Title of New Package

Edit Package squid
PUT_UPSTREAM_URL_HERE

LONG DESCRIPTION
GOES
HERE

Refresh
Refresh
Source Files
Filename Size Changed
CompleteFaq.html 0001217605 1.16 MB
README.SuSE 0000001558 1.52 KB
contrib-2.4.STABLE6.tar.bz2 0000007615 7.44 KB
ip_wccp.c 0000004263 4.16 KB
pam.squid 0000000164 164 Bytes
rc.squid 0000003485 3.4 KB
ready 0000000000 0 Bytes
squid-2.6.STABLE19-64bit.patch 0000001662 1.62 KB
squid-2.6.STABLE2-ldflags.patch 0000000659 659 Bytes
squid-2.7.STABLE3-config.patch 0000002064 2.02 KB
squid-2.7.STABLE5-RELEASENOTES.html 0000023930 23.4 KB
squid-2.7.STABLE7.tar.bz2 0001341869 1.28 MB
squid.changes 0000057927 56.6 KB
squid.logrotate 0000000696 696 Bytes
squid.spec 0000058261 56.9 KB
squid.sysconfig 0000000206 206 Bytes
squid_ie_blocker.txt 0000005512 5.38 KB
squid_ldapauth-1.3.dif 0000000859 859 Bytes
squid_ldapauth-1.3.tar.bz2 0000005635 5.5 KB
Revision 1 (latest revision is 4)
Tom Patzig's avatar Tom Patzig (tpatzig) committed (revision 1)
- update to 2.7.STABLE7

- update to 2.7.STABLE5, which is a bugfix version only:
  * Don't set expires: now in generated error responses
  * Old headers still returned after a cache validation
  * swap.state permission issues if crashing during "squid -k
    reconfigure"
  * Limit stale-if-error to 500-504 responses
  * Increase negotiate auth token buffer size
  * add upgrade_http0.9 option making it possible to disable
    upgrade of HTTP/0.9 responses
  * assertion failed: sc->new_callback == NULL at store_client.c:190
  * Shut down store url rewrite helpers on squid -k reconfigure
  * configuration file contains non-ASCII characters
  For complete list of changes see:
  http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE5.html
- removed obsolete, already in upstream version patches

- bugfix if user is in many kerberos groups (12380.patch)

- added a few official patches:
  * HTTP/0.9: making it possible to disable upgrade of HTTP/0.9
    responses
  * assertion failed: sc->new_callback == NULL at store_client.c:190
  * foreground rebuild should do all of the rebuilding before Squid
    accepts
  * Shut down store url rewrite helpers on squid -k reconfigure
  * configuration file contains non-ASCII characters

- update to 2.7.STABLE4:
  * DNS retransmit queue could get hold up
  * assertion failed: forward.c:529: "fs"
  * assertion failed: forward.c:110: "!EBIT_TEST(e->flags,
    ENTRY_FWD_HDR_WAIT)"
  * Workaround for Linux-2.6.24 & 2.6.25 netfiler_ipv4.h include
    header __u32 problem
  * Make dns_nameserver work when using --disable-internal-dns on
    glibc based systems
  * Handle aborted objects properly. The change in 2.7.STABLE3
    triggered a number of issues.
  * access.log logs rewritten URL and strip_query_terms ineffective
  For full list of changes see:
  http://www.squid-cache.org/Versions/v2/2.7/changesets/SQUID_2_7_STABLE4.html
- added cron to Requires: as rpmlint complains on this

- Fix init scripts.

- update to 2.7.STABLE3:
  major changes from 2.6 to 2.7:
  * HTTP/1.1 support
  * performance improvements
  * no longer WAIS support
  * can emulate an origin server when acting as an accelerator
  * "min-size" option for cache_dir
  * semi-modular logging framework introduced
  * Support for rewriting URLs into canonical forms when storing
    and retrieving objects
  * Object revalidation in background
  * new option "zero_buffers"
  * cache authentication based on source IP address
  * configuration files can be included
  * alteration for default rules to not cache dynamic content from
    cgi-bin and query URLs
  * cleanup of accelerator mode
  * zero Penalty Hit support
  * and many bugfixes
  For full list of changes see:
  http://www.squid-cache.org/Versions/v2/2.7/changesets
- fixed the config patch accordingly
- sorted files in /usr/sbin
- added new binary /usr/sbin/logfile-daemon

- added "sharedscripts" to logrotate (bnc#388088)

- update to 2.6.STABLE19:
  * Custom log formats fail to log file sizes >2GB properly on
    32-bit platforms
  * outgoing_address acl doesn't work with indirect source address
    (follow-x-forwarded-for)
  * Stuck in 100% CPU when fetching an corrupt peer digest
  * Add support for the resolv.conf domain directive, and also
    automatically derived default domain
  * minimum_icp_query_timeout directive
  Full list of changes see:
  http://www.squid-cache.org/Versions/v2/2.6/changesets/SQUID_2_6_STABLE20.html
- removed official patches, which are now included in latest version

- added official patches:
  * Custom log formats fail to log file sizes >2GB properly on
    32-bit platforms
  * Fix stripping NT domain in squid_ldap_group
  * Cache-Control: max-stale=0 forwarded wrongly as max-stale
    (without delta)
  * Fails to parse chunked encoding using chunk extensions
  * Deal properly with empty list members
  * tcp_outgoing_address acl doesn't work with indirect source
    address (follow-x-forwarded-for)

- update to 2.6.STABLE19:
  * Fix tcp_outgoing_address example config to match its description
  * Assertion failed sc != NULL when using peer monitor function
    fixed
  * Fix missing default disk store type into QUICKSTART example.
  * Handle recursive completion operations in diskd fixed.
  * documentation bugfix for tcp_outgoing_tos directive
  * Sort cache list in wccpv2 to ensure a consistent hash allocation
    across all services
  * Updated Ukrainan error pages
  * Compile error in squid_kerb_auth under Mac OS X 10.5.2
  * squid_radius_auth failed ro process more than 256 requests
  * Clarified description of 'cache_vary' directive
  * Make range_offset_limit 0 disable local range processing as
    documented, even if the first range starts at 0
- updated 64bit patch
- updated FAQ: no longer avail, its a Wiki now. Best compromise to
  use CompleteFaq webpage instead.

- update to 2.6.STABLE18:
  * Preparing 2.6.STABLE18
  * This is STABLE18, not 16..
  * Remove HEAD ChangeLog entries copied by mistake
  * Preparing for 2.6.STABLE18
  * Update valgrind support for valgrind-3.3.0
  * Sometimes arrayShrink() will be asked to shrink by 0 entries.
    Handle that.
  * Digest authentication fixes
  * Minor cleanups to make some 64-bit platforms happier
  * Novell eDirectory digest helper edir_digest_auth update to
    clean up license
  * Change old info@ircache.net contact address to
    info@squid-cache.org
  * Convert spnegohelp.h and spnegohelp.c files drom DOS to Unix
    text format.
  * Fix bug in header array compression
- removed obsolete suse 8.0 check in PreReq

- BuildRequires doesn't need openldap2 anymore. fixed.

- upgrade to version 2.6STABLE17:
  * Fix compile error with old GCC 2.x or other ANSI-C compilers
    before C99
  * Mention the login= cache_peer option in release notes
  * Fix bad cache_peer example in squid.conf
  * Fix a compile-time memory corruption error causing cf_gen to
    fail
  * Clarify high_memory_warning usage
  * Reject DNS responses which result in no data
  * Fix version number in configuration manual
  * Move cache and request/reply_header_max_size to their proper
    sections
  * sbrk statistics broken when process size >2GB
  * Move logopen() much earlier to have fatal startup errors sent
    to the proper syslog facility
  * Fix HTTP/0.9 responses
  * Correct bad example config for tos_outgoing_tos
  * Fix grammar in description of mail_program squid.conf option
  * Ignore Content-Length in chunked responses instead of
    rejecting the response as invalid
  * Documented that http_port no longer have a default
  * Cleanup of cache digest documentation
  * Make aufs store rebuilding back off a little if I/O load too
    high
  * Respect DNS ttl=0
  * Update udp_(incoming|outgoing)_address documentation to
    reflect current bahaviour.
  * Update HTCP documentation
  * Document the overlapping helper request format
  * Change priority of proxy auth and extacl provided username in
    login=*:pass
  * pack header entries on cache updates
  * Make squid_db_auth reopen the database connection on each
    query by default
  * Improve helper debug ouput, including the channel number
  * Update cachePeerEntry MIB description to mention what is used
    as index key
  * Import squid_radius_auth for authenticating to RADIUS

- upgrade to version 2.6STABLE16:
  * Test for sys/capability.h linux include file to avoid failing on
    linux systems missing libcap
  * Release private objects on cache rebuild
  * Segfault in clientBuildReplyHeader when http->entry == NULL
  * Bug #2072: digest_pw_auth fails when using plaintext passwords
  * Bug #2073: assertion failed: client_side.c:4175: "buf != NULL ||
    !conn->body.request on POST
  * Adjust default pconn timeouts to avoid shutting down connection while
    child sends request
  * Bug #1980: cache_peer monitortimeout not working
  * Bug #1882: Parent responses are not cached if sibling returns 504
  * More squid.conf reordering to get the dependencies between options
    sorted proper
  * The select() I/O loop got broken by the /dev/poll addition
    (2.6.STABLE14)
  * Bug #2017: Fails to work around broken servers sending just the HTTP
    headers
  * Bug #2023: Compile error with old GCC 2.x or other ANSI-C compilers
    before C99
  * squid.conf.default updated and reorganised in more sensible groups
  * correct and document the syslog access_log format
  * Armenian error pages translation
  * digest_ldap_helper usage help updated
  * Bug #1560: ftpSendPasv: getsockname(-1,..): (9) Bad file descriptor
  * Improve delay pools in low traffic environment by checking timeouts
    at a steady 1 second interval even when there is not much activity
  * Don't request authentication on transparently intercepted
    connections
  * Cleanup linux capabilities for tproxy
  * Bug #2003: 'via' config directive doesn't affect response headers
  * Bug #1902: Adds Numeric Hit and invalid request counters to IP Cache
  * Add missing $|=1 to squid_db_auth
  * Bug #2050: Persistent connection dropped if cache has no
    Content-Length
  * Verify the URL on memory cache hits
  * Bug #2057: NTLM stop work in messengers after upgrade to 2.6.STABLE14
  * Bug #1972: Squid sets peers to down state when they are in fact
    working.
  * potential segmentation fault in storeLocateVary()
  * Bug #2066: chdir after chroot
  * Windows port: Fix compiler warnings when building Squid as
    application (not Windows service mode)
  * Spelling correction of received
- adapted config patch

- removed /etc/squid/errrors: no longer needed (bugzilla#300933)

- removed explicit permissions handling (bugzilla#298341)

- moved $named from Required-Start to Should-Start (bugzilla#142653)
- renamed X-UnitedLinux-Should-Start to Should-Start in rc script
- renamed X-UnitedLinux-Should-Stop to Should-Stop in rc script

- upgrade to 2.6.STABLE14:
  * Bug #2008: Work around clients trying to use NTLM or Negotiate
    without persistent connections
  * Deal better with forwarding loops
  * Bug #2010: snmp_core.cc:828: warning: array subscript is above
    array bounds
  * Temporary shortage of system filedescriptors may cause Squid to
    permanently stop accepting connections
  * Bug #1085: Add no-wrap to cache manager HTML tables
  * Cosmetic squid_ldap_auth cleanups from Squid-3
  * Simple POP3 basic auth helper querying a POP3 server
  * squid.conf.default cleanups
  * Clean up HTML escapes in the configuration manual
  * Simple POP3 basic auth helper querying a POP3 server
  * Imported updated squid_kerb_auth helper from the SourceForge
    squidkerbauth repository
  * Bug #1130: min-size option for cache_dir
  * digest_edir_auth helper, using novell eDirectory universal
    password
  * Bug #1968: Squid hangs occasionally when using DNS search paths
  * Bug #1900: Double "squid -k shutdown" makes Squid restart again
  * There is no -a command line option in Squid-2.6 and later.
  * Make AC_CHECK_.._SYSTYPE wrappers around the default calls to
    allow cross-compiling
  * Renamed db_auth.pl to squid_db_auth, and autogenerate perl path
    and man page
  * make devpoll support work
  * Bring over Solaris/IRIX /dev/poll network IO support from
    Squid-2, enabled by compiling with --enable-devpoll
  * Database auth helper using Perl DBI
  * Kerberos SPNEGO helper
  * Always use xisxxxx() Squid defined macros instead of ctype
    functions.
  * Round time to next event upwards to avoid storms of comm_select
    loops doing nothing
  * Adjust refresh_pattern min-age to make 0 mean 0, not 1 second
  * URI-escape using the recommended upper case
  * Correct the refresh_pattern ignore-auth documentation to refer
    to CC: public
  * Dump out the config manual while making snapshots
  * Script to build HTML configuration manual from cf.data
  * Shuffle around various configuration options into their own
    sections

- moved cachemgr.cgi to %{_libdir}/squid to make rpmlint happy

- upgrade to 2.6.STABLE13:
  * Make sure reply headers gets sent even if there is no body available
    yet, fixing RealMedia streaming over HTTP issues.
  * Undo an accidental name change of storeUnregisterAbort.
  * Kill an ancient malplaced storeUnregisterAbort call from ftp.c
  * Bug #1814: SSL memory leak on persistent SSL connections
  * Don't log ECONNREFUSED/ECONNABORTED accept failures in cache.log
  * Cosmetic fix: added missing newline in WCCPv2 configuration dump.
  * Ukrainan error messages
  * Convert various error pages from DOS to UNIX text format
  * Bug #1820: COSS assertion failure t->length == MD5_DIGEST_CHARS
  * Clarify the max-conn=n cache_peer option syntax slightly
  * Bug #1892: COSS segfault on shutdown
  * Windows port: fix undefined ECONNABORTED
  * Make refreshIsCachable handle ETag as a cache validator, not
    only last-modified
  * in_port_t is not portable, use unsigned short instead
  * Fix fs / auth / snmp dependencies
  * Portability: statfs() may reqire #include <sys/statfs.h>

- added valgrind-devel to buildrequires

- upgrade to 2.6.STABLE12:
  * Upgrade HTTP/0.9 responses to our HTTP version (HTTP/1.0)
  * various diskd bugfixes
  * In the access.log hierarchy field log the unique peer name
    instead of the host name
  * unlinkdClose() should be called after (not before)
    storeDirSync()
  * CLEAN_BUF_SZ was defined, but never used anywhere
  * logging HTTP-request size
  * Fix icmp pinger communication on FreeBSD and other not
    supporing large dgram AF_UNIX sockets
  * Release objects on swapin failure
  * Objects stuck in cache if origin server clock in future
  * 302 responses with an Expires header is always cached
  * Primitive support for HTTP/1.1 chunked encoding, working around
    broken servers
  * Clean up relations between TCP probing and DNS checks of peers
    with no known addresses.
  * Fix a minor HTML coding error in ftp directory listings with //
    in the path
  * Cleanup of refresh logics when dealing with non-refreshable
    content
  * Gopher cleanups and bugfixes
  * Negotiate authentication fixed again. Broken since STABLE7 by
    the patch for
  * COSS tries to shut down the same directory twice on exit
  * store*DirRebuildFromSwapLog() ignores some SWAP_LOG_DEL entries
  * Added support for Subversion HTTP request methods MKACTIVITY,
    CHECKOUT and MERGE.
  * assertion failed: client_side.c:4055: "buf != NULL ||
    !conn->body.request"
  * Handle garbage helper responses better in concurrent protocol
    format
  * Fix kqueue when overflowing the changes queue
  * Make sure the child worker process commits suicide if it could
    not start up
  * Don't log short responses at debug level 1
  * Fix bswap16 & bwsap32 error on NetBSD
  * Fix collapsed_forwarding for non-GET requests
  * Assertion error on TRACE

- needsrootforbuild injected: urgently required for ulimit setting

- upgrade to 2.6.STABLE9 with this fixes:
  * Date parsing error causing objects to get unexpectedly cached.
    Problem introduced in 2.6.STABLE6.
  * authenticateNTLMFixErrorHeader: state 4. NTLM & Negotiate
    instability introduced in 2.6.STABLE6.
  * Primitive support for HTTP/1.1 chunked encoding, working around
    broken servers sending chunked encoding in response to HTTP/1.0
    requests.
  * STALE: Entry's timestamp greater than check time. Clock going
    backwards?
  * Don't update object timestamps on a failed revalidation.
  * If-Modified-Since broken in 2.6.STABLE8
  * diskd bug in storeDiskdIOCallback()

- reinjected SAMBAPREFIX into specfile (bugzilla#236317)

- upgrade to 2.6.STABLE7:
  * Windows port: Fix intermittent build error using Visual Studio
  * Add missing tproxy info from the dump of http port
    configuration
  * Bug #1853: Support for ARP ACL on NetBSD
  * clientNatLookup(): fix wrong function name in debug messages
  * Convert ncsa_auth man page from DOS to Unix text format.
  * Bug #1858: digest_ldap_auth had some remains of old hash format
  * Correct the select_loops counter when using select(). Was
    counted twice
  * Clarify the http_port vhost option a bit
  * Fix cache-control: max-stale without value or bad value
  * Bug #1857: Segmentation fault on certain types of ftp://
    requests
  * Bug #1848: external_acl crashes with an infinite loop under
    high load
  * Bug #1792: max_user_ip not working with NTLM authentication
  * Bug #1865: deny_info redirection with authentication related
    acls
  * Small example on how to use the squid_session helper
  * Bug #1863: cache_peer monitorurl, monitorsize and
    monitorinterval not working properly
  * Clarify the transparent http_port option a bit more
  * Bug #1828: squid.conf docutemtation error for proxy_auth digest
  * Bug #1867: squid.pid isn't removed on shutdown

- install pam_auth setuid root instead of setgid shadow (#216816)
- fix permissions handling

- fixed gnu ftpserver name mangling (bugzilla#230751)
- fixed pidfile removal issue (bugzilla#223067)

- upgrade to 2.6.STABLE5:
  * Whitespace cleanup
  * Preparing for 2.6.STABLE6
  * Resurrect httpd_accel_no_pmtu_disc after the transparent interception
    cleanup
  * Spell check in release notes
  * Windows port: Updated release notes
  * Windows port: Fixed build error on MinGW using SSL support
  * Windows port: Updated release notes
  * Windows port: Fix build errors when using latest MinGW environment
  * Bug #1641: assertion failed: stmem.c:149: "size > 0" while processing
    certain Vary objects
  * Bug #1840: Disable digest and netdb queries to multicast peers
  * Bug #1839: Cosmetic debug message cleanup in peerHandleHtcpReply.
  * Bug #1801: NTLM authentication ends up in a loop if the server responds
    with a retriable error
  * Bug #439: Multicast ICP peering is unstable and considers most peers dead
  * Fix the WCCPv2 mask assignment code to not crash as the value assignments
    are built.
  * Bug #1584: Unable to register with multiple WCCP2 routers
  * Convert the connStateData->chr single link list to a normal dlink_list for
    clarity.
  * Accept large dates >2^31. Seen for example in the Google logo.
  * Remove old leftover variable after the client_side buffer cleanup
  * Reduce memory allocator pressure by not continually allocating client-side
    read buffers
  * Remove malloc/free of temporary buffer in time parsing routines.
  * Document that proxy_auth also accepts -i for case-insensitive operation
  * Convert snmpDebugOid to use a temporary String object instead of strcat
  * Bug #1832: Error building squid-2.6.STABLE5 using --enable-truncate
  * Add support for the weight= parameter to round-robin peers
  * Fix defaultsite= processing after the accelerator mode cleanup
  * Clarify the external_acl_type helper format specification and some defaults
  * Bug #1773: Segmentation violation bug in the cleanup of transparent mode
  * Cleanup to silence a harmess GCC inline warning
  * Bug #1805: assertion failed: StatHist.c:195: "D[i] >= 0"
  * Remove extra newline in redirect message sent by deny_info http://...
    aclname
  * Bug #1117: assertion failed: aufs/store_dir_aufs.c:642:
    "rb->flags.need_to_validate"
  * Bug #1818: Assertion failure assert(e->swap_dirn >= 0) in fs/coss/
    store_dir_coss.c storeCoss_DeleteStoreEntry
  * Windows port: updated release notes
  * Only use crypt() if it's available
  * automake no longer recommends mkinstalldirs. Remove it from the
    distribution.
  * Bug #1799: Harmless 1 byte buffer overflow on long host names in /etc/hosts
  * Cleanup of transparent & accelerator mode request parsing to untangle the
    firewall dependencies a bit
  * Add client source port logformat tag >p
  * Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c
    htcpBuildAuth()

- upgrade to version 2.6.STABLE5, which is only a bug fix version, with
  these most important bug fixes:
 * Some memory leaks corrected, some of which could result in
   denial of service conditions after some time.
 * Assertion failure related to Vary/ETag processing, which could 
   maybe result in a denial of service condition.
 * Delay pools now assigns bandwidth fairly among competing
   connections.
 * Port 563 removed from the default set of SSL ports.
- Changes from 2.6.STABEL4 to 2.6.STABEL5 in detail:
 * 2.6.STABLE4 aufs fails to compile if coss isn't enabled
 * COSS improvements and cleanups
 * SNMP linking issue resolved, enabling SNMP support to be build in all
   platforms
 * access_log syslog results in blanks syslog lines between every entry
 * Incorrect error message on invalid cache_peer specifications
 * Memory leak in handling of negatively cached objects
 * Incorrect Vary processing in combination with collapsed_forwarding
 * Memory leak in ncsa_auth on password changes
 * Suppress some annoying coss startup messages raising the debug level
   to 2.
 * Clarify the external_acl_helper concurrency= change.
 * aioDone() could be called twice from aufs and from coss (when using
   AIOPS) during shutdown.
 * Accept 00:00-24:00 as a valid time specification even if redundand
   and the same as 00:00-23:59
 * Theoretical memory leak in storeSetPublicKey
 * Removing port 563 from the default SSL_ports and Safe_ports ACLs
 * Automatically enable Linux Netfilter support with
   --enable-linux-tproxy.
 * squid -k reconfigure crash when using req/rep_header acls
 * Clarify the select/poll/kqueue/epoll configure --enable/disable
   options
 * Delay pools fairness when multiple connections compete for bandwidth
 * Crash on exit in certain conditions where cache.log is not writeable
 * Assertion error HttpHeader.c:914: "str"
 * Crash on wccp2 + mask assignement + standard wccp service
 * Silence harmless gcc compile warning.
 * Clean up poll memory on shutdown
 * Ported select, poll and win32 to new comm event framework
 * Windows port: Correctly identify Windows Vista and Windows Server
   Longhorn
 * Added a basic comm_select_simple comm loop only requiring minimal
   POSIX compliance.
 * Safeguard from kb_t counter overflows on 32-bit platforms

- upgrade to version 2.6.STABLE4:
  * New wccp2_weight directive
  * Numeros COSS fixes and improvements
  * Support for WCCP2 hash based assignment and weighted assignments
  * Windows port update
  * Many small fixes to better detect invalid configurations
  * Bug #1760: FTP related memory leak
  * SNMP mib updates for some minor missing details
  * Bug #1590: Silence those harmless ETag loop warnings
  * Bug #1740: Squid crashes on certain malformed HTTP responses
  * Bug #1699: assertion failed: authenticate.c:836:
    "auth_user_request != NULL"
  * a number of other minor and cosmetic bugfixes. See the list of
    squid-2.6.STABLE4 changes and the ChangeLog file for details.
- removed ncsa patch, now upstream included

- fix for buffer size in ncsa auth (bugzilla#202249)

- upgrade to version 2.6.STABLE3:
  * src/dst acl parsing changed to not attempt to guess a netmask
    if none was specified. Instead assume it's an IP address and not
    a network even if it ends in 0
  * Several memory leaks plugged
  * Delay pools now work again (broken in 2.6.STABLE1 &amp; 2)
  * New log_format %ue and %us tags for external acl or ssl user id
  * COSS fixes and performance improvements
  * Include acl's is now shown in their original form in cachemgr
    configuration dumps.
  * ntlm fake_auth finally handles non-ascii user names
  * TCP fallback on truncated DNS responses, making the internal
    DNS client complete.
  * Downloads could hang when using the cache_dir max-size option
  * Fixed some assertion failures and segmentation faults
  * Some small optimizations to reduce CPU usage
  * a number of other minor and cosmetic bugfixes. See the list of 
    squid-2.6 changes and the ChangeLog file for details.

- upgrade to version 2.6.STABLE2:
  * Bug #1650: transparent interception "Unable to forward this
    request at this time"
  * Bug #1658: Memory corruption when using client-side SSL
    certificates
  * Multiple fixes to the experimental COSS cache_dir type Added
  * the missing concurrency parameter to basic/digest auth
    schemes
  * Bug #1669: SEGV in storeAddVaryReadOld Bug #1670: assertion
  * failure: i->prefix_size > 0 in
    client_side.c:2509
  * Bug #1671: transparent interception fails with FreeBSD ipfw or
    Linux-2.2 ipchains
  * Bug #1660: Accept-Encoding related memory corruption Bug #1673:
  * cache digests not served to other caches Bug #1684: xstrdup:
  * tried to dup a NULL pointer! Bug #1688: Assertion failure in
  * HttpHeader.c in some header_access
    configurations
  * Bug #1696, Bug #1700 and more: WCCP2 fixes Bug #1677: Duplicate
  * etags in the If-None-Match in cache
    validations causing lighttpd to fail with error 400
  * Added ARP acl support for OpenBSD and ARP fixes for Windows Bug
  * #1681: All ntlmauthenticator processes are busy new
  * minimum_expiry_time squid.conf directive backported from
    Squid-3
  * Bug #1703: Wrong default path to the diskd helper causing hangs
  * at
    100% CPU
  * Bug #1685: Crashes or other odd results after
  * storeSwapMetaUnpack:
    errors
  * a number of other minor and cosmetic bugfixes. See the list of
    squid-2.6 changes and the ChangeLog file for details.
- adapted ldflags patch
- added /usr/sbin/cossdump

- Fix build requires.

- upgrade to version 2.6.STABLE1:
o bug fixes
o Major improvements to the way that Squid handles web proxy,
  accelerated and transparent proxy requests to make it easier to
  configure transparent and acceleration functionality
o WCCPv2 support multiple cache engines registering with multiple
  WCCP routers and switches.
o TPROXY totally transparent proxy support under Linux, which to
  allow Squid to appear totally invisible to both client and server
  systems when transparently caching requests.
o Support for Etag and Vary HTTP headers. 
o Collapsed forwarding, which gives Squid the ability to
  intelligently merge client requests for objects into one request
  to the server. 
o Support for epoll under Linux, which gives Squid the ability to
  handle many many more concurrent requests with lower CPU
  overhead.
o SSL assisted hardware encryption making use of OpenSSL
  functionality within Squid.
o Logging enhancements to allow even greater customization of the
  way Squid logs requests in the access-log or to syslog if
  required
o Authentication enhancements including Negotiate/Kerberos support,
  extra workarounds for NTLM clients and others using Microsoft
  Integrated Login.
o Additional external_acl parameters to support SSL and even more
  client side parameters.
o ACL changes in conjunction with SSL changes which have been
  merged, to allow matching based on SSL certificate parameters.
o New authentication helpers:
  - Digest LDAP helper
  - Native Windows basic, NTLM and negotiate helpers
  - External acl helpers for session monitoring and native Windows
    group membership check
o HTCP significantly cleaned up and added support for the CLR
  operation to purge contents from the cache
o Support for parsing X-Forwarded-For headers allowing access
  controls to be based on the real client IP even if behind secondary
  proxies
- adapted SUSE patches

- Fix typo.

- Set mandir.
- Use --with-maxfd and don't build as root.
- Don't lose LDFLAGS.

- added 6 official upstream patches

- added 15 official upstream patches
- updated FAQ

- converted neededforbuild to BuildRequires

- Don't strip binaries.

- added 2 official patches
- updated FAQ

- compile with -fno-strict-aliasing

- upgrade to squid-2.5.STABLE12
- added official patches
- updated FAQ

- upgrade to squid-2.5.STABLE11
- added official patches (includes CAN-2005-2917 and CVE-2005-3258)
- changed error message when creating cache dir (bugzilla#118561) 

- add -DLDAP_DEPRECATED (to RPM_OPT_FLAGS, since they're the only
  ones respected by all subsystems)

- added latest official patches from squid-cache.org

- fixed problem in rc script (bugzilla#100250)

- added latest official patches
- updated FAQ
- changed rc.squid to honor $SQUID_CONF (bugzilla#98186)

- upgrade to squid-2.5.STABLE10
- added official patches and added cachemgr.conf
- adapted local patches

- build with fPIE/pie
- use RPM_OPT_FLAGS
- rename vprintf to packer_vprintf (macro clash) 

- fixed rc script for upgrade (bugzilla#76687)

- fixed permission problem (bugzilla#71801)
- fixed ulimit problem (bugzilla#71848)
- added 14 upstream patches (only minor+cosmetic)
- updated FAQ

- update to version 2.5.STABLE9

- updated FAQ

- fix for fillup and norootforbuild trigger

- update to version 2.5.STABLE8
- added latest official patches
- shutdown timeout is now configurable (bugzilla#50785)
- fixed init message for squid shutdown (bugzilla#50786)

- Use <owner>:<group> in permissions file.

- Use common-* PAM configuration

- updated FAQ documents
- added 3 official patches (2 minor, 1 cosmetic)

- removed ancient notify message
- added four official fixes

- added official fix for crash in NTLM module
- added ie_blocker configuration as suggested by Markus Gaugusch

- added 15 official patches
- had to adapt 2 of the official patches to SUSE configuration
- reenabled linux-netfilter on public request
- removed the error directory from %doc, as its already in %sysconfig

- update to version 2.5.STABLE6

- added EGREP definition in spec file to make configure happy
- added 13 official patches, with three major fixes;
  and includes fix for cache_mem variable > 2048MB (bugzilla#42417)
- replaced NTLM security fix with official one

- buffer overflow fix in NTLM authentication helper (bugzilla#41771)

- added 1 mainstream patch (minor)
- updated FAQ documents

- updated FAQ documents
- added official patches: 2xcosmetic, 1xminor
- re-enabled transparent proxy support for sles (thx ke)
- re-enabled heap removale policy for sles

- added official patches: 2xcosmetic, 2xmedium, 1xmajor
- enabled more store I/O modules for sles products

- added two official patches: timeout produces wrong error code,
  deny_info redirection escaped wrong
- update FAQs with latest available

- added official patches

- added four official patches

- upgrade to squid-2.5.STABLE5

- added many official patches (> 10)
- rejected official squid-2.5.STABLE4-ntlm_auth_popups.patch (breaks build)
- dropped winbind authentification support
  (according to author and FAQ no longer supported with samba3.x)
- updated FAQ

- fixes for samba3 (first try - waiting for approve by personal samba
  contact :)
- added next official patch: squid-2.5.STABLE4-ftp_telnet.patch
- rejected official patch: squid-2.5.STABLE4-ntlm_auth_popups.patch
  causes a lot of compilation problems.

- added missing (official) squid-2.5.STABLE4-xpi_mime.patch

- added official patches (and did some fixes)

- Build as normal user
- Add pam-devel to neededforbuild

- enabled external-acl-helpers

- fixed RELEASENOTES version in %doc

- updated to 2.5.STABLE4
- removed old patches
- and added new ones. :-)

- change e-mail to root in squid.spec as suggested in bugzilla#31447

- Fix pam_auth permissions/group (like in /etc/permissions)

- added another upstream patch (delay_access_auth); had to make him fit

- removed patch listed twice: Patch10 and Patch11
- added official patches of last two weeks
- updated documentation to latest version
- fixed smb_auth (bugzilla#28260)

- specfile: restart of daemon on rpm package update (bugzilla#29036)
- try-restart needs rc_status for test and not rc_stop (bugzilla#26937)
  

- added next bunch of official patches (w/o improvement patch)

- Fix chown calls.

- added a bunch of official patches

- updated to 2.5.STABLE3
- added official patches
- fixed build problems with unpackaged files

- updated to 2.5.STABLE2
- added official patches
- made several fixes (and adaption of old ones)

-  rediffed some patches to make it build

- Remove cyrus-sasl from neededforbuild

- updated neededforbuild: samba-devel -> samba (bugzilla#24235)

- added official patches
- adapted the winbind patch (bugzilla#24235) (hopefully builds on all archs)
- updated FAQ

- added and updated /etc/permissions.d/squid (bugzilla#23752)

- added manual pages
- added a few fixes for 64bit architecture
- enabled some useful (configure) options

- added all the missing official patches (before feature freeze)
- changed default heap replacement policy from "lru" to "heap"

- Use pam_unix2.so instead of pam_unix.so

- fix of automake fix
- added another official patch (today released)

- added mime.conf link and ...
- thanks to ro for again forgotten neededforbuild update

- fixed neededforbuild for the umpteenth time ... 

- added next official patches
- requires now use of automake system
- fixed problematic config file mime.confs (now in /etc)

- added several official patches from www.squid-cache.org *sigh*
- added missing cachemgr.cgi
- added missing contrib files from old squid version
- added FAQ in various forms; downloaded from www.squid-cache.org
- added scripts as %doc

- fixed neededforbuild "sp" -> "opensp" 

- added another bunch of official patches
- fixed path problems (runtime) in spec file

- updated to 2.5.STABLE1
- added official patches
- tuned up spec file

- changed neededforbuild <sp> to <opensp>
- changed neededforbuild <sp-devel> to <>

- fixed pathes in squid.logrotate (bugzilla#18792)

- added official msnt_auth patch
- added test for suse_version to be backward compatible with PreReq:

- fixed spec file: new PreReq tokens
- fixed spec file: file permission for cache_dir and log_dir
- fixed rc script: now honors cache_dir in squid.conf and fails if
  problems in creation (bugzilla #14892)

- fixed Requires/Provides in SPEC file.

- added useful configure options
- added a lot of new authentification methods (and therefore conflicts
  with RPM smb_auth)
- re-organized %Files section

- created /etc/logrotate.d/squid

- update to patchlevel 2.4STABLE7 (dropping the respective patches)
- rc.squid INIT section: use X-UnitedLinux-Should-Start
- move configuration to /etc/squid
- install error message files to /usr/share/squid. Link to English
  as default.
- drop %pre script that renamed /usr/share/squid/errors
- use %defattr

- create squid user also at begin of install section 

- squid does not need a valid login shell. 

- Update to 2.4.STABLE6 (dropping the last two patches), and add
  several new security fixes (see
  http://www.squid-cache.org/Versions/v2/2.4/bugs/):
  * Buffer overflows in the Gopher client
  * Sanity checks of the FTP data channel
  * FTP directory parsing buffer overflows
  * Make Squid deny transfer-encoding to work around Apache issue
  * Insecure forwarding of proxy_auth
  and minor fixes:
  * cache_mem documentation
  * client -T not implemented
  * HTCP coredump on "squid -k reconfigure"
  Not included, because the module is not activated: 
  * Buffer overflows in the MSNT auth helper (updating the module
    from 1.2 to 2.0)
- Using useradd in the specfile.

- squid-2.4.STABLE3-rfc1035-security.diff fixes compressed dns
  reply buffer overflow.

- disable HTCP support (upon recommendation of Henrik Nordstrom
  <hno@squid-cache.org>). The implementation lacks access control
  and logging, and does not add any value to cache peering compared
  to ICP.

- test for correct cache directory in rc.squid
- specify DEFAULT_PID_FILE

- added three security-relevant patches, combined in 
  squid-2.4.STABLE3-misc-sec.dif:
  * "htcp port 0" fails to disable the HTCP port
  * coredump on ftp:// style URLs
  * fix for SNMP memory leaks
  See http://www.squid-cache.org/Versions/v2/2.4/bugs/.

- update to 2.4.STABLE3: numerous bug fixes. for the Changelog see
  http://www.squid-cache.org/Versions/v2/2.4/ChangeLog.txt 
- make file locations more FHS conform:
  /var/squid/cache --> /var/cache/squid
  /var/squid/logs --> /var/log/squid
- drop security patch (included upstream)

- replace GmbH --> AG

- removed START_SQUID 

- update to 2.4RC2 (prev. squid-beta package)
- use buildroot
- fix security hole where squid could be crashed by certain requests

- specfile fix: install /etc/squid.conf with noreplace [Bug #10023]

- removed /lib/security path from pam.d config file 

- initscript and textfiles moved away from squid-2.3.STABLE4.dif 

- changed neededforbuild <sp_libs> to <sp-devel>

- initscript fix: don't start squid in runlevel 2 [bug #7956]

- bzip2 sources

- initscript fix: check for running squid before creating cache-dir

- squid.conf: allow localhost access to squid by default
- initscript: ulimit -n 4096 added to increase filedescriptors
- cachemgr.cgi moved to doc/scripts
- build of Programming-Guide removed from specfile
 

- initscript-fix: $named for added for required startup

- new initscript more LSB conform

- new patch from www.squid-cache.org applied

- Fix bogus requires

- changed for openldap2 

- fixed neededforbuild for openldap

- package squid23 renamed to squid 
- specfile: Obsoletes squid2 and squid23 added
            Conflicts squid-beta added (instead of squid24)
- pam_auth: permissions set to sgid shadow
- build of doc/Programming-Guide fixed

- specfile fix: ulimit was missing and conflicts squid24 added

- squid.h patched to allow increase of available filedescriptors: 
  set to 4096 at buildtime by "ulimit -n 4096" in spec-file

- use official tags for required-start 

- error in initscript fixed

- Requires ldaplib added in specfile
- errors in README.SuSE fixed

- hno-patch by Henrik Nordstrom included
- Initscript now checks for a running squid

- new patches from www.squid-cache.org included

- Fix location of rcscript

- rcscript update

- fixed neededforbuild 

- Fix need for build filelist 

- initscript reload-option fixed
- more patches from www.squid-cache.org

- another patch from www.squid-cache.org added

- patch ftp_icon_not_found from www.squid-cache.org added

- update -> squid-2.3.STABLE4

- another patch from www.squid-cache.org added

- specfile-fix: installation of docu changed
- initscript fixed

- new patches ("Disk space over the limit") included

- update -> squid-2.3STABLE3

- logfile-rotation disabled in squid.conf to avoid interaction 
  with logfile-compression configured in /etc/logfiles

- new patches from squid.nlanr.net included

- update -> squid-2.3STABLE2

- more patches from squid.nlanr.net included
- init-script fix: wait for squid to shutdown
- location of pid-file changed to /var/run

- initial squid2.3STABLE1 package by bodammer
Comments 0
openSUSE Build Service is sponsored by