The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.3.7 release!
This release is a security bug fix release resolving a vulnerability
issue found in the prior Squid releases.
The major changes to be aware of:
* Buffer Overflow vulnerability fixed
The security vulnerability SQUID-2013:2 is fixed by this release.
This vulnerability was identified from active 0-day attacks affecting
Squid-3.2 and later versions. Upgrade or patching of existing proxy
installations is highly recommended.
The underlying bug is preent in all Squid 2.0 and later but only
exposed in 3.2 series. Patches are provided in the Advisory for all
3.x versions as a preventative measure for older versions.
* Multiple SSL build issues resolved
A better fix for bug 3759 which also incorporates a fix for bug 3297
and several other unreported bugs has been added. These bugs are
present with OpenSSL 1.0.0* versions on some Fedora, RHEL, CentOS
and operating system distributions derived from them.
They are visible as compile errors mentioning "const _STACK *",
"const SSL_METHOD" and/or "sk_OPENSSL_PSTRING_value" when building
against an affected OpenSSL library.
Other compile errors may still exist. Please contribute to the
existing bugzilla entries or report any new issues identified in this
version.
See the ChangeLog for the full list of changes in this and earlier
releases.
All users are urged to upgrade to this release as soon as possible.
Please remember to run "squid -k parse" when testing upgrade to a new
version of Squid. It will audit your configuration files and report
any identifiable issues the new release will have in your installation
before you "press go". We are still removing the infamous "Bungled
Config" halting points and adding checks, so if something is not
identified please report it.
Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html
when you are ready to make the switch to Squid-3.3
Upgrade tip:
"squid -k parse" is starting to display even more
useful hints about squid.conf changes.
This new release can be downloaded from our HTTP or FTP servers
http://www.squid-cache.org/Versions/v3/3.3/
ftp://ftp.squid-cache.org/pub/squid/
ftp://ftp.squid-cache.org/pub/archive/3.3/
or the mirrors. For a list of mirror sites see
http://www.squid-cache.org/Download/http-mirrors.html
http://www.squid-cache.org/Download/mirrors.html
If you encounter any issues with this release please file a bug report.
http://bugs.squid-cache.org/
Amos Jeffries
Received on Thu Jul 11 2013 - 06:48:47 MDT
This archive was generated by hypermail 2.2.0 : Sat Jul 13 2013 - 12:00:05 MDT