Path to this page:
Subject: CVS commit: pkgsrc/www/squid
From: Takahiro Kambe
Date: 2003-09-11 17:48:25
Message id: 20030911154826.654C1B004@cvs.netbsd.org
Log Message:
Update squid package to 2.5.3nb5. Apply some official patches.
external_acl_type concurrency= renamed to children=
synopsis To lessen confusion in later upgrades to Squid-3 the
external_acl_type concurrency= option has been renamed to
children= to match Squid-3 usage. This is done because
concurrency= has a completely different meaning in
squid-3. Squid-2.5 still accepts the old syntax to keep
compatibility within the Squid-2.5 release, but it is recommended
to start using the new syntax unless you need to be able to
easily downgrade to a earlier Squid-2.5 release.
severity Cosmetic
date 2003-09-02 07:02
versions Squid-2.5.STABLE3 and earlier
platforms All
workaround Make sure to read the Squid-3 releasenotes very carefully when
upgrading.
Assertion error or segmentation fault if using proxy_auth in delay_access
synopsis If proxy_auth acl type is used in delay_access then Squid may
abort with an assertion error or segmentation fault. Notice: This
patch may change some error conditions to be logged with
TCP_DENIED rather than TCP_MISS.
severity Medium
date 2003-09-01 20:01
bugzilla #638, #756
versions Squid-2.5
platforms All
workaround Don't use proxy_auth acl types in delay_access
Segmentation fault if proxy_auth with ntlm used in http_reply_access
synopsis In configurations where authentication is enforced in http_access
and then reused in http_reply_access to further control access
levels Squid may segfault if the ntlm authentication scheme is
used.
severity Medium
date 2003-09-01 20:01
bugzilla #763
versions Squid-2.5
platforms All
workaround Don't use proxy_type acls in http_reply_access or disable the use
of the ntlm authentication scheme (disabled by default)
code 407 instead of 403 for authenticated traffic-shaped user
synopsis delay_access can disturb Squids logics on when to request a new
login from the user. Most notably if delay_access ends up in a
proxy_auth acl then any access denials will require a new login
but the opposite may also happen.
severity Medium
date 2003-08-31 09:31
bugzilla #742
versions Squid-2.5 and earlier
platforms All
workaround make sure delay_access always ends up in the same class of ACL as
http_access does on the same request.
Form POSTing troubles with NTLM authentication or other error responses
synopsis Large POST/PUT requests may fail with a "Connection reset" \
error
in the browser in situations where Squid immediately responds
with an error page. This is most notable when using NTLM
authentication but may also occur in a few other situations
severity Medium
date 2003-08-28 22:28
bugzilla #267, #757
versions Squid-2.5 and earlier
platforms All
workaround Allow POST/PUT without requiring authentication if you are using
NTLM authentication.
No explicit error message when ncsa_auth (squid user) can't access passwd file
synopsis ncsa_auth just exists if it can not read the supplied password
file, instead of reporting an error.
severity Minor
date 2003-08-20 12:20
bugzilla #733
versions Squid-2.5 and earlier
platforms All
workaround If ncsa_auth exits for no apparent reason, verify that the given
ncsa password file is readable by the cache_effective_user.
forwarded_for off has no effect
synopsis The patch for Bug #92 (squid-2.5.STABLE3-mem_cfd.patch) broke the
forwarded_for directive.
severity Minor
date 2003-08-18 17:18
bugzilla #750
versions Squid-2.5.STABLE3 snapshots 2003-08-07 to 2003-08-18
platforms All
workaround Use anonymization via http_header_access to delete the
X-Forwarded-For header from forwarded requests. This is probably
preferred in any case.
Files: