frontier-squid-4.13-1.1.x86_64
[8.0 MiB] |
Changelog
by Dave Dykstra (2020-06-29):
- Upgrade to 4.13-1tarball with the following release notes:
- Update to squid-4.13 with release announcement at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00117.html
It includes a couple of relevant security advisories related to
cache poisoning.
- Remove patch for bug 5051 since it is included in the 4.13 release.
- Remove the recursion on the restorecon for SELinux in the %post install
step, to avoid taking a long time when going through a large cache.
|
frontier-squid-4.12-2.1.x86_64
[8.0 MiB] |
Changelog
by Dave Dykstra (2020-06-19):
- Upgrade to 4.12-2 tarball with the following release notes (from 4.12-1
and 4.12-2):
- Update to squid-4.12 with release announcement at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00114.html
It includes a couple of security advisories, but the are on
features that as far as I know are not used by frontier-squid users.
- Remove patches for bug #5030 and #5041 which are included in 4.12
- Slightly update patch for bug #5051 as recommended by squid consultant
- Note that an additional, more relevant squid advisory fixed in 4.12 was
published late:
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00116.html
- Support the "stdio:" prefix for access_log
|
frontier-squid-4.11-4.3.x86_64
[8.0 MiB] |
Changelog
by Dave Dykstra (2020-06-11):
- Require systemd-devel on non-el6 systems, so squid's configure will
recognize that it is on a systemd-based system.
- Update to shoal-agent-0.9.9, and remove python3 patch because that
is now merged.
|
frontier-squid-4.11-4.2.x86_64
[8.0 MiB] |
Changelog
by Dave Dykstra (2020-06-11):
- Fix quoting on el6 build options to select the correct types of basic
authentication. The bug accidentally enabled ldap authentication which
prevented an el6 rpm from installing on el7.
- Remove openldap-devel build dependency.
|
frontier-squid-4.11-3.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-06-03):
- Upgrade to 4.11-3 tarball with the following release notes:
- Apply patch for bug #5051 which prevents a negative cache from
persisting indefinitely with if-modified-since and collapsed forwarding.
- Fix shoal when there are multiple squid workers.
- Add cc.*\.in2p3\.fr to MAJOR_CVMFS. It was already in ATLAS_FRONTIER
so it was included for installations that accept both, but not for
those that accept only MAJOR_CVMFS.
|
frontier-squid-4.11-2.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-04-23):
- Upgrade to 4.11-2 tarball with the following release notes:
- The 4.11 release announcement is now at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00108.html
The announcement was delayed because security vulnerabilities were
being double-checked.
- frontier-squid was not susceptible to the ESI vulnerability, because of
missing libraries on the build machine. Add --disable-esi to make
sure it doesn't get accidentally enabled.
|
frontier-squid-4.10-4.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-04-13):
- Upgrade to 4.10-4 tarball with the following release note:
- Add patch for bug 5036 which caused a varying number of capital 'L's
to appear at the beginning of access.log lines when the log buffer
overflows.
|
frontier-squid-4.10-3.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-03-16):
- Upgrade to 4.10-3 tarball with the following release notes:
- Update patch for squid bug #5022 to final version.
- Add patch for squid bug #5030 which reported that negative caching
was not working. This is an important feature for keeping load
down on CVMFS stratum 1s that are not hosting a repository.
|
frontier-squid-4.10-2.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-02-13):
- Upgrade to 4.10-2 tarball with the following release notes:
- Apply patch for squid bug #5022, to prevent a reconfigure from crashing
the coordinator process when there are multiple workers.
- Use reconfigure signal for log rotation in all cases again.
|
frontier-squid-4.10-1.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-02-03):
- Upgrade to 4.10-1 tarball with the following release notes:
- Update to squid-4.10, with release notes at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00103.html
including a fix for a serious security vulnerability affecting
reverse proxies and a potential information leak when proxying ftp.
- Remove patch for bug #4735, as it has been included in the 4.10 release.
- Change compressing log rotation back to use copytruncate when there
are multiple workers, because the reconfigure signal triggers an
SNMP bug when there are multiple workers (squid bug #5022).
- Disable log rotatation when SQUID_MAX_ACCESS_LOG=0. Using this is
highly discouraged since standard logrotate is usually unable to
keep up with the high volume of logs typically generated by squid.
It also interferes with frontier-awstats support.
- Change log rotating cron scripts to ignore commented lines in
/etc/sysconfig/frontier-squid
|
frontier-squid-4.9-4.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2020-01-02):
- Upgrade to 4.9-4 tarball with the following release note:
- Limit the hard nofile ulimit check to the "start" operation.
|
frontier-squid-4.9-2.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2019-11-10):
- Upgrade to 4.9-2 tarball with the following release note:
- Fix bug in daily cron that prevented it from rotating any logs
|
frontier-squid-4.8-2.1.x86_64
[6.8 MiB] |
Changelog
by Dave Dykstra (2019-08-29):
- Upgrade to 4.8-2 tarball with the following release note:
- Add support for starting and stopping shoal-agent when installed and
enabled by SQUID_AUTO_DISCOVER=true
- Add compilation and installation for shoal-agent
|
frontier-squid-4.8-1.1.x86_64
[2.6 MiB] |
Changelog
by Dave Dykstra (2019-07-17):
- Upgrade to 4.8-1 tarball with the following release notes:
- Update to squid-4.8 with release notes at
https://www.mail-archive.com/squid-announce@lists.squid-cache.org/msg00096.html
There was no 4.7 announcement but here's the ChangeLog:
https://github.com/squid-cache/squid/blob/f977bfa698ab92e9474c775cef0e01fb756a4b0f/ChangeLog
|
frontier-squid-3.5.27-5.2.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-07-19):
- Add %verify (not user group) to the %ghost statements for cache dir
and log dir, and add %verify (not user group mode) on squid.conf and
squid.conf.old. Without those, rpm -V complains on el7 only, not el6.
|
frontier-squid-3.5.27-4.2.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-04-18):
- Support SELinux by default by doing resorecon -R /var/cache/squid
during postinstall.
|
frontier-squid-3.5.27-4.1.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-03-01):
- Upgrade to 3.5.27-4 tarball with the following release note:
- If the maximum listen backlog (sysctl net.core.somaxconn) is less than
1/4th the file descriptor limit (ulimit -n) when starting squid,
increase it to that amount. That's the listen backlog that squid
requests, and the larger backlog helps when a server is hit so hard
with requests that squid can't keep up.
|
frontier-squid-3.5.27-3.1.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2018-01-24):
- Upgrade to 3.5.27-3 tarball with the following release notes:
- Add configuration options to always honor "Pragma: no-cache" from a
client, even if the client also sends a "Cache-control" header, as
the current frontier-client (v2.8.20) always does.
https://bugs.squid-cache.org/show_bug.cgi?id=4809
- Included provided patches from the squid project related to two
denial of service security advisories which they say could affect
all reverse proxies.
http://www.squid-cache.org/Advisories/SQUID-2018_1.txt
http://www.squid-cache.org/Advisories/SQUID-2018_2.txt
For example frontier server launchpad squids are configured as
reverse proxies.
|
frontier-squid-3.5.24-3.1.x86_64
[2.3 MiB] |
Changelog
by Dave Dykstra (2017-03-22):
- Upgrade to 3.5.24-3 tarball with the following release notes:
- Change quick_abort_min and quick_abort_max once again, this time to
0 KB, because someone doing a different repeatable test found that
the 1 GB value still caused some crashes but 0 KB didn't.
|
frontier-squid-3.5.23-2.1.x86_64
[2.9 MiB] |
Changelog
by Dave Dykstra (2016-12-21):
- Upgrade to 3.5.23-2 tarball with the following release note:
- Comment out the fix for security advisory SQUID-2016:10, because it
caused collapsed forwarding to break for If-Modified-Since requests.
It was probably implemented incorrectly; discussion is in the
reopened squid bug report #2833.
|
frontier-squid-3.5.22-2.1.x86_64
[2.9 MiB] |
Changelog
by Dave Dykstra (2016-10-15):
- Upgrade to 3.5.22-2 tarball with the following release note:
- Change default value of dns_v4_first to "on", so it will always try
ipv4 first if available and then ipv6. The default was "off" which
always tries ipv6 first.
|
frontier-squid-2.7.STABLE9-24.2.x86_64
[841 KiB] |
Changelog
by Dave Dykstra (2015-09-02):
- Add creation of config file in /usr/lib/tmpfiles.d to create /run/squid
directory on reboot of EL7-based systems.
|