IPv6 SNMP and cache manager queries
- Bug 2821: Ignore Content-Range in non-206 responses
- HTCP: Ignore HTCP packets with invalid URI
- SSL-Bump: fix authentication with schemes other than Basic
- TPROXY: Fix clientside_mark and client port logging
- Fix "Cannot assign requested address" for to-origin TPROXY FTP data
- Fix --with-netfilter-conntrack error message
- Validate mime icon URL before allocating store entries
- ... and many documentation changes
Assets 8
Loading