2011年8月30日

[installer 2926] squid-3.2.0.11, 3.1.15

squid-3.2.0.11, 3.1.15 出ています。

今さら感がありますが、3.2.0.11 については CVE-2009-0801 の修正が
含まれているようです。

☆ squid-3.2.0.11
http://www.squid-cache.org/
http://www.squid-cache.org/Versions/v3/3.2/squid-3.2.0.11.tar.gz


Changes to squid-3.2.0.11 (28 Aug 2011):

- Bug 3243: CVE-2009-0801 Bypass of browser same-origin access control
- Host: authority validation of intercepted destination IP
- Host: authority validation of request URL
- Host: authority validation of CONNECT tunnel destination
- Preserve client destination IP in intercepted communication
- Regression Bug 3316: Failed to connect to nameserver using TCP
- Regression Bug 3311: segmentation fault in getMyPort() with only intercept port set
- Regression Bug 3310: %<pt translates as %<p
- Regression Bug 3301: ERR_DNS_FAIL never shown (partial)
- Regression Bug 3288: %<la and %<lp not displaying
- Bug 3289: cache manager parameters not parsed without password
- Bug 2279: Log Format options to log server source IP and port
- Bug 3211: ssl_crtd start even if no ssl-bump port is configured
- Bug 3138: squidclient mgr:objects/mgr:vm_objects never ends
- Bug 3118: ecap_enable on forces icap_enable on
- Bug 3107: ncsa_auth DES silently truncates passwords to 8 bytes
- Default to vhost for accelerator mode (reverse proxy)
- Display HTTP protocol syntax at section 11 level 2
- Support for using custom keys in CARP parents
- Optimize regular expression ACLs
- ... and a lot of code portability fixes
- ... and all bugs and polish changes from 3.1.15


☆ squid-3.1.15
http://www.squid-cache.org/
http://www.squid-cache.org/Versions/v3/3.1/squid-3.1.15.tar.gz

Changes to squid-3.1.15 (28 Aug 2011):

- Regression fix: vhost and defaultsite causing vport to be ignored
- Regression Bug 3295: broken escaping in rfc1738_do_escape
- Bug #3232: fails to compile with OpenSSL v1.0.0
- Bug #3222: cache_peer name is not logging on CONNECT
- Bug #3131: fd_table[fd].closing() assert from ConnStateData::noteMoreBodySpaceAvailable()
- Bug #3217: "!fd_table[fd].closing()" from ServerStateData::noteMoreBodySpaceAvailable
- Bug #3213: https sites (CONNECT) not open when using NTLM
- Bug #3114: Memory leak in SSL certificate verify code
- Bug #3107: ncsa_auth DES silently truncates passwords to 8 bytes
- Bug #2662: cf_gen failure when cross compiling
- Bug #2655: passing wrong the username to the url_rewrite_program
- Bug #2495: ignore whitespace prefix on config lines
- Bug #2051: 'default' cache_peer option does not match documentation
- Bug #1842: Optimize order of tests in peerWouldBePinged() and peerHTTPOkay()
- Bug #1791: timestampsSet does not validate Date: if server sends very old date
- Correct parsing of large Gopher indexes
- Enable negative cacheing on unknown or -1 expiry timestamp
- Remove hierarchy_stoplist default value
- Migrate cf_gen tool from C-style to C++
- ... and several documentation and compiler warning fixes

----
こがよういちろう


投稿者 xml-rpc : 2011年8月30日 13:31
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/105988
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。