1
Changes to squid-3.4.2 (30 Dec 2013):
3
- Regression Bug 3980: FATAL ERROR due to max_user_ip -s option
4
- Regression Fix: \-unescaping in quoted strings from helpers
5
- Regression Fix: URL helper API bypassing on URL containing '=' character
6
- Bug 3985: 60s limit introduced by balance_on_multiple_ip breaks bad IP recovery
7
- Bug 3806: Caching responses with Vary header
8
- Bug 3498: FTP PUT assertion
9
- WCCPv2: Fix assertion 'Cannot convert non-IPv4 to IPv4' on FreeBSD
10
- Enable concurrency by default for SSL certificate validator
11
- ... and fix several build errors
13
Changes to squid-3.4.1 (09 Dec 2013):
15
- Bug 3935: Invalid pointer dereference when peeking at origin server certificate
16
- Bug 3589: intercepted and ICAP modified request using a cache_peer
17
- ... and several portability fixes
18
- ... and some documentation updates
20
Changes to squid-3.4.0.3 (01 Dec 2013):
22
- Bug 3941: Release notes error
23
- Receive annotations from authentication and external ACL helpers
24
- basic_nis_auth: Improved portability
25
- ... and several documentation updates
26
- ... and all bug fixes from 3.3.9, 3.3.10, 3.3.11
28
Changes to squid-3.4.0.2 (03 Oct 2013):
30
- Regression Bug 3891: squid.conf parser errors in 3.4.0.1
31
- Regression Fix: re-disable MinGW C++11 support
32
- Bug 3914: partial: make squidclient tool build cleanly with -Wconversion
33
- Fix memory leak in refresh_pattern parsing
34
- negotiate_kerberos_auth: upgrade to present group= keys
35
- Handle NTLM helper returning OK without user= value
36
- Add dns_multicast_local to control mDNS operation
37
- Add --disable-arch-native build option
38
- Display Build-Info in cache manager info report
39
- ... and all changes from squid 3.3.9
40
- ... and some code and debug output polishing
42
Changes to squid-3.4.0.1 (29 Jul 2013):
44
- Port from 2.7: StoreURL (renamed Store-ID) support
45
- Bug 3795: fix several mistakes in the MIB file
46
- Bug 3793: configure: improved helper detection
47
- Bug 3722: Invalid markup in Armenian hy ERR_ONLY_IF_CACHED_MISS
48
- Bug 3676: Support GCC 4.7 with -Wshadow option
49
- Bug 3643: NTLM helpers stuck in reserved state by Safari
50
- Bug 3389: Auto-reconnect for tcp access_log
51
- Bug 2066: squid does not do chdir() after chroot()
52
- Fix uninitialized fields in IcapLogEntry
53
- Fix a number of minor issues detected by Coverity Scan
54
- Fix some potential memory leaks detected by Coverity Scan
55
- Fix 64-bit support for Intel compiler suite (ICC) and other similar compilers
56
- Fix ACL matching algorithm to avoid repeating tests
57
- basic_pam_auth: Add -r option to strip NTLM/Negotiate domain from username
58
- squidpurge: fix META TLV parsing issues
59
- squid.conf: enforce all the directive and option names are lower-case
60
- Support EUI on HTTPS and FTP data connections
61
- Support OK/ERR/BH response codes from any helper
62
- Support No-lookup flag (-n) on DNS ACLs
63
- Support -march=native compiler optimization by default
64
- Support forwarding intercepted but not bumped connections to cache_peers
65
- Support IPv6 NAT interception on Linux and some BSD
66
- Deprecate log_icap and log_access configuration directives
67
- HTTP/1.1: improved method invalidation and cacheability detection
68
- HTTP/1.1: support length configuration for pipeline_prefetch queue
69
- Improved TPROXY support for OpenBSD and FreeBSD
70
- Add storeid_file_rewrite helper to perform Store-ID rewrites from a rules file
71
- Add all-of and any-of ACL types for grouping sets of ACL tests
72
- Add note directive for transaction annotations
73
- Add %note log format for transaction annotation logging
74
- Add note ACL type for matching annotated transactions with by annotation name or value
75
- Add kv-pair support to URL-rewrite/redirector interface
76
- Add SSL server certificate validator interface, helper and result cache
77
- Add SSL server certificate fingerprint ACL type
78
- Add spoof_client_ip access control
79
- Add pt-bz (Belize Portuguese) dialect to translations
80
- ... and many Windows portability changes (still incomplete)
81
- ... and many documentation changes
82
- ... and much code cleanup and polishing
84
Changes to squid-3.3.11 (01 Dec 2013):
86
- Regression Bug 3936: error-details.txt parse error with OpenSSL since 3.3.9
87
- Bug 3972: Segfault when getting the deny_info page ID after a reconfigure
88
- Bug 3970: max_filedescriptors disabled due to missing setrlimit
89
- Bug 3967: ipc/Kid.cc compilation failure: 'time' was not declared in this scope
90
- Bug 3960: DEAD cache_peer are not revived
91
- Bug 3956: xstrndup: tried to dup a NULL pointer
92
- Bug 3906: Filedescriptor leaks in SNMP
93
- Bug 3782: Digest authentication not obeying nonce_max_count
94
- HTTP/1.1: Make header parser obey relaxed_header_parser
95
- HTTP/1.1: Re-compute Range response content offset after an FTP response was adapted
96
- SMP: Replace blocking sleep(3) and close UDS socket on failures
97
- Windows: fix several compile errors
99
Changes to squid-3.3.10 (03 Nov 2013):
101
- Bug 3929: request_header_add not working for tunnel requests
102
- Bug 3923: cbdata and undefined behavior due to dynamic runtime enumeration
103
- Bug 3918: Self Test Failures on Mac OS X 10.8
104
- Bug 3887: tcp_outgoing_tos not working for IPv6
105
- Bug 3836: Fix issues with automake 1.13+ and make check
106
- Bug 3480: StoreEntry::kickProducer() segfaults in store_client::copy()
107
- Fix pinning hierarchy log information
108
- Fix close idle client connections associated with closed idle pinned connections.
109
- Fix cbdata 'error: expression result unused' errors
110
- Avoid "hot idle": A series of rapid select() calls with zero timeout.
111
- Append Connection:close to OPTIONS requests when icap_persistent_connections is off
112
- ntlm_fake_auth: pass DOMAIN data to Squid in original case
113
- kerberos_ldap_group: fix LDAP string duplication
114
- Use IPv6 localhost nameserver on DNS configuration errors
115
- Add cache_miss_revalidate
116
- ... and several portability improvements
118
Changes to squid-3.3.9 (11 Sep 2013):
120
- Regression Bug 3077: off-by-one error in Digest header decoding
121
- Bug 3895: fix acl_uses_indirect_client and cache_peer_access
122
- Bug 3879: assertion failed ConnStateData::validatePinnedConnection
123
- Bug 3863: myportname acl causes segmentation fault
124
- Bug 3849: Duplicate certificate sent when using https_port
125
- Bug 2287: Better fix for unsupported HTTP version handling
126
- Bug 2112: Reload into If-None-Match
127
- Fix several assert with side effects in ICAP/eCAP response handling
128
- Fix myportname ACL on ICAP/eCAP transactions
129
- Fix external ACL user:pass detail logging after adaptation
130
- Fix SMP mgr:info report 'Largest file desc currently in use'
131
- Handle infinite certificate validation loops caused by OpenSSL Bug 3090.
132
- Improved compatibility with gcc 4.8, clang and icc
133
- Show number of available filedescriptors when reserved FD changes
134
- Sync with newest OpenSSL error codes
135
- Register Http2-Settings header
136
- ... and many Windows portability fixes
138
Changes to squid-3.3.8 (13 Jul 2013):
140
- Bug 3869: assertion failed: MemBuf.cc:272: size < capacity
141
- Improved handling of port values in Host: header validation
143
Changes to squid-3.3.7 (11 Jul 2013):
145
- Bug 3297: Fix openSSL related build failures
146
- Fix build on FreeBSD 9.x platform with clang
147
- Protect against buffer overrun in DNS query generation
149
Changes to squid-3.3.6 (01 Jul 2013):
151
- Bug 3854: pt1: compile errors on AIX
152
- Bug 3802: Fix wrong check inside Format::Format::assemble
153
- Bug 3762: remove bogus WARNING in cache.log
154
- Bug 3717: assertion failed with dstdom_regex with IP based URL
155
- Bug 1991: kqueue causes SSL to hang
156
- Ask for SSL key password when started with -N but without sslpassword_program
157
- Make sure %<tt includes all [failed] connection attempts
158
- Support HTTP reply ACLs in icap_log and log_icap
159
- Fix incorrect external_acl_type codes
160
- Fix ICAP logging request headers and segmentation faults
161
- ... and some documentation polish
163
Changes to squid-3.3.5 (20 May 2013):
165
- Bug 3851: Delay Pool class 5 tag:levels displayed incorrectly in cache manager
166
- Bug 3845: http_port tcpkeepalive= option fails parsing
167
- Bug 3840: assertion failed 'sde' in UFS cache loading
168
- Bug 3836: make check failures with automake-1.13
169
- Bug 3827: Remove AccessLogEntry::cache.authuser
170
- Bug 3816 pt2: SSL_get_certificate call inside Ssl::verifySslCertificate crashes
171
- Bug 3780: cachemgr.cgi: output problem in HTTP Header Statistics
172
- Bug 3759: OpenSSL compilation error on stock Fedora17, RHEL, CentOS 6 systems
173
- Bug 3744: squid terminated: FATAL: Bungled (null) line 3: sslproxy_cert_sign signTrusted all
174
- Port from 2.6: external acl %ACL and %DATA tags
175
- Update copyright on SN.png
176
- ... and several minor memory leaks
177
- ... and some documentation polish
179
Changes to squid-3.3.4 (27 Apr 2013):
181
- Bug 3831: basic_ncsa_auth Blowfish and SHA support
182
- Bug 3816: SSL_get_certificate call inside Ssl::verifySslCertificate crashes
183
- Bug 3794: MacOS: workaround compiler errors and case-insensitivity
184
- Bug 3781: Proxy Authentication not sent to cache_peer
185
- Bug 3720 pt1: SourceLayout: shuffle fd_table definition into fde.h
186
- Bug 3720 pt2: Add missing include in /dev/poll I/O module
187
- Bug 3674: Improve compiler detection, better support warnings-as-errors on clang
188
- Add support for TPROXY on BSD
189
- Fix SSL Bump bypass for intercepted traffic
190
- Fix memory leaks in ConnStateData pinning
191
- Fix external_acl.cc "inBackground" assertion on queue overloads
192
- CacheMgr: fix missing column separator in helper stats
193
- OpenBSD: libpthreads requires OpenBSD 5.2 or later
194
- ... and lots of documentation updates
195
- ... and all changes from squid 3.2.10
1
197
Changes to squid-3.3.3 (12 Mar 2013):
3
199
- Bug 3720: Add missing include in /dev/poll I/O module (pt2)
added
removed
ChangeLog
