| frontier-squid-4.13-1.1.osg34.el6.x86_64
[8.0 MiB] |
Changelog
by Dave Dykstra (2020-06-29):
- Upgrade to 4.13-1tarball with the following release notes:
- Update to squid-4.13 with release announcement at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00117.html
It includes a couple of relevant security advisories related to
cache poisoning.
- Remove patch for bug 5051 since it is included in the 4.13 release.
- Remove the recursion on the restorecon for SELinux in the %post install
step, to avoid taking a long time when going through a large cache.
|
| frontier-squid-4.11-3.1.osg34.el6.x86_64
[6.7 MiB] |
Changelog
by Dave Dykstra (2020-06-03):
- Upgrade to 4.11-3 tarball with the following release notes:
- Apply patch for bug #5051 which prevents a negative cache from
persisting indefinitely with if-modified-since and collapsed forwarding.
- Fix shoal when there are multiple squid workers.
- Add cc.*\.in2p3\.fr to MAJOR_CVMFS. It was already in ATLAS_FRONTIER
so it was included for installations that accept both, but not for
those that accept only MAJOR_CVMFS.
|
| frontier-squid-4.10-3.1.osg34.el6.x86_64
[6.7 MiB] |
Changelog
by Dave Dykstra (2020-03-16):
- Upgrade to 4.10-3 tarball with the following release notes:
- Update patch for squid bug #5022 to final version.
- Add patch for squid bug #5030 which reported that negative caching
was not working. This is an important feature for keeping load
down on CVMFS stratum 1s that are not hosting a repository.
|
| frontier-squid-4.10-1.1.osg34.el6.x86_64
[6.7 MiB] |
Changelog
by Dave Dykstra (2020-02-03):
- Upgrade to 4.10-1 tarball with the following release notes:
- Update to squid-4.10, with release notes at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00103.html
including a fix for a serious security vulnerability affecting
reverse proxies and a potential information leak when proxying ftp.
- Remove patch for bug #4735, as it has been included in the 4.10 release.
- Change compressing log rotation back to use copytruncate when there
are multiple workers, because the reconfigure signal triggers an
SNMP bug when there are multiple workers (squid bug #5022).
- Disable log rotatation when SQUID_MAX_ACCESS_LOG=0. Using this is
highly discouraged since standard logrotate is usually unable to
keep up with the high volume of logs typically generated by squid.
It also interferes with frontier-awstats support.
- Change log rotating cron scripts to ignore commented lines in
/etc/sysconfig/frontier-squid
|
| frontier-squid-4.9-2.1.osg34.el6.x86_64
[6.7 MiB] |
Changelog
by Dave Dykstra (2019-11-10):
- Upgrade to 4.9-2 tarball with the following release note:
- Fix bug in daily cron that prevented it from rotating any logs
|
| frontier-squid-4.8-2.1.osg34.el6.x86_64
[6.7 MiB] |
Changelog
by Dave Dykstra (2019-08-29):
- Upgrade to 4.8-2 tarball with the following release note:
- Add support for starting and stopping shoal-agent when installed and
enabled by SQUID_AUTO_DISCOVER=true
- Add compilation and installation for shoal-agent
|
| frontier-squid-4.8-1.1.osg34.el6.x86_64
[2.6 MiB] |
Changelog
by Dave Dykstra (2019-07-17):
- Upgrade to 4.8-1 tarball with the following release notes:
- Update to squid-4.8 with release notes at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00096.html
There was no 4.7 announcement but here's the ChangeLog:
https://github.com/squid-cache/squid/blob/f977bfa698ab92e9474c775cef0e01fb756a4b0f/ChangeLog
|
| frontier-squid-4.4-2.1.osg34.el6.x86_64
[2.6 MiB] |
Changelog
by Dave Dykstra (2019-07-17):
- Upgrade to 4.4-2 tarball with the following release note:
- Apply security patch for CVE-2019-12527
http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
which can (before being patched) be exploited through the ftp protocol.
|
| frontier-squid-4.4-1.1.osg34.el6.x86_64
[2.6 MiB] |
Changelog
by Dave Dykstra (2018-10-31):
- Upgrade to 4.4-1 tarball with the following release notes:
- Update to squid-4.4 with release notes at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00086.html
including one fairly significant security fix for a potential denial
of service due to memory leaks on rejected SNMP queries.
- If different squid services have different numbers of workers (for
example by using setserviceoption on "workers") then use the biggest
number when creating cache and log directories.
|
| frontier-squid-3.5.27-5.2.osg34.el6.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-07-19):
- Add %verify (not user group) to the %ghost statements for cache dir
and log dir, and add %verify (not user group mode) on squid.conf and
squid.conf.old. Without those, rpm -V complains on el7 only, not el6.
|
| frontier-squid-3.5.27-3.1.1.osg34.el6.x86_64
[2.3 MiB] |
Changelog
by Carl Edquist (2018-03-12):
- Fix selinux perms for /var/cache/squid (SOFTWARE-3174)
|
| frontier-squid-3.5.27-3.1.osg34.el6.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-01-24):
- Upgrade to 3.5.27-3 tarball with the following release notes:
- Add configuration options to always honor "Pragma: no-cache" from a
client, even if the client also sends a "Cache-control" header, as
the current frontier-client (v2.8.20) always does.
https://bugs.squid-cache.org/show_bug.cgi?id=4809
- Included provided patches from the squid project related to two
denial of service security advisories which they say could affect
all reverse proxies.
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
For example frontier server launchpad squids are configured as
reverse proxies.
|
| frontier-squid-3.5.27-2.1.osg34.el6.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2017-12-08):
- Upgrade to 3.5.27-2 tarball with the following release note:
- Add openhtc.io aliases to CMS_FRONTIER, ATLAS_FRONTIER, and MAJOR_CVMFS
acls.
|
| frontier-squid-3.5.24-3.1.osg34.el6.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2017-03-22):
- Upgrade to 3.5.24-3 tarball with the following release notes:
- Change quick_abort_min and quick_abort_max once again, this time to
0 KB, because someone doing a different repeatable test found that
the 1 GB value still caused some crashes but 0 KB didn't.
|