squid3 (3.5.27-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release * debian/{control,rules} - Add temporary dependency on gcc-6 and g++-6 to workaround FTBFS in unstable * debian/patches/ - Fix security issue SQUID-2018:1 (CVE-2016-1000024) (Closes: #888719) - Fix security issue SQUID-2018:2 (CVE-2016-1000027) (Closes: #888720) [ Luigi Gangitano ] * debian/control - Changed priority to optional for squid3 and squid-dbg - Removed unneeded Build-Dep on autotools-dev * debian/rules - Include dpkg-architecture Makefile instead of invoking the binary at build time * debian/squid.postinst - Remove recursive chown calls -- Luigi Gangitano Tue, 13 Feb 2018 15:31:24 +0100 squid3 (3.5.23-5) unstable; urgency=medium * Reload squid so that it uses modified config, not default one. -- Santiago Garcia Mantinan Sat, 03 Jun 2017 00:36:55 +0200 squid3 (3.5.23-4) unstable; urgency=medium [ Andreas Beckmann ] * debian/squid.postinst - Fix another upgrade edge case from 2.7 default install (Closes: #801564) [ Amos Jeffries ] * debian/squid.logrotate - Add missing piece of fix for sarg daily reports (LP: #1414754) -- Santiago Garcia Mantinan Fri, 02 Jun 2017 00:19:55 +0200 squid3 (3.5.23-3) unstable; urgency=medium [ Amos Jeffries ] * debian/squid.preinst - Fix upgrade sequence from jesse squid3 package (Closes: #858556) [ Santiago Garcia Mantinan ] * debian/squid.{preinst,postinst,postrm} - Fix problems with empty squid3 dir and squid 2.7 installed (use the right logic with better checks). - Avoid install abortion by stopping squid3 only when it runs. [ Eric Veiras Galisson ] * debian/squid.rc - Fix returncode is wrong with conf file with errors (Closes: #857137) -- Santiago Garcia Mantinan Sat, 08 Apr 2017 02:52:28 +0200 squid3 (3.5.23-2) unstable; urgency=medium [ Santiago Garcia Mantinan ] * debian/squid.{preinst,postinst,postrm} - Fix upgrade sequence from 2.7 packages (Closes: #801564) [ Amos Jeffries ] * debian/control - Relax dependency between squid and squid-common packages (Closes: #399489) - Add squidclient Recommends on ssl-cert [ Robie Basak ] * debian/control - Add missing pre-depends on adduser - Add Vcs-Browser URL -- Santiago Garcia Mantinan Sun, 19 Mar 2017 23:23:57 +0100 squid3 (3.5.23-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release (Closes: #793473, #822952) - Fixes security issue SQUID-2016:10 (CVE-2016-10003) (Closes: #848491) - Fixes security issue SQUID-2016:11 (CVE-2016-10002) (Closes: #848493) * debian/patches/ - Remove patch included upstream * debian/tests/ - Use package build-deps when testing so the make commands will work -- Luigi Gangitano Sun, 18 Dec 2016 23:39:24 +0200 squid3 (3.5.22-1) unstable; urgency=medium [ Amos Jeffries ] * New Upstream Release * debian/patches - Add upstream patch to fix adaptation crashes * debian/{control, rules, squid.postinst} - Accept patch to remove setuid from pinger (Closes: #822992) [ Luigi Gangitano ] * debian/compat - Bump to debhelper compatibility level 10 * debian/{control,tests/} - Add DEP-8 autopkgtest for upstream test suite, thanks to Santiago Ruano Rincan (Closes: #829141) * debian/rules - Avoid linking with unneeded libraries, thanks to Yuriy M. Kaminskiyi (Closes: #822998) -- Luigi Gangitano Sat, 29 Oct 2016 23:13:00 +0200 squid3 (3.5.19-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release (Closes: #823968) - Fixes security issue SQUID-2016:7 (CVE-2016-4553) - Fixes security issue SQUID-2016:8 (CVE-2016-4554) - Fixes security issue SQUID-2016:9 (CVE-2016-4555, CVE-2016-4556) * debian/control - Bumped Standards-Version to 3.9.8, no change needed * debian/rules - Send hardening CPPFLAGS to custom build tools -- Luigi Gangitano Tue, 10 May 2016 23:43:00 +0200 squid3 (3.5.17-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release - Fixes security issue SQUID-2016:5 (CVE-2016-4051) - Fixes security issue SQUID-2016:6 (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054) -- Luigi Gangitano Fri, 22 Apr 2016 14:43:00 +0200 squid3 (3.5.16-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release - Fixes security issue SQUID-2016:3 (CVE-2016-3947) (Closes: #819783) - Fixes security issue SQUID-2016:4 (CVE-2016-3948) (Closes: #819784) * debian/patches/ - Remove patch included upstream -- Luigi Gangitano Sun, 03 Apr 2016 19:57:00 +0200 squid3 (3.5.15-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release - Fixes security issues SQUID-2016:2 (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571) (Closes: #816011) * debian/patches/03-upstream-bug4447.patch - add upstream patch for their bug #4447 [ Robie Basak ] * debian/control - Add lsb-release build dep. This is required for the --enable-build-info line in debian/rules to work correctly. * debian/squid.logrotate - Run sarg-reports if present before rotating logs. [ Luigi Gangitano ] * debian/control - Bumped Standards-Version to 3.9.7, no change needed -- Luigi Gangitano Tue, 01 Mar 2016 19:39:00 +0100 squid3 (3.5.14-1) unstable; urgency=medium [ Amos Jeffries ] * New Upstream Release (Closes: #812038) * debian/control - add Depends libdbi-perl (Closes: #807512) - Fixed lintian complaint about squid3 package description - Fixed Vcs-Git Header pointing anonscm.debian.org * debian/rules - build ext_time_quota_acl helper (LP: #1391159) * debian/squid.install - add missing helper man pages -- Luigi Gangitano Tue, 16 Feb 2016 23:14:00 +0100 squid3 (3.5.12-1) unstable; urgency=medium [ Amos Jeffries ] * New Upstream Release * debian/squid.postinst - remove unneeded config edits for manager ACL (Closes: #801564) * debian/patches/ - add upstream patch to cleanup FATAL log messages [ Mathieu Parent ] * Fix FATAL parsing before start/reload/restart (Closes: #800341) * Set pidfile for systemd's sysv-generator (Closes: #800341) -- Luigi Gangitano Wed, 09 Dec 2015 19:03:47 +0100 squid3 (3.5.10-1) unstable; urgency=high [ Amos Jeffries ] * New Upstream Release (Closes: #799923, #800876) * debian/squid.rc - Grok pid_filename from squid.conf (Closes: #520736) - Update SELinux context when creating directories (Closes: #798827) [ Luigi Gangitano ] - Urgency high due to regression fix for CVE-2015-5400. -- Luigi Gangitano Mon, 05 Oct 2015 23:28:00 +0200 squid3 (3.5.7-1) unstable; urgency=medium [ Amos Jeffries ] * New upstream release (Closes: #789602, #793400, #253777) * debian/rules - Add BUILDCXXFLAGS to use hardening flags during build * debian/squid.links - Add symlink for squid3.8 man(8) page to resolve lintian issue * debian/squid.postinst - Remove unnecessary 'squid -z' (Closes: #794639) [ Luigi Gangitano ] * Rebuild using GCC-5 (Closes: #794536) * debian/squid.postinst - Check for squid3 initscript before we try to execute it * debian/squid.rc - Set working directory to /var/run/squid -- Luigi Gangitano Thu, 6 Aug 2015 01:14:00 +0200 squid3 (3.5.6-1) unstable; urgency=medium [ Amos Jeffries ] * New upstream release (Closes: #760303) - Fixed upstream macro issue that fail to pass reproducible builds test - Fixes CVE-2015-5400: Improper Protection of Alternate Path (Closes: #793128) * Removed deprecated MSNT and MSNT-multi-domain authentication helpers * Transition squid3 to squid - Renamed squid3 package to squid (Closes: #521053, #565555, #672156) (Closes: #294431, #569575, #714334, #279840, #576423, #779127) - Renamed squid3-common package to squid-common - Renamed squid3-dbg package to squid-dbg - Add dummy transitional package squid3 * debian/patches/ - Removed patches included upstream and refresh others * debian/squid3-cgi.dirs - Removed old unused packaging file * debian/control - Add dependency on libgnutls28-dev for squidclient HTTPS support [ Luigi Gangitano ] * debian/control - Changed dependency on libecap3-dev (Closes: #789774) - Made squid-common conflict and replace squid3-common - Fixed dependencies and sections of transitional packages * {NEWS,README}.Debian - Added information on package name migration -- Luigi Gangitano Wed, 22 Jul 2015 23:24:00 +0200 squid3 (3.4.8-6) unstable; urgency=medium [ Luigi Gangitano ] * debian/patches/31-squid-3.4-13199.patch - Added upstream patch fixing excessive CPU usage (Closes: #776461) * debian/patches/32-squid-3.4-13210.patch - Added upstream patch fixing excessive CPU and memory usage in NTLM and Negotiate authentication helpers (Closes: #776463) * debian/patches/33-squid-3.4-13211.patch - Added upstream patch fixing a possible replay vulnerability on Digest authentication (Closes: #776464) * debian/patches/34-squid-3.4-13213.patch - Added upstream patch fixing incorrect security permissions for TOS/DiffServ packet marking (Closes: #776468) * debian/patches/35-squid-3.4-13203.patch - Added upstream patch fixing squidclient unable to connect to host with both IPv4 and IPv6 addresses (Closes: #742425) -- Luigi Gangitano Wed, 28 Jan 2015 12:34:42 +0100 squid3 (3.4.8-5) unstable; urgency=medium [ Luigi Gangitano ] * debian/squid3.{pre,post}inst - Moved ACL manager fix to postinst (Closes: #773032) -- Luigi Gangitano Tue, 16 Dec 2014 13:43:03 +0100 squid3 (3.4.8-4) unstable; urgency=medium [ Luigi Gangitano ] * debian/squid3.preinst - Revert changes on abort-upgrade -- Luigi Gangitano Fri, 05 Dec 2014 10:44:02 +0100 squid3 (3.4.8-3) unstable; urgency=medium [ Amos Jeffries ] * debian/squid3.preinst - Remove obsolete manager ACL definition from squid.conf when upgrading squid3 package (Closes: #768170) [ Luigi Gangitano ] * debian/squid3.preinst - Fix configuration file only if needed and match any uncommented line -- Luigi Gangitano Fri, 5 Dec 2014 01:27:51 +0100 squid3 (3.4.8-2) unstable; urgency=medium [ Santiago Garcia Mantinan ] * Add patch to remove bashisms from cert_tool * Add manual page for squid-purge * Create run_dir needed for SMP with several workers to run. This fixes #710126 (Closes: #732183, #760400) * Use CONFIG instead of sq (Closes: #763867) * Remove find_cache_type and use grepconf (both functions were =). * Allow find_cache_dir and grepconf to have whitespace in the beginning (Closes: #761209) * Add config check before reload/restart, thanks Freddy (Closes: #728222) [ Amos Jeffries ] * debian/squid3.postinst - update grepconf to support SMP macros and sub-config files when locating cache_dir and effective user/group * debian/squid3.rc - remove special handling for obsolete COSS cache type - change grepconf to support SMP macros and sub-config files * debian/rules - add distribution details to squid -v display output this obsoletes the Ubuntu fix-distribution.patch * debian/control - bumped libecap dependency version to 0.2.0-2 * debian/squid3.resolvconf - added check on /usr availability before squid3 restart (Closes: #765476) [ Luigi Gangitano ] * debian/squid3.rc - Change config check to config parse on start/reload/restart * debian/control - Fixed XS-Vcs-Git Header pointing anonscm.debian.org -- Luigi Gangitano Wed, 29 Oct 2014 15:50:51 +0100 squid3 (3.4.8-1) unstable; urgency=high * Urgency high due to security fixes [ Amos Jeffries ] * New upstream release (Closes: #737008) - Fixes CVE-2014-6270: off by one in snmp subsystem (Closes: #761002) - Fixes CVE-2014-CVE-2014-7141 and CVE-214-7142 (Closes: #760999) + pinger remote DoS vulnerabilities - Fixes CVE-2014-0128: Denial of Service in SSL-Bump (Closes: #741312) * debian/patches/ - remove CVE-2014-3609.patch included upstream - remove 17-pod2man-check.patch obsoleted by new version - add upstream patch 21-squid-3.4-13176-memoryleak.patch: memory leak in external_acl_type helper with cache=0 or ttl=0 * debian/rules - add --disable-arch-native to build with portable CPU support * debian/control - libecap API support is specific to version 0.2.0 - use nettle for crypto library * debian/watch - updated watch pattern for upstream major series * debian/rules - Remove obsolete --enable-underscores (Closes: #693905) [ Luigi Gangitano ] * debian/patches/ - refreshed all patches to match 3.4.8 * debian/control - Added dependency for missing intepreter ksh - Bumped Standard-Version to 3.9.6, no change needed - Added XS-Vcs-Git Header pointing to Alioth repository -- Luigi Gangitano Fri, 17 Oct 2014 00:10:00 +1300 squid3 (3.3.8-1.2) unstable; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2014-3609.patch patch. CVE-2014-3609: Denial of Service in Range header processing. Ignore Range headers with unidentifiable byte-range values. If squid is unable to determine the byte value for ranges, treat the header as invalid. (Closes: #759509) -- Salvatore Bonaccorso Thu, 28 Aug 2014 18:03:47 +0200 squid3 (3.3.8-1.1) unstable; urgency=low * Non-maintainer upload. * Fix "FTBFS: cp: cannot stat '/«PKGBUILDDIR»/debian/tmp/usr/share/man/man8/basic_db_auth.8': No such file or directory": new patch 17-pod2man-check.patch: fix config.test files' check for perl and pod2man (Closes: #725599) -- gregor herrmann Sat, 23 Nov 2013 21:05:10 +0100 squid3 (3.3.8-1) unstable; urgency=high * Urgency high due to security fixes * New upstream release - Fixes security issues (Closes: #716743) + Buffer overflow in HTTP request handling (Ref: SQUID-2013:2, CVE-2013-4115) + DoS in request processing (Ref: SQUID-2013:3, CVE-2013-4123) - Includes PNG image used in error pages, with new copyright assignement (Closes: #683255) * Added /var/run/squid3 dir to host sockets in SMP configuration (Closes: #710126) * debian/control - Bumped Standard-Version to 3.9.4, no change needed -- Luigi Gangitano Sun, 21 Jul 2013 18:28:36 +0200 squid3 (3.3.4-1) unstable; urgency=low * New upstream release - Added support for SHA passwords in ncsa_auth (Closes: #652010) * debian/squid3.lintian-overrides - Added override for pinger setuid bin * debian/watch - Fixed pattern to skip the last dot * debian/rules - Removed reference to cppunit-basedir -- Luigi Gangitano Mon, 06 May 2013 16:46:33 +0200 squid3 (3.3.3-2) unstable; urgency=low I would like to thank Amos Jeffries for his help with this release. * debian/control - Added Build-Depend on pkg-config to solve FTBFS when ecap is enabled (Closes: #706025) - Fixed package descriptions - Added Build-Depend on libnetfilter-conntrack-dev - Added Suggests on winbindd for NTLM authentication * debian/patches/01-cf.data.debian.patch - Removed change to visible_hostname defaut value (Closes: #705983) - Fixed path of ntlm_auth helper in example * debian/rules - Removed --enable-arp-acl options obsoleted by --enable-eui - Fixed FTBFS on hurd due to missing netfilter support - Enabled Rock store type support - Added SETUID bit to pinger program * debian/watch - Fixed pattern to match all the released versions of 3.3 -- Luigi Gangitano Tue, 23 Apr 2013 15:38:39 +0200 squid3 (3.3.3-1) unstable; urgency=low * New upstream release (Closes: #694633, #701799, #702540) - Removed upstream patches + debian/patches/20-ipv6-fix + debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch + debian/patches/fix-701123-regression-in-cachemgr.patch - Includes upstream fix for CVE-2009-0801 (Closes: #521052) - Includes upstream fix for rejection of benign request containing variants of double CR (Closes: #669148) * debian/control - Added dependency on libecap2-dev - Added squid-purge package * debian/source - Enabled ECAP support - Fixed configure invocation to match new syntax - Removed unneeded rename of helper man pages - Fixed list of helpers to build, adding fake agents (Closes: #644280) and negotiate wrapper (Closes: #656304) * debian/watch - Updated for 3.3 * debian/squid3.logrotate - Added check for existing binary in logrotate script (Closes: #703954) -- Luigi Gangitano Sun, 21 Apr 2013 23:51:11 +0200 squid3 (3.1.20-2.2) unstable; urgency=low * Non-maintainer upload. * Add fix-701123-regression-in-cachemgr.patch patch. Fix missing bits in the fix for CVE-2012-5643 and CVE-2013-0189 causing cachemgr.cgi crashing when authentication credentials are supplied. Thanks to Amos Jeffries (Closes: #701123) -- Salvatore Bonaccorso Sat, 23 Feb 2013 13:44:48 +0100 squid3 (3.1.20-2.1) unstable; urgency=high * Non-maintainer upload * Urgency high due to security fixes * debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch - Added upstream fix for squid-cgi (cachemgr) memory leaks and denial of service vulnerability (Closes: #696187) -- Michael Stapelberg Tue, 05 Feb 2013 23:16:27 +0100 squid3 (3.1.20-2) unstable; urgency=low * debian/patches/20-ipv6-fix - Added upstream fix for squid not working when IPv6 is not loaded (Closes: #660489) -- Luigi Gangitano Thu, 06 Dec 2012 20:02:56 +0100 squid3 (3.1.20-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.9.3, no change needed - Added missing dependency on dpkg-dev (>= 1.16.1~) * debian/rules - Enabled hardening options (Closes: #669684) * debian/patches/01-cf.data.debian.patch - Fixed minor typos in configuration file (Closes: #670832, #673350) -- Luigi Gangitano Mon, 18 Jun 2012 14:20:53 +0200 squid3 (3.1.19-1) unstable; urgency=low * New upstream release - Removed patch integrated upstream + 19-adaptation-compile * debian/rules - Enabled WCCPv2 support (Closes: #654877) -- Luigi Gangitano Tue, 07 Feb 2012 16:19:12 +0100 squid3 (3.1.18-1) unstable; urgency=low * New upstream release * debian/patches/19-adaptation-compile.patch - Added upstream patch to fix compile failure -- Luigi Gangitano Mon, 26 Dec 2011 22:04:28 +0100 squid3 (3.1.16-1) unstable; urgency=low * New upstream release * Changed source format to 3.0 (quilt) * debian/squid3.rc - Added LSB compliant option to init script (Closes: #645780) Thanks to Fredrik Eriksson -- Luigi Gangitano Thu, 3 Nov 2011 13:37:17 +0100 squid3 (3.1.15-1) unstable; urgency=high * Urgency high due to security fixes * New upstream release - Fixes DoS issue in Gopher client (Closes: #639755) (Ref: CVE-2011-3205, SQUID-2011:3) * debian/control - Removed hardcoded list of non-Linux architectures (Closes: #634765) -- Luigi Gangitano Fri, 02 Sep 2011 13:33:41 +0200 squid3 (3.1.14-1) unstable; urgency=low * New upstream release - Fixes FTBFS with GCC 4.6 (Closes: #625405) - Fixes issue with IPv4/IPv6 DNS resolution (Closes: #604566) - Fixes issue with IPv6 resolution in access.log (Closes: #604832) * debian/control - Bumped Standard-Version to 3.9.2, no change needed * debian/squid.rc - Fixed init script preventing alterate cache dir from being created (Closes: #623935) -- Luigi Gangitano Sat, 09 Jul 2011 17:58:46 +0200 squid3 (3.1.12-1) unstable; urgency=low * New upstream release - Removed patch integrated upstream + 18-gcc-4.5-fix - Rebuild against libdb5.1 (Closes: #621453) * debian/control - Remove article at start of synopsis, to make lintian happy -- Luigi Gangitano Mon, 11 Apr 2011 18:47:02 +0200 squid3 (3.1.11-1) unstable; urgency=low * New upstream release * debian/patches/18-gcc-4.5-fix - Added upstream fix for gcc 4.5 building (Closes: #613153) -- Luigi Gangitano Tue, 15 Feb 2011 01:46:19 +0100 squid3 (3.1.10-1) unstable; urgency=low * New upstream release (Closes: #609881) - Removed patches integrated upstream + 16-CVE-2010-3072 + 17-CVE-2010-2951 - Fixes TCP DNS lookups failure on IPv6-disabled systems (Closes: #607379) - Fixes HTTPS not working if IPv6 is disabled (Closes: #594713) * debian/rules - Enable ZPH feature (Closes: #597687) * debian/squid3.ufw.profile - Added UFW profile, thanks to Alessio Treglia (Closes: #605088) * debian/control - Added versioned dependency on squid-langpack -- Luigi Gangitano Fri, 21 Jan 2011 18:43:56 +0100 squid3 (3.1.6-1.2) unstable; urgency=low * Non-maintainer upload. * Fix DoS while processing large DNS replies with no IPv6 resolver present (CVE-2010-2951) (Closes: #599709) -- Ben Hutchings Sat, 30 Oct 2010 17:00:55 +0200 squid3 (3.1.6-1.1) unstable; urgency=high * Non-maintainer upload by the security team * Fix DoS due to wrong string handling (Closes: #596086) Fixes: CVE-2010-3072 -- Steffen Joeris Mon, 13 Sep 2010 17:07:51 +1000 squid3 (3.1.6-1) unstable; urgency=low * New upstream release * debian/rules - Removed now-default --enable-ipv6 option * debian/control - Bumped Standard-Version to 3.9.1, no change needed * debian/patches/01-cf.data.pre - Updated to match new upstream default IPv6 configuration -- Luigi Gangitano Mon, 09 Aug 2010 00:59:26 +0200 squid3 (3.1.5-2) unstable; urgency=low * debian/control - Added build dependency on libltdl-dev fixing FTBFS on most archs -- Luigi Gangitano Wed, 07 Jul 2010 15:21:06 +0200 squid3 (3.1.5-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.9.0 -- Luigi Gangitano Tue, 06 Jul 2010 23:26:26 +0200 squid3 (3.1.4-1) unstable; urgency=low * New upstream release - Fixes several issues with IPv6 socket handling (Closes: #581901, #584223) - Fixes assertion in comm.cc (Closes: #572368) -- Luigi Gangitano Fri, 04 Jun 2010 14:49:32 +0200 squid3 (3.1.3-2) unstable; urgency=low * debian/rules - Actually enable IPv6 (how did I miss this?) -- Luigi Gangitano Tue, 04 May 2010 11:15:49 +0200 squid3 (3.1.3-1) unstable; urgency=low * New upstream release - Fix incorrect behaviour of --enable-ipv6 (Closes: #578047) - Removed patches integrated upstream + 14-kfreebsd-compile -- Luigi Gangitano Sun, 02 May 2010 19:31:38 +0200 squid3 (3.1.1-3) unstable; urgency=low * debian/{squid3.install,rules} - Install documented version of squid.conf as file, not directory (Closes: #577615) -- Luigi Gangitano Thu, 15 Apr 2010 11:14:08 +0200 squid3 (3.1.1-2) unstable; urgency=low * debian/watch - Updated pattern to match 3.1 releases * debian/control - Excluded dependency on libcap2-dev on kfreebsd * debian/patches/14-kfreebsd-compile - Added patch to enable kfreebsd compilato, thanks to Petr Salinger (Closes: #576952) * debian/{rules,control,squid-cgi.install} - Rename squid3-cgi package to squid-cgi (Closes: #489061) * debian/patches/15-cachemgr-default-config - Fix squid-cgi default configuration file path * debian/source/format - Added format specification file, still with 1.0 version -- Luigi Gangitano Mon, 12 Apr 2010 11:49:01 +0200 squid3 (3.1.1-1) unstable; urgency=low * New upstream release * debian/control - Bumped Standard-Version to 3.8.4, no change needed -- Luigi Gangitano Thu, 01 Apr 2010 00:33:21 +0200 squid3 (3.1.0.18-1) UNRELEASED; urgency=low * New upstream release * debian/rules - Fix wrong resolvconf directory (Closes: #565652) -- Luigi Gangitano Mon, 15 Mar 2010 19:35:50 +0100 squid3 (3.1.0.17-1) UNRELEASED; urgency=low * New upstream release, fixes - Remote Denial of Service issue in HTCP (Closes: #572554) (Ref: SQUID-2010:2 CVE-2010-0639) -- Luigi Gangitano Fri, 12 Mar 2010 15:41:00 +0100 squid3 (3.1.0.16-1) experimental; urgency=low * New upstream release - Adds client_ip_max_connection to avoid DoS under Slowloris attack (Ref: TEMP-0533661-009115 Closes: #533664) - Handle DNS header-only packets as invalid (Ref: SQUID-2010:1 CVE-2010-0308) - Fixes memory filling during file download (Closes: #562012) -- Luigi Gangitano Wed, 10 Feb 2010 18:53:36 +0100 squid3 (3.1.0.15-1) experimental; urgency=low * New upstream release - Fixes assertion failures on malformed Content-Range response headers (Closes: #541032) * debian/README.Debian - Fixed reference to RELEASENOTES.html (Closes: #561007) * debian/README.source - Added directions on source handling * debian/control - Remove duplicated informations that can be inherited from source stanza - Added autotools-dev build-dependency to enable cdbs fix for ancient helper files -- Luigi Gangitano Thu, 14 Jan 2010 22:44:13 +0100 squid3 (3.1.0.14-2) experimental; urgency=low * debian/rules - Enable ESI support (Closes: #506241) * debian/control - Add Build-Dep on libexpat1-dev and libxml2-dev, needed by ESI support -- Luigi Gangitano Tue, 29 Sep 2009 19:55:23 +0200 squid3 (3.1.0.14-1) experimental; urgency=low * New upstream release - Fixes FTBFS in GNU/kFreeBSD (Closes: #545965) - Fixes incorrect handling of IMS (Closes: #499379) * debian/patches/01-cf.data.debian - Updated to match new upstream -- Luigi Gangitano Tue, 29 Sep 2009 19:31:16 +0200 squid3 (3.1.0.13-2) experimental; urgency=low * debian/rules - Disable language files generation - Do not clean libcppunit that is not shipped with squid anymore * debian/control - Removed dependency on sharutils - Added dependency on libcap2, will enable TPROXY support (Closes: 398970) - Fixed squid3-common description, no more error pages * debian/squidclient.1 - Removed man page integrated upstream * debian/squid3.rc - Removed obsolete -D option * debian/patches/01-cf.data.debian - Added ::1 to localhost definition in ACLs -- Luigi Gangitano Fri, 25 Sep 2009 23:02:40 +0200 squid3 (3.1.0.13-1) experimental; urgency=low * Upload to experimental * New upstream release - Fixes Follow-X-Forwarded-For support (Closes: #523943) - Adds IPv6 support (Closes: #432351) * debian/rules - Removed obsolete configuration options - Enable db and radius basic authentication modules * debian/patches/01-cf.data.debian - Adapted to new upstream version * debian/patches/02-makefile-defaults - Adapted to new upstream version * debian/{squid.postinst,squid.rc,README.Debian,watch} - Updated references to squid 3.1 * debian/squid3.install - Install CSS file for error pages - Install manual pages for new authentication modules * debian/squid3-common.install - Install documented version of configuration file in /usr/share/doc/squid3 -- Luigi Gangitano Thu, 24 Sep 2009 14:51:06 +0200 squid3 (3.0.STABLE19-1) unstable; urgency=low * New upstream release - Fixes DoS in exthernal auth header parser (Ref: CVE-2009-2855) * debian/squid.rc - Fixed dependencies in init.d script, thanks to Petter Reinholdtsen (Closes: #546362) * debian/control - Bumped Standard-Version to 3.8.3, no change needed -- Luigi Gangitano Sun, 20 Sep 2009 01:33:00 +0200 squid3 (3.0.STABLE18-1) unstable; urgency=high * New upstream release - Removed patches integrated upstream + 12-gcc44-fixes + 13-signed-unsigned-fixes + SQUID-2009-2 * debian/rules - Enable ARP ACLs (Closes: #538023) - Enable SNMP support (Closes: #537187) * debian/control - Fix dependency for squid3-dbg on squid3 =${binary:Version} - Added dependency of squid3-dbg on ${misc:Depends} * debian/squid3-common.postinst - Added DEBHELPER placeholder -- Luigi Gangitano Sun, 09 Aug 2009 00:28:56 +0200 squid3 (3.0.STABLE16-2.1) unstable; urgency=high * Non-maintainer upload by the Security Team. * Fix multiple possible denial of service vectors in the processing of requests or responses (SQUID-2009-2; CVE-2009-2622; CVE-2009-2621; 12-SQUID-2009_2.dpatch). -- Nico Golde Tue, 04 Aug 2009 21:56:36 +0200 squid3 (3.0.STABLE16-2) unstable; urgency=low * debian/patches/13-signed-unsigned-fixes - Added upstream patch fixing build errors on 64-bit archs (Closes: #536588) * debian/README.Debian - Removed instability notice of development version * debian/control - Fixed squid3-dbg section and priority to match archive override -- Luigi Gangitano Sat, 11 Jul 2009 13:46:45 +0200 squid3 (3.0.STABLE16-1) unstable; urgency=low * New upstream release * debian/patches/12-gcc44-fixes - Added upstream patch fixing build erros with GCC 4.4 (Closes: #526672) * debian/control - Bumped Standard-Version to 3.8.2, no change needed * debian/NEWS.Debian - Fixed format of NEWS.Debian (double space at start) -- Luigi Gangitano Tue, 07 Jul 2009 18:56:41 +0200 squid3 (3.0.STABLE15-1) unstable; urgency=low * New upstream release - Fixes wrong reference to digest_pw_auth (Closes: #517528) * debian/{control,squid3-common.{install,postinst,links},NEWS.Debian} - Added dependency on squid-langpack, linked error directory to /usr/share/squid-langpack (Closes: #497283) - Added a notice in NEWS.Debian on customized error_directory settings * debian/patches/01-cf.data.debian - Adapted to new upstream version * debian/control - Added debug package to help bug reports - Added dependency on libkrb5-dev and comerr-dev * debian/squid3.resolvconf - Use invoke-rc.d instead of directly calling init script * debian/rules - Added missing --with-large-files configure option (Closes: #534888) - Enabled Kerberos Negotiate Auth support (Closes: #532064) * debian/copyright - Fixed copyright to reflect current sources, thanks to Amos Jeffries (Closes: #524601) * debian/squid3.rc - Added reference to config file at startup (Closes: #517529) * debian/squid3.postinst - Removed path from command invocation and make lintian happy -- Luigi Gangitano Mon, 6 May 2009 13:29:10 +0200 squid3 (3.0.STABLE13-1) unstable; urgency=low * New upstream release - Removed patches integrated upstream + 10-mgr_active_requests + 11-SQUID-2009-1 * debian/patches/02-makefile-defaults - Removed cachemgr configuration file fix integrated upstream * debian/rules - Disable support for coss witch is marked as unstable upstream -- Luigi Gangitano Mon, 16 Feb 2009 16:18:30 +0100 squid3 (3.0.STABLE8-3) unstable; urgency=high * Urgency high due to security fixes * debian/patches/11-SQUID-2009-1 - Added upstream patch fixing Denial of Service in request processing (Ref: SQUID-2009-1, CVE: TBA) -- Luigi Gangitano Fri, 06 Feb 2009 20:23:57 +0100 squid3 (3.0.STABLE8-2) unstable; urgency=low * debian/squid3.postinst - Fixed non-POSIX option to chown (Closes: #491701) * debian/rules - Removed obsoleted configure options (Closes: 511272) - Added --enable-follow-x-forwarded-for configure option * debian/control - Added dependency on ${misc:Depends} to make lintian happy * debian/squid3.postinst - Removed path from squid3 invocation to make lintian happy * debian/control - Bumped Standard-Version to 3.8.0, no change needed -- Luigi Gangitano Fri, 9 Jan 2009 00:02:48 +0200 squid3 (3.0.STABLE8-1) unstable; urgency=high * Urgency high to meet freeze deadline * New upstream release * debian/patches/10-mgr_active_requests - Added upstream patch fixing delay_pool reporting in cachemgr.cgi -- Luigi Gangitano Mon, 21 Jul 2008 09:20:31 +0200 squid3 (3.0.STABLE7-1) unstable; urgency=low * New upstream release -- Luigi Gangitano Sat, 05 Jul 2008 21:24:36 +0200 squid3 (3.0.STABLE6-2) unstable; urgency=low * debian/control - Fixed suggestion on squidclient package -- Luigi Gangitano Sun, 01 Jun 2008 05:48:22 +0200 squid3 (3.0.STABLE6-1) unstable; urgency=low * New upstream release (Closes: #478695) * debian/squid3.rc - Added automatic coss file creation (Closes: #478108) - Removed default blocking logging to syslog - Added parsing of /etc/default/squid3 for SQUID_ARGS override * debian/{rules,control,squidclient.install,squidclient.1} - Rename squid3-client package to squidclient (Closes: #473876) - Added squidclient man page from old squid package -- Luigi Gangitano Sun, 01 Jun 2008 02:43:42 +0200 squid3 (3.0.STABLE5-1) UNRELEASED; urgency=low * New upstream release (Closes: #478695) -- Luigi Gangitano Sat, 03 May 2008 18:39:36 +0200 squid3 (3.0.STABLE4-1) unstable; urgency=low * New upstream release -- Luigi Gangitano Thu, 03 Apr 2008 01:34:07 +0200 squid3 (3.0.STABLE2-1) unstable; urgency=low * New upstream release (Closes: #470641) * debian/rules - Fixed bashism (Closes: #468567) * debian/control - Fixed description, remove instability notice (Closes: #463347) * debian/squid.rc - Raise max open filedescriptor limit to match build time limit at 65535 (Closes: #470605, #470607) -- Luigi Gangitano Wed, 12 Mar 2008 13:52:21 +0100 squid3 (3.0.STABLE1-2) unstable; urgency=low * debian/rules - Fixed --with-large-files option to ./configure (Closes: #459306) - Added null storio option (Closes: #456889) -- Luigi Gangitano Tue, 11 Jan 2008 14:09:45 +0100 squid3 (3.0.STABLE1-1) unstable; urgency=low * New upstream release - Updated debian/watch (Closes: #456470) - Removed patches integrated upstream + 08-resume-http + 09-dos-cache-update * debian/control - Bumped Standard-Version to 3.7.3 (no change needed) - Added Homepage field * debian/patches/01-cf.data.debian - Adapted to new upstream version (remove default accesso to RFC1918 addresses) * debian/squid3.{preinst,postinst,prerm,postrm} - Added debhelper token -- Luigi Gangitano Mon, 17 Dec 2007 11:36:57 +0100 squid3 (3.0.RC1-3) unstable; urgency=high * Urgency high due to security fixes * debian/patches/09-dos-cache-update - Added upstream patch fixing DoS in cache update reply processing (Ref: CVE-2007-6239, SQUID-2007:2) -- Luigi Gangitano Fri, 7 Dec 2007 16:30:39 +0100 squid3 (3.0.RC1-2) unstable; urgency=low * debian/patches/08-resume-http.dpatch - Added upstream patch fixing failure to resume downloads -- Luigi Gangitano Mon, 15 Oct 2007 02:43:44 +0200 squid3 (3.0.RC1-1) unstable; urgency=low * New upstream release - Updated debian watch * debian/patches/01-cf.data.debian - Updated to match upstream changes * debian/control - Updated Build-Depends to libdb 4.6 - Removed dependency on essential package coreutils - Fixed dependency on virtual package httpd -- Luigi Gangitano Sun, 14 Oct 2007 16:07:28 +0200 squid3 (3.0.PRE7-1) unstable; urgency=low * New upstream release - Fixed assertion failure when receiving TCP_RESET (Closes: #435887) - Removed patches integrated upstream: + debian/patches/05-helpers-typo + debian/patches/06-mem-obj-reference + debian/patches/07-close-icap-connections * debian/patches/01-cf.data.debian - Removed upstream-integrated patches * debian/rules - Enabled build time default user configuration -- Luigi Gangitano Fri, 31 Aug 2007 18:05:13 +0200 squid3 (3.0.PRE6-2) unstable; urgency=low * debian/control - Make package binNMU safe (Closes: #432981) * debian/rules - Enabled diskd (Closes: #434621) - Removed --enable-diskio option (Closes: #435230) -- Luigi Gangitano Sun, 13 May 2007 19:13:03 +0200 squid3 (3.0.PRE6-1) unstable; urgency=low * New upstream release - Removed patches integrated upsteam: + 04-m68k-ftbfs * debian/rules - Enable delay pools (Closes: #410785) - Enable cache digests (Closes: #416631) - Enable ICAP client - Raised Max Filedescriptor limit to 65536 * debian/control - Added real package dependency for httpd in squid3-cgi * debian/patches/02-makefile-defaults - Fix default configuration file for cachemgr.cgi (Closes: #416630) * debian/squid3.postinst - Fixed bashish in postinst (Closes: #411797) * debian/patches/05-helpers-typo - Added upstream patch fixing compilation error in src/helpers.cc * debian/patches/06-mem-obj-reference - Added upstream patch fixing a mem_obj reference in src/store.cc * debian/patches/07-close-icap-connections - Added upstream patch fixing icap connection starvation * debian/squid3.rc - Added LSB-compliant description to rc script -- Luigi Gangitano Sun, 13 May 2007 16:03:16 +0200 squid3 (3.0.PRE5-5) unstable; urgency=low * debian/control - Revert dependency on libsasl2-2-dev to libsasl2-dev (Closes: #401292) -- Luigi Gangitano Thu, 30 Nov 2006 16:27:26 +0100 squid3 (3.0.PRE5-4) unstable; urgency=low * debian/{rules,squid3-client.install} - Fix path for squid3client (Closes: #400893) -- Luigi Gangitano Thu, 30 Nov 2006 15:32:53 +0100 squid3 (3.0.PRE5-3) unstable; urgency=low * debian/rules - Use the right patch for specific options on GNU/kFreeBSD (Closes: #397829) -- Luigi Gangitano Sat, 11 Nov 2006 10:32:06 +0100 squid3 (3.0.PRE5-2) unstable; urgency=low * debian/rules - Added architecture specific configure options to fix FTBFS on GNU/KFreeBSD (Closes: #397829) * debian/control - Updated Build-Depend to libsasl2-2-dev -- Luigi Gangitano Sat, 11 Nov 2006 00:33:31 +0100 squid3 (3.0.PRE5-1) unstable; urgency=low * New upstream release - Includes fix for FTBFS with GCC 4.2 (Closes: #379969) - Removed upstream-integrated patches: + 03-upstream-md5-byteswap * debian/patches/04-m68k-ftbfs.dpathc - Added patch to fix FTBFS on m68k due to missing parenthesis (Closes: #394220) * debian/control - Added Build-Dep on libcppunit-dev - Updated Build-Dep to libdb4.4-dev * debian/rules - Added usage of already compiled libcppunit, reducing build time -- Luigi Gangitano Thu, 9 Nov 2006 15:42:43 +0100 squid3 (3.0.PRE4-5) unstable; urgency=low * debian/rules - Fixed typo in configure options (--with-filedescriptors) - Added missing transparent proxy options -- Luigi Gangitano Thu, 20 Jul 2006 15:03:07 +0200 squid3 (3.0.PRE4-4) unstable; urgency=low * debian/control - Removed dependency on webmin-squid for squid-cgi * debian/rules - Removed bashism (Closes: #377952) -- Luigi Gangitano Wed, 12 Jul 2006 15:56:01 +0200 squid3 (3.0.PRE4-3) unstable; urgency=low * debian/patches/03-upstream-md5-byteswap.dpatch - Added upstream patch to fix FTBFS on BIGENDIAN architectures (Closes: #377596) -- Luigi Gangitano Mon, 10 Jul 2006 18:06:06 +0200 squid3 (3.0.PRE4-2) unstable; urgency=low * debian/copyright - Added text from CREDITS with copyright and licences for all the components included in squid -- Luigi Gangitano Mon, 10 Jul 2006 00:46:10 +0200 squid3 (3.0.PRE4-1) unstable; urgency=low * New upstream release * debian/rules - Revorked to build packages that can be installed side-by-side with the squid 2.x packages. * debian/control - Added dependency on dpatch -- Luigi Gangitano Mon, 3 Jul 2006 16:47:43 +0200 squid3 (3.0.PRE3.20060422-2) unstable; urgency=low * debian/control - Added missing Build-Depends on libsasl2-dev -- Luigi Gangitano Wed, 14 Jun 2006 15:31:34 +0200 squid3 (3.0.PRE3.20060422-1) unstable; urgency=low * First package attempt -- Luigi Gangitano Sat, 22 Apr 2006 01:19:36 +0200