Revisions of squid

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1177317 from Adam Majer's avatar Adam Majer (adamm) (revision 121)
- update to 6.9
  - Regression Bug 5349: basic_nis_auth build error: unterminated #ifndef
  - Bug 5069: Keep listening after getsockname() error
  - Bug 5360: FwdState::noteDestinationsEnd() assertion "err"
  - Reduce stale errno usage
  - Plug memory leak in handling cache manager requests
  - Fix error: template-id not allowed for constructor in C++20
  - Improve release packaging automation
- header_fixups.patch: upstreamed, removed
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: upstreamed, removed
- CVE-2024-33427.patch: fixes possible buffer overread leading to
  denial of service (bsc#1225417, CVE-2024-33427)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1155563 from Adam Majer's avatar Adam Majer (adamm) (revision 120)
- update to 6.8
  - Fix marking of problematic cached IP addresses (#1691)
  - Bug 5344: mgr:config segfaults without logformat (#1680)
  - Fix infinite recursion when parsing HTTP chunks (#1553)
    (bsc#1216715, CVE-2024-25111)
- changes in 6.7
  - Bug 5337: workaround for crash on startup if -a option is used
  - Bug 5274: Successful tunnels logged as TCP_TUNNEL/500
  - Fix crash when NTLM and Negotiate helpers are queried with no HTTP request
  - Fix SslBump memory leak when mimicking certificates with Authority Key Identifier
  - Fix memory leak on SslBump certificates with Authority Key Identifier extension
  - Fix a possible integer overflow in FTP Gateway
  - Extend cache_log_message to Bug 5187 and job invalidation BUGs
  - Remove incorrect beta version warning
- squid.keyring: updated
- header_fixups.patch: added
- 9be86d8db5e8f40829374d26334d0bb5272c1afd.patch: don't throw on
  client errors

 - Fix handling of expanding HTTP header values (bsc#1219960, CVE-2024-25617)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1142310 from Adam Majer's avatar Adam Majer (adamm) (revision 118)
changes only changes, CVEs, bugs, etc.
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1122203 from Adam Majer's avatar Adam Majer (adamm) (revision 116)
- update to 6.4:
  * security fixes:
    + Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500, CVE-2023-46846)
    + Multiple issues in HTTP response caching (bsc#1216496, CVE-2023-5824)
    + Denial of Service in HTTP Digest Authentication (bsc#1216495, CVE-2023-46847)
    + Denial of Service in FTP (bsc#1216498, CVE-2023-46848)
    + Fix validation of certificates (bsc#1216803, CVE-2023-46724)
  * Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
  * Bug 4981: Work around in-call job invalidation bugs
  * basic_smb_lm_auth: fix 'no previous declaration' warnings
  * CacheManager: require /squid-internal-mgr/ URL path prefix
  * ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
  * documentation changes
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1112346 from Adam Majer's avatar Adam Majer (adamm) (revision 115)
- update to 6.3:
  - Bug 5294: ERR_CANNOT_FORWARD returned instead of ERR_DNS_FAIL
  - Bug 4981: Work around in-call job invalidation bugs
  - basic_smb_lm_auth: fix 'no previous declaration' warnings
  - CacheManager: require /squid-internal-mgr/ URL path prefix
  - ESI: Fix build [-Wsingle-bit-bitfield-constant-conversion]
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1085760 from Adam Majer's avatar Adam Majer (adamm) (revision 113)
- update to 5.9:
  * Improve reply_body_max_size matching accuracy
  * fix gcc13 warning
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1084087 from Adam Majer's avatar Adam Majer (adamm) (revision 112)
- partial revert of earlier "fix PIDFile"
  - move pidfile back to /run/squid.pid and not in the directory
    owned by squid. The purpose of /run/squid/ is to facilitate
    SMP worker's IPC and not for the PID file. The PID file can
    live just fine in /run since it's written by root. (bsc#1210960)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1006088 from Adam Majer's avatar Adam Majer (adamm) (revision 107)
- Migration to /usr/etc: Saving user changed configuration files
  in /etc and restoring them while an RPM update.

and CVE references,
  - Regression Fix: Typo in manager ACL (bsc#1203677, CVE-2022-41317)
    (bsc#1203680, CVE-2022-41318)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 984871 from Adam Majer's avatar Adam Majer (adamm) (revision 103)
- Update to 5.6:
  * Improve handling of Gopher responses (bsc#1200907, CVE-2021-46784)
- Changes in 5.5:
  * fixes regression Bug 5192: esi_parser default is incorrect
  * Bug 5177: clientca certificates sent to https_port clients
  * Bug 5090: Must(!request->pinnedConnection()) violation
  * Kid restart leads to persistent queue overflows, delays/timeouts
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 966241 from Adam Majer's avatar Adam Majer (adamm) (revision 102)
- Do not try to set special permissions for basic_pam_auth (bsc#1197649)
Displaying revisions 1 - 20 of 121
openSUSE Build Service is sponsored by