Группа :: Система/Серверы
Пакет: squid
навигация по пакетам
Главная Изменения Спек Патчи Загрузить Bugs and FR
16 февраля 2008 Grigory Batalov <bga at altlinux.ru> 2.6.STABLE18-alt1
- New upstream release.
- Backport to Master 2.4.
- New upstream release.
+ security fix for SQUID-2007:2 - Post-install scripts were moved to common and server packages.
- New upstream release (#12920).
- Cumulative patch from git.
- Prefer epoll to poll (#12919).
- More authentication helpers.
- Specfile cleanup.
- New upstream release.
- ICAP patch cleaned up.
- Reload service in a safe manner.
- Provide /usr/share/squid directory.
- New upstream release
+ includes security fix SQUID-2007:1. - Official ICAP patch updated and cleaned up.
- DrWeb's ICAP patch obsoleted (disabled).
- Remove extra access_log directive from config.
- Export default port settings into separate patch.
- New upstream release
+ includes NTLM authentication DoS fix, see squid bug #1873. - Official ICAP patch updated.
- Set absolute link to chpasswd.cgi tarball.
- Applied:
+ DrWeb's ICAP patch
+ Config updated: redirector template
+ ACL max_body_size
- Don't ban underscores in hostname.
- By default use poll.
- New upstream release.
- Applied:
+ ICAP support
+ correct file location in QUICKSTART
+ config-driven maximum file descriptor number
+ build with HTCP, WCCPv2, SNMP but disable in config
+ open rsync, snews, CUPS, SWAT by default
+ prevent appending local domain to localhost
+ update smb_auth.sh
+ run unlinkd on diskd and ufs only
+ helpers list update
+ get back default port to listen to
+ get back default access logging
+ use epoll instead of poll
+ allow X-Forwarded-For following
+ allow forward_log config directive
+ allow Referer logging
+ allow Ident (RFC931) lookups
+ allow multicast notification of cache misses
+ suggest -c option to digest auth helper
+ squid-pinger obsoleted by squid-server
+ add libdb4-devel to BuildRequires
+ quote percent sign (%) in changelog - Included into upstream:
+ squid-2.5.STABLE13-libaio-2.patch
+ squid-2.5.STABLE13-header_leak.patch
+ squid-2.5.STABLE13-ident_leak.patch
+ squid-2.5.STABLE13-htcp_leak.patch
+ squid-2.5.STABLE13-icons.patch
+ squid-2.5.STABLE13-hostnamelen.patch
+ squid-2.5.STABLE13-stable13.patch - Obsoleted:
+ squid-2.4.STABLE6-alt-without-bind.patch
+ squid-2.5-automake.patch
+ squid-2.5.STABLE10-alt-perlreq.patch
- STABLE13
- applied:
+ 2006-05-13 13:16 (Minor) On some systems POSIX AIO functions are in libaio
+ 2006-05-14 15:41 (Medium) Memory leak in header processing related to external_acl or custom log formats
+ 2006-05-14 15:41 (Major) memory leak in ident processing
+ 2006-05-14 15:41 (Medium) Memleak in HTCP client code
+ 2006-05-14 15:41 (Minor) Mime icons are not displayed when viewing ftp sites when
+ 2006-05-14 15:41 (Cosmetic) SQUIDHOSTNAMELEN issues
+ 2006-05-14 15:41 (Cosmetic) Current release is STABLE13, not 12.. - updated FAQ to v 1.263 2006/03/16
- STABLE12
- applied:
+ 2005-10-26 20:31 (Minor) fails to compile with undefined reference to setenv
- applied:
+ 2005-09-27 22:29 (Major) Truncated responses when using delay pools
- STABLE11 includes all patches issued for STABLE10
- replaced max filedescriptors override trick with configure option
- updated FAQ to v 1.253 2005/09/07
- applied:
+ 2005-09-13 02:59 (Minor) Solaris 10 SPARC transparent proxy build problem with ipfilter
+ 2005-09-03 09:41 (Minor) E-mail sent when cache dies is blocked from many antispam rules
+ 2005-09-11 00:57 (Minor) LDAP helpers does not work with TLS (-Z option)
+ 2005-09-11 01:21 (Cosmetic) Incorrect store dir selection debug message on objects >2G
+ 2005-09-11 01:21 (Cosmetic) enums can not be assumed to be signed ints
+ 2005-09-11 01:42 (Cosmetic) Allow leaving core dumps on Linux
+ 2005-09-11 01:53 (Medium) Clients bypassing delay pools by faking a cache hit
+ 2005-09-13 23:59 (Minor) Transparent proxy problem with IP Filter
+ 2005-09-15 09:56 (Medium) Odd results on pipelined CONNECT requests
+ 2005-09-16 11:10 (Major) FATAL: Incorrect scheme in auth header
- applied:
+ 2005-08-14 17:05 (Cosmetic) New 'mail_program' configuration option in squid.conf
+ 2005-08-19 09:31 (Minor) sync redeclarations when support for ARP acls
+ 2005-09-01 20:27 (Major) Segmentation fault in sslConnectTimeout
+ 2005-09-01 21:56 (Medium) assertion failed: StatHist.c:93: ((int) floor(0.99L + statHistVal(H, 0) - min)) == 0
+ 2005-09-01 22:09 (Minor) More chroot_dir and squid -k reconfigure issues
+ 2005-09-01 22:18 (Cosmetic) Odd URLs when failing to forward request via parent and several error messages inconsistent in reported request details
+ 2005-09-01 22:26 (Cosmetic) Fails to compile with glibc -D_FORTIFY_SOURCE=2
+ 2005-09-01 22:31 (Minor) Some odd FTP servers respond with 250 where 226 is expected
+ 2005-09-01 22:39 (Cosmetic) Greek translation of error messages
+ 2005-09-01 22:44 (Major) assertion failed: store.c:523: "e->store_status == STORE_PENDING"
+ 2005-09-01 22:49 (Minor) squid_ldap_auth -U does not work
+ 2005-09-01 22:57 (Minor) snmo cacheClientTable fails on "long" IP addresses
- fixed #2713 (wrong SAMBAPREFIX)
- applied:
+ 2005-07-03 08:24 (Cosmetic) "make all" gives many warnings
+ 2005-07-09 08:58 (Cosmetic) Allow wb_ntlm_auth to run more silent
+ 2005-07-11 00:46 (Cosmetic) The new --with-build-environment=... option doesn't work
- pinger, diskd and unlinkd move to squid-server
- updated:
+ 2005-06-27 21:24 (Minor) squid -k fails in combination with chroot after patch for bug 1157
+ 2005-06-30 08:49 (Minor) Core dump with --enable-ipf-transparent if access to NAT device not granted - applied:
+ 2005-06-29 20:36 (Minor) wbinfo_group.pl only looks into the first group specified
- impoving #6321 resolution
- new version
- #6321 fix
- #1491 and associated cleanups
- #6307 fix
- #7062 fix
- eliminated pinger package
- applied:
+ 2005-05-25 23:01 (Cosmetic) Double content-length often harmless
+ 2005-06-06 21:38 (Cosmetic) Updated Spanish error messages
+ 2005-06-09 08:01 (Minor) Squid internal icons served up with slightly incorrect HTTP headers
+ 2005-06-13 22:55 (Minor) squid -k fails in combination with chroot after patch for bug 1157
+ 2005-06-13 22:55 (Minor) Core dump with --enable-ipf-transparent if access to NAT device not granted
+ 2005-06-13 22:55 (Minor) httpd_accel_signle_host incompatible with redireection
+ 2005-06-19 09:39 (Minor) squid -k reconfigure internal corruption if the type of a cache_dir is changed
+ 2005-06-19 21:03 (Minor) SNMP GETNEXT fails if the given OID is outside the Squid MIB
+ 2005-06-22 10:45 (Cosmetic) Title in FTP listings somewhat messed up
+ 2005-06-21 22:28 (Minor) FTP listings uses "BASE HREF" much more than it needs to
- applied:
+ 2005-04-20 14:59 (Medium) Fails to process requests for files larger than 2GB in size
+ 2005-03-26 23:53 (Minor) rename() related cleanup
+ 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions
+ 2005-03-30 22:51 (Cosmetic) external acls requiring authentication does not request new credentials on access denials like proxy_auth does.
+ 2005-04-26 04:42 (Cosmetic) should syslog to daemon facility not local4
+ 2005-04-20 21:36 (Cosmetic) Error template substitution for authenitcated user name
+ 2005-04-21 10:46 (Cosmetic) Missing newlines in debug statements
+ 2005-04-20 21:55 (Minor) fix transparent proxying when squid listens on NATed non-80 port
+ 2005-04-20 21:55 (Minor) Unable to run "squid -k" when hostname cannot be determined
+ 2005-04-21 10:31 (Cosmetic) Correctly read DOS/Windows formatted config files with CRLF as line terminator
+ 2005-04-22 20:21 (Minor) Unrecognized cache-control directives are silently dropped
+ 2005-04-24 16:35 (Minor) Make the use of the %m error page to return auth info messages
+ 2005-04-22 20:48 (Cosmetic) PID file check fails when chrooting
+ 2005-04-26 04:30 (Minor Security) Fix for CVE-1999-0710: cachemgr malicouse use
+ 2005-04-25 16:36 (Cosmetic) Minor aufs improvements
+ 2005-04-30 12:58 (Medium) Poor hot object cache hit ratio and sporadic assertion failed: store_swapin.c: e->mem_status == NOT_IN_MEMORY
+ 2005-05-01 10:58 (Cosmetic) Cosmetic change to DISKD statistics
+ 2005-05-04 18:09 (Minor) SNMP Agent updates to support SNMP Version 2 and bulk requests
+ 2005-05-08 14:01 (Cosmetic) Minor arp ACL improvements
+ 2005-05-09 01:51 (Minor) Allow dstdomain and dstdom_regex to match IP based hosts
+ 2005-05-11 19:19 (Security issue) DNS lookups unreliable on untrusted networks
+ 2005-05-10 22:33 (Medium) assertion failed: store_client.c:343: "storeSwapOutObjectBytesOnDisk(mem) > sc->copy_offset"
+ 2005-05-10 23:11 (Cosmetic) Extended documentation of the always_direct directive - updated:
+ 2005-04-19 22:46 (Cosmetic) LDAP helpers fails to compile with SUN LDAP SDK
+ 2005-03-29 08:45 (Minor) Several minor aufs issues - updated FAQ to v 1.250 2005/04/22
- enabled 2GB+ files support
- disabled aa patch for now
- applied:
+ 2005-03-03 02:26 (Minor Security) Race condition related to Set-Cookie header
+ 2005-03-04 11:55 (Minor) Fails to parse the EPLF FTP directory format
+ 2005-03-04 11:55 (Minor) Links in FTP listings without / fails due to missing BASE HREF
+ 2005-03-04 22:48 (Cosmetic Security) Unexpected access control results on configuration errors
+ 2005-03-09 15:46 (Minor) Handle odd date formats
+ 2005-03-09 15:46 (Minor) reload_into_ims fails to revalidate negatively cached entries
+ 2005-03-09 15:46 (Cosmetic) Clarify delay_access function
+ 2005-03-09 15:46 (Cosmetic) Check several squid.conf directives for int overflows
+ 2005-03-09 15:46 (Minor) bzero is a non-standard function not available on all platforms
+ 2005-03-15 04:27 (Minor) compile warnings due to pid_t not being an int
+ 2005-03-10 23:38 (Minor) Incorrect use of ctype functions
+ 2005-03-09 15:46 (Cosmetic) Defer digest fetch if the peer is not allowed to be used
+ 2005-03-09 15:46 (Cosmetic) Duplicate content-length headers logged as conflicting with relaxed_header_parser off
+ 2005-03-09 15:46 (Cosmetic) Extend relaxed_header_parser to work around "excess data from" errors from many major web servers.
+ 2005-03-19 11:42 (Minor) Several minor aufs issues
+ 2005-03-19 00:25 (Minor) Basic authentication fails with very long login or password
+ 2005-03-21 20:44 (Minor) CONNECT requests truncated if client side disconnects first assertion failed: comm.c:430: "quot;ntohs(address->sin_port) != 0"quot;
+ 2005-03-19 01:11 (Cosmetic) LDAP helpers fail to compile with SUN LDAP SDK
+ 2005-03-19 01:35 (Minor) --disable-hostname-checks not working
+ 2005-03-19 23:57 (Cosmetic) aufs warning about open event filedescriptors on shutdown - updated FAQ to v 1.246 2005/03/04 23:49:39
- upstream merged:
+ 2005-02-20 10:47 (Minor) Relax header parsing slightly again to work around broken web servers
+ 2005-02-20 19:11 (Cosmetic) GCC4 warnings
+ 2005-02-21 01:38 (Cosmetic) Doesn't work specifying the AR variable to configure
+ 2005-02-21 02:58 (Minor) Peer related memory leaks on "squid -k reconfigure"
+ 2005-02-21 03:38 (Cosmetic) Display FTP URLs in decoded format to allow for sane display of national characters etc
+ 2005-02-21 17:02 (Minor) fqdn lookups with spaces may confuse redirectors
+ 2005-02-23 00:11 (Medium) Should not automatically retry request on 403 and other server errors - upstream updated and merged:
+ 2005-02-20 11:03 (Cosmetic) Cross-platform format fixes - updated FAQ to v 1.245 2005/02/24 23:29:59
- upstream merged:
+ 2005-02-04 11:41 (Minor) WCCP easily disturbed by forged packets
+ 2005-02-06 00:57 (Cosmetic) Improve password handling in FTP gatewaying of ftp://user@host URLs
+ 2005-02-11 10:59 (Major) Data corruption when HTTP reply headers is split in several packets - upstream updated and merged:
+ 2005-01-31 01:50 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack
+ 2005-02-10 10:14 (Security issue) Reject malformed HTTP requests and responses that conflict with the HTTP specifications - applied new:
+ 2005-02-13 05:58 (Major) Assertion failure on certain odd DNS responses
+ 2005-02-15 00:03 (Cosmetic) Cross-platform format fixes
+ 2005-02-15 01:07 (Cosmetic) Allow high characters in generated FTP and Gopher directory listings
+ 2005-02-15 02:14 (Cosmetic) FTP URL cleanups
- libpam-devel -> libpam0-devel
- Russian description
- applied:
+ 2005-01-31 22:50 (Security issue) Correct handling of oversized reply headers
+ 2005-02-03 23:17 (Minor) LDAP helpers sends slightly malformed search requests
+ 2005-02-03 23:27 (Minor) Sporadic segmentation fault when using ntlm authentication
+ 2005-02-04 00:12 (Major) Segmentation fault on failed PUT/POST request
+ 2005-02-04 00:33 (Medium) Persistent connection trouble on failed PUT/POST requests
- updated squid-2.5.STABLE7-header_parsing.patch once more
- applied:
+ 2005-01-28 23:16 (Security issue) Buffer overflow in WCCP recvfrom() call
- applied current patches:
+ 2005-01-21 12:43 (Security issue) Strengthen Squid from HTTP response splitting cache pollution attack
+ 2005-01-21 12:10 (Minor) Icons fails to load on non-anonymous FTP when using short_icons_url directive
+ 2005-01-21 12:10 (Minor) FTP data connection fails on some FTP servers when requesting directory without a trailing slash
+ 2005-01-21 12:10 (Minor) Disable Path-MTU discovery on intercepted requests
+ 2005-01-24 14:29 (Security issue) Reject malformed HTTP requests and responses that conflict with the HTTP specifications
+ 2005-01-17 04:29 (Minor Secuity issue) Sanity check usernames in squid_ldap_auth
+ 2005-01-17 02:52 (Minor) FQDN names truncated on compressed DNS responses
+ 2005-01-17 02:52 (Minor) Internal DNS memory leak on malformed responses
- applied current patches:
+ 2005-01-12 17:21 (Security issue) Denial of service with forged WCCP messages
+ 2005-01-12 17:19 (Security issue) buffer overflow bug in gopherToHTML()
+ 2005-01-08 03:13 (Medium) fakeauth_auth memory leak and NULL pointer access
+ 2004-12-28 12:55 (Minor) Don't close "other" filedescriptors on startup
+ 2004-12-21 17:50 (Minor Security) Confusing results on empty acl declarations
+ 2004-12-08 00:00 (Minor) PURGE is allowed to delete internal objects - fix for #5767 (config patch and initgroups)
- fix for #5616 (squid MIB)
- fix for #5707 (wbinfo_group.pl and spaces)
- updated FAQ to 1.240 2005/01/08 00:16:21
- used macro instead of env var for rpm build root
- applied current patches:
+ 2004-12-08 01:03 (Minor) cachemgr vm_objects segfault
+ 2004-12-08 00:47 (Minor) httpd_accel_port 0 (virtual) not working correctly
+ 2004-12-07 23:45 (Cosmetic / Minor Security issue) Random error messages in response to malformed host name
- applied current patches:
+ 2004-11-07 23:37 (Minor) Squid fails to close TCP connection after blank HTTP response
+ 2004-11-06 21:42 (Minor) 100% CPU on startup on new/experimental Linux kernels due to O_NONBLOCK
+ 2004-11-06 15:28 (Minor) Failure to shut down busy helpers on -k rotate/reconfigure
+ 2004-10-20 23:23 (Minor) The new req_header and resp_header acls segfaults immediately on parse of squid.conf
+ 2004-10-19 10:09 (Cosmetic) Document -v (protocol version) option to LDAP helpers
+ 2004-10-14 22:48 (Minor) 100% CPU usage on half-closed PUT/POST requests
- Cleaned up build dependencies, was too superfluous
since 2.5.STABLE6-alt1. - Rebuilt with openldap-2.2.18-alt3.
- 2.5.STABLE7 (security fix)
- updated FAQ to 1.235 2004/10/04
- rediffed patches
- more patches
- Updated FAQ to 2004-08-10
- Added and rediffed official patches up to 2004-08-14
- build with 16384 file descriptors
- 2.5.STABLE6
- Official bugfixes from www.squid-cache.org.
- add patch-aa.patch: makes squid write info in access.log by pieces as far as the
receipt of data but not after downloading whole file. See -x options.
- Official bugfixes from www.squid-cache.org.
- fix bugs id #4330
- fix bugs id #1629
- build with 8192 file descriptors
- Official bugfixes from www.squid-cache.org.
- Rebuilt with openssl-0.9.7d.
- 2.5.STABLE5
- fix build with libsasl2
- Official bugfixes from www.squid-cache.org.
- cosmetics spec file
- Fixed %pre script.
- Official bugfixes from www.squid-cache.org.
- disable default ICP setup.
- 2.5.STABLE4
- fix errors in squid init file.
- Added Belarusian error pages by Vital Khilko (dojlid@mova.org)
- 2.5.STABLE3
- fix bugs id #0002717
- Official bugfixes from www.squid-cache.org.
- Rewritten start/stop script to new rc scheme.
- fix build support for the authentication schemes
- Official bugfixes from www.squid-cache.org.
- fix documentations and manuals path
- fix documentation
- Fixed path on directories: /var/run, /var/log/squid and /var/spool/squid.
- 2.5.STABLE1
- misc adaptions
- buildprereq autoconf = 2.13
- adding --enable-storeio
- Official bugfixes from www.squid-cache.org.
- Relocated "chown" cleanup code from %pre to %triggerpostun (#1051).
- 2.4.STABLE7
- Official bugfixes from www.squid-cache.org.
- Official bugfixes from www.squid-cache.org.
- Build without bind-devel.
- 2.4.STABLE6.
- adding subpackage pinger.
- remove link to errors dir.
- 2.4.STABLE4-alt1
- Fixed permissions on directories:
/etc/squid, /usr/lib/squid, /var/log/squid and /var/spool/squid.
- Added official patches for 2.4.STABLE3:
+ "htcp_port 0" fails to disable the HTCP port
+ Coredup on certain ftp:// style URL's
+ SNMP memory leaks - Fixed %pre script.
- 2.4.STABLE3
- enable auth-modules LDAP, MSNT, NCSA, PAM, SMB, YP, getpwnam
- bugfix patches
- enable wccp, gnu-regex, cache-digests
- 2.4.STABLE1
- enable useragen log, icmp, async-io
- security fix for tmpfile problems (patch#20)
- fixed squid.init
- Rebuild for RE
- shiny version.
- comment out already applied patches.
- rebuilt with %doc macro
- added noreplace tag for config files
- fixed %post script
- three more bugfix patches from the squid people
- buildprereq jade, sgmltools
- merged with redhat again
- make %pre more portable
- bugfix patches
- fix dependency on /usr/local/bin/perl
- 2.3.STABLE2
- Yet More Bugfix Patches
- add more bugfix patches
- --enable-heap-replacement
- rebuild to fix dependencies
- grab some bugfix patches
- 2.3.STABLE1 (whee, another serial number)
- Fix compliance with ftp RFCs
(http://www.wu-ftpd.org/broken-clients.html) - Work around a bug in some versions of autoconf
- BuildPrereq sgml-tools - we're using sgml2html
- add a couple of bugfix patches
- update to 2.2.STABLE5.
- update FAQ, fix URLs.
- transform restart in reload and add restart to the init script
- add squid user as user 23.
- initscript munging
- fix conflict between logrotate & squid -k (#4562)
- put cachemgr.cgi back in /usr/lib/squid
- add webdav bugfix patch (#4027)
- fix path to config in squid.init (confuses linuxconf)
- 2.2.STABLE4
- logrotate changes
- errors from find when /var/spool/squid or
- /var/log/squid didn't exist
- 2.2.STABLE3
- update to 2.2.STABLE.2
- update to 2.2.STABLE1
- don't need to run groupdel on remove
- fix useradd
- fix effective_user (bug #2124)
- strip binaries
- duh. adduser does require a user name.
- add a serial number
- add an adduser in %pre, too
- oog. chkconfig must be in %preun, not %postun
- switch to using group squid
- turn off icmp (insecure)
- update to 2.2.DEVEL3
- build FAQ docs from source
- logrotate changes
- auto rebuild in the new build environment (release 4)
- update to 2.2.PRE2
- cache & log dirs shouldn't be world readable
- remove preun script (leave logs & cache @ uninstall)
- fix initscript to get cache_dir correct
- update to 2.1.PATCH2
- merge in some changes from RHCN version
- strip binaries
- version 1.1.22
- don't make packages conflict with each other...
- added a proxy auth patch from Alex deVries <adevries@engsoc.carleton.ca>
- fixed initscripts
- rebuilt for Manhattan
- upgraded to 1.1.21/1.NOVM.21
- updated the init script to use reconfigure option to restart squid instead
of shutdown/restart (both safer and quicker)
- upgraded to 1.1.20
- added the NOVM package and tryied to reduce the mess in the spec file
- first build against glibc
- patched out the use of setresuid(), which is available only on kernels
2.1.44 and later