Squid 安定版
詳細情報
タイトル | Squid 安定版 |
---|---|
URL | http://www.squid-cache.org/ |
バージョン | ver 3.5.28 |
更新日 | 2018/07/17 |
追加日 | 2013/08/17 |
種別 | フリーソフト / オープンソース(その他) |
説明 | 定番Web Proxyサーバー。 |
レビュー
レビューはありません。
スクリーンショット
スクリーンショットはありません。
更新グラフ
バージョン履歴
Changes to squid-3.5.28 (15 Jul 2018):
- SQUID-2018:1: crash processing SSL-Bumped traffic containing ESI
- SQUID-2018:2: crash handling responses to internally generated requests
- SQUID-2018:3 / CVE-2018-1172: crash in ESI Response processing
- Bug 4861: HTTPMSGLOCK missing pointer safety
- Bug 4829: IPC shared memory leaks when disker queue overflows
- Bug 4767: SMP breaks IPv6 SNMP and cache manager queries
- Bug 2821: Ignore Content-Range in non-206 responses
- HTCP: Ignore HTCP packets with invalid URI
- SSL-Bump: fix authentication with schemes other than Basic
- TPROXY: Fix clientside_mark and client port logging
- Fix "Cannot assign requested address" for to-origin TPROXY FTP data
- Fix --with-netfilter-conntrack error message
- Validate mime icon URL before allocating store entries
- ... and many documentation changes
Changes to squid-3.5.27 (20 Aug 2017):
- Regression Bug #4112: ssl_engine does not accept cryptodev
- Bug 4687: Wrong names of components in man page, section SEE ALSO
- Bug 4671: various GCC 7 compile errors
(省略されました)
- SQUID-2018:1: crash processing SSL-Bumped traffic containing ESI
- SQUID-2018:2: crash handling responses to internally generated requests
- SQUID-2018:3 / CVE-2018-1172: crash in ESI Response processing
- Bug 4861: HTTPMSGLOCK missing pointer safety
- Bug 4829: IPC shared memory leaks when disker queue overflows
- Bug 4767: SMP breaks IPv6 SNMP and cache manager queries
- Bug 2821: Ignore Content-Range in non-206 responses
- HTCP: Ignore HTCP packets with invalid URI
- SSL-Bump: fix authentication with schemes other than Basic
- TPROXY: Fix clientside_mark and client port logging
- Fix "Cannot assign requested address" for to-origin TPROXY FTP data
- Fix --with-netfilter-conntrack error message
- Validate mime icon URL before allocating store entries
- ... and many documentation changes
Changes to squid-3.5.27 (20 Aug 2017):
- Regression Bug #4112: ssl_engine does not accept cryptodev
- Bug 4687: Wrong names of components in man page, section SEE ALSO
- Bug 4671: various GCC 7 compile errors
(省略されました)
Changes to squid-3.5.26 (01 Jun 2017):
- Bug 4711: SubjectAlternativeNames is missing in some generated certificates
- Bug 4695: squidpurge: GCC 7 build errors
- Bug 4682: ignoring http_access deny when client-first bumping mode is used
- Bug 4682: Fix ssl_bump "bump" action documentation
- Bug 4653: %st lies about tunneled traffic volumes
- Bug 4589: ssl_crtd: returning zero on failure
- Bug 3772: message from FTP server gets mangled
- Bug 3102: FTP directory listing drops fist character of file names
- Add OpenSSL library details to -v output
- ... and some documentatino updates
- Bug 4711: SubjectAlternativeNames is missing in some generated certificates
- Bug 4695: squidpurge: GCC 7 build errors
- Bug 4682: ignoring http_access deny when client-first bumping mode is used
- Bug 4682: Fix ssl_bump "bump" action documentation
- Bug 4653: %st lies about tunneled traffic volumes
- Bug 4589: ssl_crtd: returning zero on failure
- Bug 3772: message from FTP server gets mangled
- Bug 3102: FTP directory listing drops fist character of file names
- Add OpenSSL library details to -v output
- ... and some documentatino updates
Changes to squid-3.5.25 (02 Apr 2017):
- Bug 4688: various typo error(s) in man page(s)
- Bug 4508: Host forgery stalls intercepted being-spliced connections
- Native FTP relay: NAT and TPROXY interception fixes
- Fix missing CRLF on FTP timeout ABORT commands
- TLS: Bump client on errors encountered before ssl_bump evaluation
- ext_kerberos_ldap_group_acl: fix unused value warnings
- Fix crash when configuring with invalid delay_parameters restore value.
- Check that -k argument is provided before trying to use it.
- ... and some build fixes
- Bug 4688: various typo error(s) in man page(s)
- Bug 4508: Host forgery stalls intercepted being-spliced connections
- Native FTP relay: NAT and TPROXY interception fixes
- Fix missing CRLF on FTP timeout ABORT commands
- TLS: Bump client on errors encountered before ssl_bump evaluation
- ext_kerberos_ldap_group_acl: fix unused value warnings
- Fix crash when configuring with invalid delay_parameters restore value.
- Check that -k argument is provided before trying to use it.
- ... and some build fixes
Changes to squid-3.5.24 (28 Jan 2017):
- Regression Bug 3940: Make 'cache deny' do what is documented
- TLS: Fix SSLv2 records bumping despite a matching step2 peek rule
- TLS: Mitigate DoS attacks that use client-initiated SSL/TLS renegotiation
- Fix "Source and destination overlap in memcpy" Valgrind errors
- Reduce crashes due to unexpected ClientHttpRequest termination
- Update External ACL helpers error handling and caching
- Detect HTTP header ACL issues
- ... and some documentation fixes
- Regression Bug 3940: Make 'cache deny' do what is documented
- TLS: Fix SSLv2 records bumping despite a matching step2 peek rule
- TLS: Mitigate DoS attacks that use client-initiated SSL/TLS renegotiation
- Fix "Source and destination overlap in memcpy" Valgrind errors
- Reduce crashes due to unexpected ClientHttpRequest termination
- Update External ACL helpers error handling and caching
- Detect HTTP header ACL issues
- ... and some documentation fixes
Changes to squid-3.5.23 (16 Dec 2016):
- Bug 4627: fix generate-host-certificates and dynamic_cert_mem_cache_size docs
- Bug 4620: NetBSD build error with --enable-ipf-transparent
- Bug 4567: Strange IPv6 shown in access.log
- Bug 4406: SIGSEV in TunnelStateData::handleConnectResponse() during reconfigure and restart
- Bug 4174 partial: fix Write.cc:41 "!ccb->active()" assertion.
- Bug 4169: HIT marked as MISS when If-None-Match does not match
- Bug 4007: Hang on DNS query with dead-end CNAME
- Bug 4004 partial: Fix segfault via Ftp::Client::readControlReply
- Bug 3940 partial: hostHeaderVerify failures MISS when they should be HIT
- Bug 3533: Cache still valid after HTTP/1.1 303 See Other
- Bug 3379: Combination of If-Match and a Cache Hit result in TCP Connection Failure
- Bug 3290: authenticate_ttl not working for digest authentication
- Bug 2258: bypassing cache but not destroying cache entry
- HTTP/1.1: make Vary:* objects cacheable
- HTTP/1.1: Add registered codes entry for new 103 (Early Hints) status code
- Support IPv6 NAT with PF for NetBSD and FreeBSD
- TLS: Make key= before cert= an error instead of quietly hiding the issue
- ... and some debug updates
(省略されました)
- Bug 4627: fix generate-host-certificates and dynamic_cert_mem_cache_size docs
- Bug 4620: NetBSD build error with --enable-ipf-transparent
- Bug 4567: Strange IPv6 shown in access.log
- Bug 4406: SIGSEV in TunnelStateData::handleConnectResponse() during reconfigure and restart
- Bug 4174 partial: fix Write.cc:41 "!ccb->active()" assertion.
- Bug 4169: HIT marked as MISS when If-None-Match does not match
- Bug 4007: Hang on DNS query with dead-end CNAME
- Bug 4004 partial: Fix segfault via Ftp::Client::readControlReply
- Bug 3940 partial: hostHeaderVerify failures MISS when they should be HIT
- Bug 3533: Cache still valid after HTTP/1.1 303 See Other
- Bug 3379: Combination of If-Match and a Cache Hit result in TCP Connection Failure
- Bug 3290: authenticate_ttl not working for digest authentication
- Bug 2258: bypassing cache but not destroying cache entry
- HTTP/1.1: make Vary:* objects cacheable
- HTTP/1.1: Add registered codes entry for new 103 (Early Hints) status code
- Support IPv6 NAT with PF for NetBSD and FreeBSD
- TLS: Make key= before cert= an error instead of quietly hiding the issue
- ... and some debug updates
(省略されました)
Changes to squid-3.5.22 (09 Oct 2016):
- Bug 4594: build failure with clang 3.9
- Bug 4471: revalidation does not work when expired cached object lacks Last-Modified
- Bug 4302 pt2: IPv6 support for IPFilter v5 transparent interception
- Bug 4228: ./configure bug/typo in r14394
- Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration
- Bug 2833: Collapse internal revalidation requests (SMP-unaware caches)
- Fix logged request size (%http::>st) and other size-related %codes
- Fix some memory leaks from putenv()
- Fix memory leaks from url_rewrite_extras and store_id_extras on reconfigure/shutdown
- Fix segfault crash when debugging section 4 at level 9
- HTTP: MUST ignore a [revalidation] response with an older Date header
- Bug 4594: build failure with clang 3.9
- Bug 4471: revalidation does not work when expired cached object lacks Last-Modified
- Bug 4302 pt2: IPv6 support for IPFilter v5 transparent interception
- Bug 4228: ./configure bug/typo in r14394
- Bug 3819: "fd >= 0" assertion in file_write() during reconfiguration
- Bug 2833: Collapse internal revalidation requests (SMP-unaware caches)
- Fix logged request size (%http::>st) and other size-related %codes
- Fix some memory leaks from putenv()
- Fix memory leaks from url_rewrite_extras and store_id_extras on reconfigure/shutdown
- Fix segfault crash when debugging section 4 at level 9
- HTTP: MUST ignore a [revalidation] response with an older Date header
Changes to squid-3.5.21 (08 Sep 2016):
- Bug 4563: duplicate code in httpMakeVaryMark
- Bug 4542: authentication credentials IP TTL updated incorrectly
- Bug 4534: assertion failure in xcalloc when using many cache_dir
- Bug 4428: mal-formed Cache-Control:stale-if-error header
- Bug 3025: Proxy-Authenticate problem using ICAP server
- Fix segfault via Ftp::Client::readControlReply()
- Fix SSL-Bump failure results in SEGFAULT
- HTTP/1.1: MUST always revalidate Cache-Control:no-cache responses
- HTTP/1.1: do not allow Proxy-Connection to override Connection header
- SSL: CN wildcard must only match a single domain component [fragment]
- Bug 4563: duplicate code in httpMakeVaryMark
- Bug 4542: authentication credentials IP TTL updated incorrectly
- Bug 4534: assertion failure in xcalloc when using many cache_dir
- Bug 4428: mal-formed Cache-Control:stale-if-error header
- Bug 3025: Proxy-Authenticate problem using ICAP server
- Fix segfault via Ftp::Client::readControlReply()
- Fix SSL-Bump failure results in SEGFAULT
- HTTP/1.1: MUST always revalidate Cache-Control:no-cache responses
- HTTP/1.1: do not allow Proxy-Connection to override Connection header
- SSL: CN wildcard must only match a single domain component [fragment]
Changes to squid-3.5.20 (01 Jul 2016):
- Bug 4523: smblib compile fails on NetBSD
- Bug 4485: off-by-one out-of-bounds Parser::Tokenizer::int64() read errors
- Bug 3579: assertion failed 'MemPools[type]' from dst_as ACL
- Fix icons loading speed
- Fix OpenSSL detection on FreeBSD
- Fix assertion failed: Write.cc:38: 'fd_table[conn->fd].flags.open'
- Fix SEGFAULT parsing malformed adaptation service configuration
- Fix ConnStateData::In::maybeMakeSpaceAvailable() logic
- Do not override user defined -std option
- Do not allow low-level debugging to hide important/critical messages
- Do not make bogus recvmsg(2) calls when closing UDS sockets
- Support unified EUI format code in external_acl_type
- Bug 4523: smblib compile fails on NetBSD
- Bug 4485: off-by-one out-of-bounds Parser::Tokenizer::int64() read errors
- Bug 3579: assertion failed 'MemPools[type]' from dst_as ACL
- Fix icons loading speed
- Fix OpenSSL detection on FreeBSD
- Fix assertion failed: Write.cc:38: 'fd_table[conn->fd].flags.open'
- Fix SEGFAULT parsing malformed adaptation service configuration
- Fix ConnStateData::In::maybeMakeSpaceAvailable() logic
- Do not override user defined -std option
- Do not allow low-level debugging to hide important/critical messages
- Do not make bogus recvmsg(2) calls when closing UDS sockets
- Support unified EUI format code in external_acl_type
Changes to squid-3.5.19 (09 May 2016):
- Regression Bug 4515: interception proxy hangs
- Regression Bug 4515: interception proxy hangs
Changes to squid-3.5.18 (06 May 2016):
- Bug 4510: stale comment about 32KB limit on shared memory cache entries
- Bug 4509: EUI compile error on NetBSD
- Bug 4501: HTTP/1.1: normalize Host header
- Bug 4498: URL-unescape the login-info after extraction from URI
- Bug 4455: SegFault from ESIInclude::Start
- Prevent Squid forcing -b 2048 into the arguments for sslcrtd_program
- Fix TLS/SSL server handshake alert handling
- Bug 4510: stale comment about 32KB limit on shared memory cache entries
- Bug 4509: EUI compile error on NetBSD
- Bug 4501: HTTP/1.1: normalize Host header
- Bug 4498: URL-unescape the login-info after extraction from URI
- Bug 4455: SegFault from ESIInclude::Start
- Prevent Squid forcing -b 2048 into the arguments for sslcrtd_program
- Fix TLS/SSL server handshake alert handling
Changes to squid-3.5.17 (20 Apr 2016):
- Regression Bug 4480: logformat [.width_max]
- Regression Bug 4481: varyEvaluateMatch: Oops. Not a Vary match on second attempt
- Bug 4495: Unknown SSL option SSL_OP_NO_TICKET
- Bug 4493: theObject->sharedMemorySize() == theSegment.size() exception
- Bug 4483: ./configure garbles -Og option in CFLAGS
- Bug 4482: Solaris GCC 5.2 warning in src/ip/Intercept.cc
- Bug 4468: NotNode (!acl) naming: Terminate the name before strncat(name).
- Bug 4465: Header forgery detection leads to crash
- Bug 2460 partial: workaround deferred reads on shutdown and restart
- cachemgr.cgi: use dynamic MemBuf for internal content generation
- ESI: Fix several element construction issues
- TLS: Fix Handshake Error: ccs received early
- TLS: Add chained and signing cert to peek-then-bumped connections
- Fix some startup/shutdown crashes
- Regression Bug 4480: logformat [.width_max]
- Regression Bug 4481: varyEvaluateMatch: Oops. Not a Vary match on second attempt
- Bug 4495: Unknown SSL option SSL_OP_NO_TICKET
- Bug 4493: theObject->sharedMemorySize() == theSegment.size() exception
- Bug 4483: ./configure garbles -Og option in CFLAGS
- Bug 4482: Solaris GCC 5.2 warning in src/ip/Intercept.cc
- Bug 4468: NotNode (!acl) naming: Terminate the name before strncat(name).
- Bug 4465: Header forgery detection leads to crash
- Bug 2460 partial: workaround deferred reads on shutdown and restart
- cachemgr.cgi: use dynamic MemBuf for internal content generation
- ESI: Fix several element construction issues
- TLS: Fix Handshake Error: ccs received early
- TLS: Add chained and signing cert to peek-then-bumped connections
- Fix some startup/shutdown crashes