Releases: kinkie/squid
Releases · kinkie/squid
v5.0.5
Changes in squid-5.0.5 (02 Feb 2021):
- HTTP: Do not send Connection:keep-alive/close in HTTP Upgrade requests
- Translations: Add es-mx dialect translation of error pages
- Fix missing port in request-target of CONNECT requests to peers
- Fix some warnings about client_lifetime timeout
- ... and several documentation updates
- ... and some debug improvements
- ... and all fixes from 4.14
v4.14
Changes in squid-4.14 (02 Feb 2021):
- Regression Fix: support for non-lowercase Transfer-Encoding value
- Regression Fix: cachemgr.cgi wrong 403 response to authenticated menu URIs
- Bug 5076: WCCP Security Info incorrect
- Bug 5073: Compile error: index was not declared in this scope
- Bug 5065: url_rewrite_program documentation update
- Bug 3074 pt2: improved handling of URI paths implicit '/'
- Fix transactions exceeding client_lifetime logged as _ABORTED
v5.0.4
Changes in squid-5.0.4 (23 Aug 2020):
- Bug 5054: mark dns_v4_first as obsolete in cf.data.pre
- Bug 5048: ResolvedPeers.cc:35: "found != paths_.end()" assertion
- Reforward CONNECT after TLS handshake failure with peer
- Do not send keep-alive in 101 (Switching Protocols) responses
- Add http_port sslflags=CONDITIONAL_AUTH
- ... and several documentation changes
- ... and some compile fixes
- ... and all fixes from 4.13
v4.13
Changes to squid-4.13 (23 Aug 2020):
- Regression Fix: Support parsing GREASEd (and future) TLS handshakes
- Bug 5051: Some collapsed revalidation responses never expire
- HTTP: Enforce token characters for field-name
- HTTP: Forbid obs-fold and bare CR whitespace in framing header fields
- HTTP: Improve Transfer-Encoding handling
- WCCP: Fix GCC-10 -Wstringop-truncation failures
- Honor on_unsupported_protocol for intercepted https_port
- Fix livelocking in peerDigestHandleReply
- Do not stall while debugging a scan of an empty store_table
v5.0.3
Changes in squid-5.0.3 (05 Jun 2020):
- Bug 5046: FreeBSD lacks open(2) O_DSYNC flag
- Happy Eyeballs: Do not discard viable reforwarding destinations
- Reduced startup time with large rock cache_dirs
- Fix the ABA problem with Ipc::Mem::PageStack::pop() in v5.0.1
- Fix sending of unknown validation errors to certificate validator
- ... and several debug improvements
- ... and all fixes from 4.12
v4.12
Changes to squid-4.12 (05 Jun 2020):
- Regression Fix: Revert to slow search for new SMP shm pages
- Bug 5045: ext_edirectory_userip_acl is missing include files
- Bug 5041: Missing Debug::Extra breaks build on hosts with systemd
- Bug 5030: Negative responses are never cached
- HTTP: validate Content-Length value prefix
- HTTP: add flexible RFC 3986 URI encoder
- SslBump: disable OpenSSL TLSv1.3 support for older TLS traffic
- Tests: Support passing a custom config.cache to test builds
- Fix IPFilter IPv6 detection, especially on NetBSD
- Fix stall if transaction overwrites a recently active cache entry
- ... and some compile fixes
v5.0.2
Changes in squid-5.0.2 (18 Apr 2020):
- Bug 5030: Negative responses are never cached
- Bug 4796: comm.cc !isOpen(conn->fd) assertion when rotating logs
- Support worker-dedicated listening queues (SO_REUSEPORT)
- High precision time units
- Ban reserved annotations in "note", "adaptation_meta" directives
- ESI: convert parse exceptions into 500 status response
- Fix PURGE error responses
- ... and several documentation changes
- ... and some compile fixes
v4.11
Changes to squid-4.11 (18 Apr 2020):
- Bug 5036: capital 'L's in logs when daemon queue overflows
- Bug 5022: Reconfigure kills Coordinator in SMP+ufs configurations
- Bug 5016: systemd thinks Squid is ready before Squid listens
- kerberos_ldap_group: fix encryption type for cross realm check
- HTTP: Ignore malformed Host header in intercept and reverse proxy mode
- Fix Digest authentication nonce handling
- Supply ALE to request_header_add/reply_header_add
- ... and some documentation updates
- ... and some compile fixes
v5.0.1
Changes in squid-5.0.1 (14 Jan 2020):
- Bug 4989: Leaking StoreEntry objects on Cache Digest rebuilds
- Bug 4912: same-name notes being appended instead of replaced
- Bug 4864: !Comm::MonitorsRead assertion in maybeReadVirginBody()
- Bug 4579: cannot hit an entry being written by another worker
- ICAP: Initial support for trailers
- Add auth_schemes to control schemes presence and order in 401s/407s
- Make CONNECT ACL a built-in default
- Remove USE_CHUNKEDMEMPOOLS compiler flag
- Two new ACLs implemented: annotate_transaction and annotate_client
- Add response delay pools feature for Squid-to-client speed limiting
- QA: allow test-suite to be run without a full build
- Happy Eyeballs: Use each fully resolved forwarding destination ASAP
- Support selective CF: collapsed_forwarding_access
- Reworked packet/connection marking
- Add new deny_info %A macro
- Identify collapsed transactions
- Add sample Kerberos group authentication external_acl helper
- Optimization: Fewer memory (re)allocations for HTTP headers
- Add TrivialDB support
- Do not send Content-Length in 1xx or 204 responses
- negotiate_kerberos_auth: fix memory leaks
- ntlm_fake_auth: add ability to test delayed responses
- Add %ssl::<cert macro for logging server X.509 certificate
- Reuse reserved Negotiate and NTLM helpers after an idle timeout
- Log PROXY protocol v2 TLVs
- Support logformat %codes in error page templates
- Fix incremental parsing of chunked quoted extensions
- Peering support for SslBump
- RFC 8586: Loop Detection in Content Delivery Networks
- Prevent TLS transaction stalls by preserving flags.read_pending
- Fix "BUG: Lost previously bumped from-Squid connection"
- Add %master_xaction logformat code
- Log "-" instead of the made-up method "NONE"
- Add GeneratingCONNECT step for the existing at_step ACL
- Report context of level-0/1 cache.log messages
- Re-enabled updates of stored headers on HTTP 304 responses
- Translations: Fix grammatical error in French error pages
- Smarter auth_param utf8 handling, including CP1251 support
- Fix rock disk entry contamination related to aborted swapouts
- Send HTTP/500 (Internal Server Error) when lacking peers
- Fix prohibitively slow search for new SMP shm pages
- Centralized PagePool/PageStack ID generation
- ... and many documentation changes
- ... and much code cleanup and polishing
v4.10
Changes to squid-4.10 (14 Jan 2020):
- Bug 5009: Build failure with older clang libc++
- Bug 5008: SIGBUS in PagePool::level() with custom rock slot size
- Bug 5007: Docs: Fix max_filedescriptors description
- Bug 4735: Truncated chunked responses cached as whole
- ext_lm_group_acl: Improved username handling
- Fix FTP buffers handling
- Fix shared memory size calculation on 64-bit systems
- Fix server_cert_fingerprint on cert validator-reported errors
- Fix request URL generation in reverse proxy configurations
- ... and several documentation updates
- ... and several compile fixes