The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.3.11 release!
This release is a bug fix release resolving several major issues
found in the prior Squid releases.
The major changes to be aware of:
* Bug #3906: Filedescriptor leaks in SNMP
This bug shows up when running Squid in SMP mode with SNMP monitoring
queries. It displays as a periodic crash of Squid as the available
filedescriptors are exhausted.
* Bug #3936: error-details.txt parse error
This bug shows up in SSL-enabled Squid-3.3.9 built against or running
with OpenSSL library versions older than 1.0.1.
* Bug #3782: Digest authentication not obeying nonce_max_count
This authentication option helps protect against replay attacks. Digest
implementation in Squid was found to be accepting nonce replays beyond
the configured limit.
* Replace blocking sleep(3) and close UDS socket on failures
In the worst case Squid could previously lock up completely in the event
that SMP shared memory systems are encountering errors. This allows
other operations by Squid to continue while the UDS failure recovery
happens.
* Re-compute Range response content offset after an FTP response was
adapted.
Due to incorrect calculation of Range offsets several nasty side effects
can occur on requests for ftp:// URLs which get adapted by ICAP or eCAP.
* Bug #3960: DEAD cache_peer are not revived
This bug shows up as DEAD cache_peer staying down even after the peer
has become available again. It occurs when the tcp_outgoing_address
feature is used with ACL depending on details of remote peer.
* Bug #3970: max_filedescriptors disabled due to missing setrlimit
The system API setrlimit() function was not being detected properly when
building Squid. This resulted in many installations having
max_filedescriptors not working.
The fix here only resolves the false WARNING. Systems which genuinely do
not provide a working setrlimit() can still expect to see it.
Several other bugs involving segmentation faults and crashes under rare
circumstances have also been resolved.
See the ChangeLog for the full list of changes in this and earlier
releases.
All users are urged to upgrade to this release as soon as possible.
Please remember to run "squid -k parse" when testing upgrade to a new
version of Squid. It will audit your configuration files and report
any identifiable issues the new release will have in your installation
before you "press go". We are still removing the infamous "Bungled
Config" halting points and adding checks, so if something is not
identified please report it.
Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html
when you are ready to make the switch to Squid-3.3
Upgrade tip:
"squid -k parse" is starting to display even more
useful hints about squid.conf changes.
This new release can be downloaded from our HTTP or FTP servers
http://www.squid-cache.org/Versions/v3/3.3/
ftp://ftp.squid-cache.org/pub/squid/
ftp://ftp.squid-cache.org/pub/archive/3.3/
or the mirrors. For a list of mirror sites see
http://www.squid-cache.org/Download/http-mirrors.html
http://www.squid-cache.org/Download/mirrors.html
If you encounter any issues with this release please file a bug report.
http://bugs.squid-cache.org/
Amos Jeffries
Received on Sun Dec 01 2013 - 10:12:50 MST
This archive was generated by hypermail 2.2.0 : Fri Dec 06 2013 - 12:00:04 MST