Search squid archive

Squid 3.2.0.5 beta is available

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The Squid HTTP Proxy team is very pleased to announce the
availability of the Squid-3.2.0.5 beta release!


This release brings in a lot of polish and completes two more of the structural bugs/features before release 3.2 can be made.


Several regressions in the earlier 3.2 beta have been resolved:
 * profiler should not have been built by default
 * Bug 3081: assertion failed: AsyncCallQueue
 * Bug 2948: Requests for FTP active downloads cause failed assertion
 * Bug 3089: FTP command output overrides directory listing


Other bugs and problems resolved:

- Bug 2870: Make Squid obey --disable-auth and --disable for the individual authentication modules. This is a big change with effects feature availability and behaviour in several unusual places. If you wish to use this please read the change commit message or http://squidproxy.wordpress.com/2011/02/10/disabling-authentication/ for a long description of the changes and effects.

 - HTTP/1.1: Support configurable status codes for deny_info
   3xx and 4xx and 5xx codes may now be configured.
   see the config documentation for details.

 - Bug 2586: multiple memory leaks during reconfigure
 - Bug 2581: FTP directory listing sometimes fails
 - Port from 2.7: maximum staleness limits
 - Support upcoming "fresh message creation" eCAP API
 - Aggregate SNMP responses when using SMP with multiple workers
 - Several more Solaris, Windows and ICC support fixes. This is ongoing.



As usual this beta contains all the fixes passed on to 3.1 series alongside its own changes. There are several important changes shared with the 3.1.11 release which need to be noticed:


Bug 3144: URL re-write/redirect programs are potentially vulnerable to hanging while receiving very long URLs. Due to buffer overflow protections truncating long URLs. This enables trusted clients to perform a DoS on the Squid server, possibly via loading web links in a malicious website. Popular scripting helpers appear not to be vulnerable to this DoS effect, but will produce errors or truncated URL output instead. Helpers which depend on and wait for receiving the API documented newline terminator are all vulnerable.
 Squid will now catch these and produce a 414 status code error instead.


Bug 2959: We have removed the use of environment variable SAMBAPREFIX during build. Instead the helpers which previously used it to locate the Samba tools require those tools (nmblookup, smbclient, wbinfo) to be available in the system $PATH. This allows several helpers to be build on systems without Samba as long as it is present when they are run. * Build scripts should be forward-compatible since the Squid build simply ignores the variable now. * Run-time scripts may need a check and update to ensure the above mentioned Samba tools are in the system $PATH now.


Pipelining is one of the standard HTTP features which clashes and breaks badly when NTLM or Negotiate/Kerberos TCP connection authentication are performed. Squid will now produce a warning message and disable pipelining cleanly if those authentication methods are configured in Squid. The default setting for pipelining is OFF. Configurations receiving that waring should remove the pipeline_prefetch directive from their squid.conf.

WARNING: the current Squid will not produce this notice if NTLM or Negotiate/Kerberos are simply passed through Squid to an origin server. If you are aware of such traffic needing to pass through your Squid it is up to you to ensure pipelining remains OFF.



Users of earlier 3.2 beta releases are encouraged to test this beta out and upgrade as soon as possible.


Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
when you are ready to make the switch to Squid-3.2

This new release can be downloaded from our HTTP or FTP servers

      http://www.squid-cache.org/Versions/v3/3.2/
      ftp://ftp.squid-cache.org/pub/squid/
      ftp://ftp.squid-cache.org/pub/archive/3.2/

or the mirrors. For a list of mirror sites see

      http://www.squid-cache.org/Download/http-mirrors.dyn
      http://www.squid-cache.org/Download/mirrors.dyn

If you encounter any issues with this release please file a bug report.
      http://bugs.squid-cache.org/


Amos Jeffries


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux