c00279
%define __perl_requires %{SOURCE98}
c00279
c00279
Name:     squid
ea2e60
Version:  4.11
5c1076
Release:  4%{?dist}
c00279
Summary:  The Squid proxy caching server
c00279
Epoch:    7
c00279
# See CREDITS for breakdown of non GPLv2+ code
c00279
License:  GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
c00279
URL:      http://www.squid-cache.org
c00279
Source0:  http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz
c00279
Source1:  http://www.squid-cache.org/Versions/v4/squid-%{version}.tar.xz.asc
c00279
Source2:  squid.logrotate
c00279
Source3:  squid.sysconfig
c00279
Source4:  squid.pam
c00279
Source5:  squid.nm
c00279
Source6:  squid.service
c00279
Source7:  cache_swap.sh
c00279
c00279
Source98: perl-requires-squid.sh
c00279
c00279
# Upstream patches
c00279
c00279
# Backported patches
c00279
c00279
# Local patches
c00279
# Applying upstream patches first makes it less likely that local patches
c00279
# will break upstream ones.
ea2e60
Patch201: squid-4.11-config.patch
ea2e60
Patch202: squid-4.11-location.patch
ea2e60
Patch203: squid-4.11-perlpath.patch
ea2e60
Patch204: squid-4.11-include-guards.patch
ea2e60
Patch205: squid-4.11-large-acl.patch
c00279
# https://bugzilla.redhat.com/show_bug.cgi?id=980511
ea2e60
Patch206: squid-4.11-active-ftp.patch
ea2e60
# https://github.com/squid-cache/squid/commit/c26cd1cb6a60ff196ef13c00e82576d3bfeb2e30
ea2e60
Patch207: squid-4.11-systemd.patch
5c1076
Patch208: squid-4.11-convert-ipv4.patch
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1890606
5c1076
Patch209: squid-4.11-cache-mgr-auth-strdup.patch
3c336a
3c336a
# Security fixes
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1852554
5c1076
Patch500: squid-4.11-CVE-2020-14058.patch
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1852550
5c1076
Patch501: squid-4.11-CVE-2020-15049.patch
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1871705
5c1076
Patch502: squid-4.11-CVE-2020-24606.patch
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1871702
5c1076
Patch503: squid-4.11-CVE-2020-15811.patch
5c1076
# https://bugzilla.redhat.com/show_bug.cgi?id=1871700
5c1076
Patch504: squid-4.11-CVE-2020-15810.patch
5c1076
c00279
c00279
Requires: bash >= 2.0
c00279
Requires(pre): shadow-utils
c00279
Requires(post): systemd
c00279
Requires(preun): systemd
c00279
Requires(postun): systemd
c00279
# squid_ldap_auth and other LDAP helpers require OpenLDAP
c00279
BuildRequires: openldap-devel
c00279
# squid_pam_auth requires PAM development libs
c00279
BuildRequires: pam-devel
c00279
# SSL support requires OpenSSL
c00279
BuildRequires: openssl-devel
c00279
# squid_kerb_aut requires Kerberos development libs
c00279
BuildRequires: krb5-devel
c00279
# time_quota requires DB
c00279
BuildRequires: libdb-devel
c00279
# ESI support requires Expat & libxml2
c00279
BuildRequires: expat-devel libxml2-devel
c00279
# TPROXY requires libcap, and also increases security somewhat
c00279
BuildRequires: libcap-devel
c00279
# eCAP support
c00279
BuildRequires: libecap-devel
c00279
#ip_user helper requires
c00279
BuildRequires: gcc-c++
c00279
BuildRequires: libtool libtool-ltdl-devel
c00279
BuildRequires: perl-generators
c00279
# For test suite
c00279
BuildRequires: pkgconfig(cppunit)
c00279
BuildRequires: autoconf
ea2e60
# systemd notify
ea2e60
BuildRequires: systemd-devel
c00279
c00279
%description
c00279
Squid is a high-performance proxy caching server for Web clients,
c00279
supporting FTP, gopher, and HTTP data objects. Unlike traditional
c00279
caching software, Squid handles all requests in a single,
c00279
non-blocking, I/O-driven process. Squid keeps meta data and especially
c00279
hot objects cached in RAM, caches DNS lookups, supports non-blocking
c00279
DNS lookups, and implements negative caching of failed requests.
c00279
c00279
Squid consists of a main server program squid, a Domain Name System
c00279
lookup program (dnsserver), a program for retrieving FTP data
c00279
(ftpget), and some management and client tools.
c00279
c00279
%prep
c00279
%setup -q
c00279
c00279
# Upstream patches
c00279
c00279
# Backported patches
c00279
c00279
# Local patches
c00279
%patch201 -p1 -b .config
c00279
%patch202 -p1 -b .location
c00279
%patch203 -p1 -b .perlpath
ea2e60
%patch204 -p1 -b .include-guards
c00279
%patch205 -p1 -b .large_acl
c00279
%patch206 -p1 -b .active-ftp
ea2e60
%patch207 -p1 -b .systemd
5c1076
%patch208 -p1 -R -b .convert-ipv4
5c1076
%patch209 -p1 -b .cachemgr-strdup
5c1076
5c1076
# Security patches
5c1076
%patch500 -p1 -b .cve-2020-14058
5c1076
%patch501 -p1 -b .cve-2020-15049
5c1076
%patch502 -p1 -b .cve-2020-24606
5c1076
%patch503 -p1 -b .CVE-2020-15811
5c1076
%patch504 -p1 -b .CVE-2020-15810
3c336a
3c336a
# https://bugzilla.redhat.com/show_bug.cgi?id=1679526
3c336a
# Patch in the vendor documentation and used different location for documentation
3c336a
sed -i 's|@SYSCONFDIR@/squid.conf.documented|%{_pkgdocdir}/squid.conf.documented|' src/squid.8.in
c00279
c00279
%build
c00279
# cppunit-config patch changes configure.ac
c00279
autoconf
c00279
c00279
# NIS helper has been removed because of the following bug
c00279
# https://bugzilla.redhat.com/show_bug.cgi?id=1531540
c00279
%configure \
c00279
   --libexecdir=%{_libdir}/squid \
c00279
   --datadir=%{_datadir}/squid \
c00279
   --sysconfdir=%{_sysconfdir}/squid \
c00279
   --with-logdir='%{_localstatedir}/log/squid' \
c00279
   --with-pidfile='%{_localstatedir}/run/squid.pid' \
c00279
   --disable-dependency-tracking \
c00279
   --enable-eui \
c00279
   --enable-follow-x-forwarded-for \
c00279
   --enable-auth \
c00279
   --enable-auth-basic="DB,fake,getpwnam,LDAP,NCSA,PAM,POP3,RADIUS,SASL,SMB,SMB_LM" \
c00279
   --enable-auth-ntlm="SMB_LM,fake" \
c00279
   --enable-auth-digest="file,LDAP" \
c00279
   --enable-auth-negotiate="kerberos" \
c00279
   --enable-external-acl-helpers="LDAP_group,time_quota,session,unix_group,wbinfo_group,kerberos_ldap_group" \
c00279
   --enable-storeid-rewrite-helpers="file" \
c00279
   --enable-cache-digests \
c00279
   --enable-cachemgr-hostname=localhost \
c00279
   --enable-delay-pools \
c00279
   --enable-epoll \
c00279
   --enable-icap-client \
c00279
   --enable-ident-lookups \
c00279
   %ifnarch %{power64} ia64 x86_64 s390x aarch64
c00279
   --with-large-files \
c00279
   %endif
c00279
   --enable-linux-netfilter \
c00279
   --enable-removal-policies="heap,lru" \
c00279
   --enable-snmp \
c00279
   --enable-ssl \
c00279
   --enable-ssl-crtd \
c00279
   --enable-storeio="aufs,diskd,ufs,rock" \
c00279
   --enable-diskio \
c00279
   --enable-wccpv2 \
c00279
   --enable-esi \
c00279
   --enable-ecap \
c00279
   --with-aio \
c00279
   --with-default-user="squid" \
c00279
   --with-dl \
c00279
   --with-openssl \
c00279
   --with-pthreads \
c00279
   --disable-arch-native \
3c336a
   --disable-security-cert-validators \
3c336a
   --with-swapdir=%{_localstatedir}/spool/squid
c00279
3c336a
%make_build
c00279
c00279
%check
c00279
make check
c00279
	
c00279
%install
3c336a
%make_install
3c336a
c00279
echo "
c00279
#
c00279
# This is %{_sysconfdir}/httpd/conf.d/squid.conf
c00279
#
c00279
c00279
ScriptAlias /Squid/cgi-bin/cachemgr.cgi %{_libdir}/squid/cachemgr.cgi
c00279
c00279
# Only allow access from localhost by default
c00279
<Location /Squid/cgi-bin/cachemgr.cgi>
c00279
 Require local
c00279
 # Add additional allowed hosts as needed
c00279
 # Require host example.com
c00279
</Location>" > $RPM_BUILD_ROOT/squid.httpd.tmp
c00279
c00279
c00279
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
c00279
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
c00279
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
c00279
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/
c00279
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d
c00279
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
c00279
mkdir -p $RPM_BUILD_ROOT%{_libexecdir}/squid
c00279
install -m 644 %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/squid
c00279
install -m 644 %{SOURCE3} $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/squid
c00279
install -m 644 %{SOURCE4} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/squid
c00279
install -m 644 %{SOURCE6} $RPM_BUILD_ROOT%{_unitdir}
c00279
install -m 755 %{SOURCE7} $RPM_BUILD_ROOT%{_libexecdir}/squid
c00279
install -m 644 $RPM_BUILD_ROOT/squid.httpd.tmp $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/squid.conf
c00279
install -m 644 %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/NetworkManager/dispatcher.d/20-squid
c00279
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/squid
c00279
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/spool/squid
c00279
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/squid
c00279
chmod 644 contrib/url-normalizer.pl contrib/user-agents.pl
c00279
iconv -f ISO88591 -t UTF8 ChangeLog -o ChangeLog.tmp
c00279
mv -f ChangeLog.tmp ChangeLog
c00279
c00279
# install /usr/lib/tmpfiles.d/squid.conf
c00279
mkdir -p ${RPM_BUILD_ROOT}%{_tmpfilesdir}
c00279
cat > ${RPM_BUILD_ROOT}%{_tmpfilesdir}/squid.conf <
c00279
# See tmpfiles.d(5) for details
c00279
c00279
d /run/squid 0755 squid squid - -
c00279
EOF
c00279
c00279
# Move the MIB definition to the proper place (and name)
c00279
mkdir -p $RPM_BUILD_ROOT/usr/share/snmp/mibs
c00279
mv $RPM_BUILD_ROOT/usr/share/squid/mib.txt $RPM_BUILD_ROOT/usr/share/snmp/mibs/SQUID-MIB.txt
c00279
c00279
# squid.conf.documented is documentation. We ship that in doc/
c00279
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/squid/squid.conf.documented
c00279
c00279
# remove unpackaged files from the buildroot
c00279
rm -f $RPM_BUILD_ROOT%{_bindir}/{RunAccel,RunCache}
c00279
rm -f $RPM_BUILD_ROOT/squid.httpd.tmp
c00279
c00279
%files
c00279
%defattr(-,root,root,-)
c00279
%license COPYING 
c00279
%doc CONTRIBUTORS README ChangeLog QUICKSTART src/squid.conf.documented
c00279
%doc contrib/url-normalizer.pl contrib/user-agents.pl
c00279
c00279
%{_unitdir}/squid.service
c00279
%attr(755,root,root) %dir %{_libexecdir}/squid
c00279
%attr(755,root,root) %{_libexecdir}/squid/cache_swap.sh
c00279
%attr(755,root,root) %dir %{_sysconfdir}/squid
c00279
%attr(755,root,root) %dir %{_libdir}/squid
c00279
%attr(770,squid,root) %dir %{_localstatedir}/log/squid
c00279
%attr(750,squid,squid) %dir %{_localstatedir}/spool/squid
c00279
%attr(755,squid,squid) %dir %{_localstatedir}/run/squid
c00279
c00279
%config(noreplace) %attr(644,root,root) %{_sysconfdir}/httpd/conf.d/squid.conf
c00279
%config(noreplace) %attr(640,root,squid) %{_sysconfdir}/squid/squid.conf
c00279
%config(noreplace) %attr(644,root,squid) %{_sysconfdir}/squid/cachemgr.conf
c00279
%config(noreplace) %{_sysconfdir}/squid/mime.conf
c00279
%config(noreplace) %{_sysconfdir}/squid/errorpage.css
c00279
%config(noreplace) %{_sysconfdir}/sysconfig/squid
c00279
# These are not noreplace because they are just sample config files
c00279
%config %{_sysconfdir}/squid/squid.conf.default
c00279
%config %{_sysconfdir}/squid/mime.conf.default
c00279
%config %{_sysconfdir}/squid/errorpage.css.default
c00279
%config %{_sysconfdir}/squid/cachemgr.conf.default
c00279
%config(noreplace) %{_sysconfdir}/pam.d/squid
c00279
%config(noreplace) %{_sysconfdir}/logrotate.d/squid
c00279
c00279
%dir %{_datadir}/squid
c00279
%attr(-,root,root) %{_datadir}/squid/errors
c00279
%attr(755,root,root) %{_sysconfdir}/NetworkManager/dispatcher.d/20-squid
c00279
%{_datadir}/squid/icons
c00279
%{_sbindir}/squid
c00279
%{_bindir}/squidclient
c00279
%{_bindir}/purge
c00279
%{_mandir}/man8/*
c00279
%{_mandir}/man1/*
c00279
%{_libdir}/squid/*
c00279
%{_datadir}/snmp/mibs/SQUID-MIB.txt
c00279
%{_tmpfilesdir}/squid.conf
c00279
c00279
%pre
c00279
if ! getent group squid >/dev/null 2>&1; then
c00279
  /usr/sbin/groupadd -g 23 squid
c00279
fi
c00279
c00279
if ! getent passwd squid >/dev/null 2>&1 ; then
c00279
  /usr/sbin/useradd -g 23 -u 23 -d /var/spool/squid -r -s /sbin/nologin squid >/dev/null 2>&1 || exit 1 
c00279
fi
c00279
c00279
for i in /var/log/squid /var/spool/squid ; do
c00279
        if [ -d $i ] ; then
c00279
                for adir in `find $i -maxdepth 0 \! -user squid`; do
c00279
                        chown -R squid:squid $adir
c00279
                done
c00279
        fi
c00279
done
c00279
c00279
exit 0
c00279
3c336a
%pretrans -p <lua>
3c336a
-- Due to a bug #447156
3c336a
paths = {"/usr/share/squid/errors/zh-cn", "/usr/share/squid/errors/zh-tw"}
3c336a
for key,path in ipairs(paths)
3c336a
do
3c336a
  st = posix.stat(path)
3c336a
  if st and st.type == "directory" then
3c336a
    status = os.rename(path, path .. ".rpmmoved")
3c336a
    if not status then
3c336a
      suffix = 0
3c336a
      while not status do
3c336a
        suffix = suffix + 1
3c336a
        status = os.rename(path .. ".rpmmoved", path .. ".rpmmoved." .. suffix)
3c336a
      end
3c336a
      os.rename(path, path .. ".rpmmoved")
3c336a
    end
3c336a
  end
3c336a
end
3c336a
c00279
%post
c00279
%systemd_post squid.service
c00279
c00279
%preun
c00279
%systemd_preun squid.service
c00279
c00279
%postun
c00279
%systemd_postun_with_restart squid.service
c00279
c00279
%triggerin -- samba-common
c00279
if ! getent group wbpriv >/dev/null 2>&1 ; then
c00279
  /usr/sbin/groupadd -g 88 wbpriv >/dev/null 2>&1 || :
c00279
fi
c00279
/usr/sbin/usermod -a -G wbpriv squid >/dev/null 2>&1 || \
c00279
    chgrp squid /var/cache/samba/winbindd_privileged >/dev/null 2>&1 || :
c00279
c00279
c00279
%changelog
5c1076
* Mon Oct 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-4
5c1076
- Resolves: #1890606 - Fix for CVE 2019-13345 breaks authentication in
5c1076
  cachemgr.cgi
5c1076
5c1076
* Wed Aug 26 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-3
5c1076
- Resolves: #1871705 - CVE-2020-24606 squid: Improper Input Validation could
5c1076
  result in a DoS
5c1076
- Resolves: #1871702 - CVE-2020-15811 squid: HTTP Request Splitting could result
5c1076
  in cache poisoning
5c1076
- Resolves: #1871700 - CVE-2020-15810 squid: HTTP Request Smuggling could result
5c1076
  in cache poisoning
5c1076
5c1076
* Thu Jul 02 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-2
5c1076
- Resolves: #1853130 - CVE-2020-15049 squid:4/squid: request smuggling and
5c1076
  poisoning attack against the HTTP cache
5c1076
- Resolves: #1853136 - CVE-2020-14058 squid:4/squid: DoS in TLS handshake
5c1076
ea2e60
* Thu May 07 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.11-1
ea2e60
- new version 4.11
ea2e60
- libsystemd integration
ea2e60
- Resolves: #1829467 - squid:4 rebase
ea2e60
- Resolves: #1828378 - CVE-2019-12521 squid:4/squid: off-by-one error in
ea2e60
  addStackElement allows for a heap buffer overflow and a crash
ea2e60
- Resolves: #1828377 - CVE-2019-12520 squid:4/squid: improper input validation
ea2e60
  in request allows for proxy manipulation
ea2e60
- Resolves: #1828375 - CVE-2019-12524 squid:4/squid: improper access restriction
ea2e60
  in url_regex may lead to security bypass
ea2e60
- Resolves: #1820664 - CVE-2019-18860 squid: mishandles HTML in the host
ea2e60
  parameter to cachemgr.cgi which could result in squid behaving in unsecure way
ea2e60
- Resolves: #1802514 - CVE-2020-8449 squid:4/squid: Improper input validation
ea2e60
  issues in HTTP Request processing
ea2e60
- Resolves: #1802513 - CVE-2020-8450 squid:4/squid: Buffer overflow in a Squid
ea2e60
  acting as reverse-proxy
ea2e60
- Resolves: #1802512 - CVE-2019-12528 squid:4/squid: Information Disclosure
ea2e60
  issue in FTP Gateway
ea2e60
- Resolves: #1771288 - CVE-2019-18678 squid:4/squid: HTTP Request Splitting
ea2e60
  issue in HTTP message processing
ea2e60
- Resolves: #1771283 - CVE-2019-18679 squid:4/squid: Information Disclosure
ea2e60
  issue in HTTP Digest Authentication
ea2e60
- Resolves: #1771280 - CVE-2019-18677 squid:4/squid: Cross-Site Request Forgery
ea2e60
  issue in HTTP Request processing
ea2e60
- Resolves: #1771275 - CVE-2019-12523 squid:4/squid: Improper input validation
ea2e60
  in URI processor
ea2e60
- Resolves: #1771272 - CVE-2019-18676 squid:4/squid: Buffer overflow in URI
ea2e60
  processor
ea2e60
- Resolves: #1771264 - CVE-2019-12526 squid:4/squid: Heap overflow issue in URN
ea2e60
  processing
ea2e60
- Resolves: #1738581 - CVE-2019-12529 squid: OOB read in Proxy-Authorization
ea2e60
  header causes DoS
ea2e60
ea2e60
* Tue Apr 28 2020 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-9
ea2e60
- Resolves: #1738583 - CVE-2019-12525 squid:4/squid: parsing of header
ea2e60
  Proxy-Authentication leads to memory corruption
ea2e60
- Resolves: #1828369 - CVE-2020-11945 squid: improper access restriction upon
ea2e60
  Digest Authentication nonce replay could lead to remote code execution
ea2e60
- Resolves: #1828370 - CVE-2019-12519 squid: improper check for new member in
ea2e60
  ESIExpression::Evaluate allows for stack buffer overflow
ea2e60
3c336a
* Fri Aug 23 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-8
3c336a
- Resolves: # 1738485 - CVE-2019-12527 squid:4/squid: heap-based buffer overflow
3c336a
  in HttpHeader::getAuth
3c336a
3c336a
* Wed Jul 31 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-7
3c336a
- Resolves: #1729436 - CVE-2019-13345 squid: XSS via user_name or auth parameter
3c336a
  in cachemgr.cgi
3c336a
3c336a
* Fri Jun 21 2019 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-6
3c336a
- Resolves: #1679526 - Missing detailed configuration file
3c336a
- Resolves: #1703117 - RHEL 7 to 8 fails with squid installed because dirs
3c336a
  changed to symlinks
3c336a
- Resolves: #1691741 - Squid cache_peer DNS lookup failed when not all lower
3c336a
  case
3c336a
- Resolves: #1683527 - "Reloading" message on a fresh reboot after enabling
3c336a
  squid
3c336a
c00279
* Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-4
c00279
- Resolves: #1612524 - Man page scan results for squid 
c00279
c00279
* Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-3
c00279
- Resolves: #1642384 - squid doesn't work with active ftp
c00279
c00279
* Tue Dec 11 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-2
c00279
- Resolves: #1657847 - Unable to start Squid in Selinux Enforcing mode
c00279
c00279
* Mon Dec 10 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.4-1
c00279
- Resolves: #1656871 - squid rebase to 4.4
c00279
- Resolves: #1645148 - CVE-2018-19131 squid: Cross-Site Scripting when
c00279
  generating HTTPS response messages about TLS errors
c00279
- Resolves: #1645156 - CVE-2018-19132 squid: Memory leak in SNMP query
c00279
  rejection code
c00279
c00279
* Mon Aug 06 2018 Lubos Uhliarik <luhliari@redhat.com> - 7:4.2-1
c00279
- new version 4.2
c00279
- enable back strict error checking
c00279
c00279
* Wed Aug 01 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.1-1
c00279
- new version 4.1
c00279
c00279
* Mon Jun 04 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.23-5
c00279
- Resolves: #1585617 - Build against libdb only instead of libdb4
c00279
- disabled strict checking for now (squid can not be built with GCC8)
c00279
c00279
* Mon Apr 16 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.23-4
c00279
- Resolves: #1566055 - module squid cannot be installed due to missing
c00279
  perl(Crypt::OpenSSL::X509)
c00279
c00279
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.0.23-3
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
c00279
c00279
* Tue Jan 23 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.23-2
c00279
- Resolves: #1481195 - squid loses some REs when optimising ACLs
c00279
c00279
* Tue Jan 23 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.23-1
c00279
- new version 4.0.23
c00279
c00279
* Sat Jan 20 2018 Björn Esser <besser82@fedoraproject.org> - 7:4.0.22-2
c00279
- Rebuilt for switch to libxcrypt
c00279
c00279
* Wed Jan 17 2018 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.22-1
c00279
- new version 4.0.22
c00279
- Removed NIS helper (#1531540)
c00279
c00279
* Mon Aug 07 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.21-1
c00279
- new version 4.0.21
c00279
c00279
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.0.20-4
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
c00279
c00279
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.0.20-3
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
c00279
c00279
* Mon Jun 05 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.20-2
c00279
- related: new version 4.0.20
c00279
c00279
* Mon Jun 05 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.20-1
c00279
- new version 4.0.20
c00279
c00279
* Tue Apr 25 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.19-4
c00279
- Related: #1445255 - Squid SMP Mode Fails
c00279
c00279
* Tue Apr 25 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.19-3
c00279
- Resolves: #1445255 - Squid SMP Mode Fails
c00279
c00279
* Tue Apr 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.19-2
c00279
- Resolves: #1442375 - squid helper squid_kerb_ldap not included in package
c00279
c00279
* Mon Apr 03 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.19-1
c00279
- new version 4.0.19
c00279
c00279
* Thu Mar 30 2017 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.18-1
c00279
- new version 4.0.18
c00279
c00279
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 7:4.0.17-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
c00279
c00279
* Mon Dec 19 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.17-1
c00279
- new version 4.0.17
c00279
c00279
* Mon Oct 31 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.16-1
c00279
- new version 4.0.16
c00279
c00279
* Mon Oct 10 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.15-1
c00279
- new version 4.0.15
c00279
c00279
* Mon Sep 12 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.14-1
c00279
- new version 4.0.14
c00279
c00279
* Tue Aug 09 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:4.0.13-1
c00279
- new version 4.0.13
c00279
c00279
* Mon Jul 11 2016 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:4.0.11-1
c00279
- new version 4.0.11
c00279
c00279
* Wed May 18 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.19-2
c00279
- Resolves: #1336993 - Mistyped command in dirname
c00279
  /etc/NetworkManager/dispatcher.d/20-squid
c00279
c00279
* Tue May 10 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.19-1
c00279
- new version 3.5.19
c00279
c00279
* Thu May 05 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.17-1
c00279
- new version 3.5.17
c00279
c00279
* Tue Apr 05 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.16-1
c00279
- new version 3.5.16
c00279
c00279
* Tue Mar 01 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.15-1
c00279
- new version 3.5.15
c00279
- Resolves: #1311585 - squid: Multiple Denial of Service issues in
c00279
  HTTP Response processing
c00279
- Resolves: #1312267 - squid: SQUID-2016_2 advisory, multiple DoS issues
c00279
c00279
* Tue Mar 01 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.13-3
c00279
- Resolves: #1308866 - CVE-2016-2390 squid: incorrect server error 
c00279
  handling resulting in denial of service
c00279
c00279
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 7:3.5.13-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
c00279
c00279
* Fri Jan 08 2016 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.13-1
c00279
- new version 3.5.13
c00279
c00279
* Thu Dec 03 2015 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.12-2
c00279
- new version 3.5.12
c00279
c00279
* Fri Sep 25 2015 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.9-3
c00279
- Resolves: #1231992
c00279
c00279
* Fri Sep 25 2015 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.9-2
c00279
- Resolves: #1230501
c00279
c00279
* Thu Sep 24 2015 Luboš Uhliarik <luhliari@redhat.com> - 7:3.5.9-1
c00279
- new version 3.5.9
c00279
- added Patch, which fixes problem with include guards 
c00279
c00279
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.5.3-5
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
c00279
c00279
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 7:3.5.3-4
c00279
- Rebuilt for GCC 5 C++11 ABI change
c00279
c00279
* Tue Mar 31 2015 Pavel Å imerda <psimerda@redhat.com> - 7:3.5.3-3
c00279
- Fix build by removing eDirectory support
c00279
c00279
* Tue Mar 31 2015 Pavel Å imerda <psimerda@redhat.com> - 7:3.5.3-2
c00279
- clean up defunct patches
c00279
c00279
* Tue Mar 31 2015 Pavel Å imerda <psimerda@redhat.com> - 7:3.5.3-1
c00279
- new version 3.5.3
c00279
c00279
* Mon Mar 23 2015 Pavel Å imerda <psimerda@redhat.com> - 7:3.5.2-4
c00279
- Resolves: #1145235, #1173488, #1176318 – revert a couple of recent changes
c00279
c00279
* Sun Mar 15 2015 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.5.2-3
c00279
- Correct execmod build issue caused by libtool confusion on
c00279
  required compiler flags
c00279
c00279
* Sun Mar 15 2015 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.5.2-2
c00279
- Update to latest upstream version 3.5.2
c00279
- Remove deprecated (and renamed) squid_msnt_auth basic auth helper. Only
c00279
  performs LM authentication and not considered useful in todays networks.
c00279
c00279
* Wed Feb 25 2015 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.4.12-1
c00279
- Update to latest upstream version 3.4.12
c00279
- bug #1173946: Disable -march=native compile time optimization, use Fedora defaults.
c00279
c00279
* Tue Nov 18 2014 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.4.9-3
c00279
- Update to latest upstream version 3.4.9
c00279
c00279
* Sun Oct 19 2014 Peter Robinson <pbrobinson@fedoraproject.org> 7:3.4.7-3
c00279
- Update ppc64 macro to cover little endian too
c00279
c00279
* Thu Sep 11 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.7-2
c00279
- Fixed: CVE-2014-6270
c00279
c00279
* Thu Aug 28 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.7-1
c00279
- Update to latest upstream version
c00279
- Fixed: CVE-2014-3609
c00279
c00279
* Thu Aug 21 2014 Kevin Fenzi <kevin@scrye.com> - 7:3.4.6-3
c00279
- Rebuild for rpm bug 1131960
c00279
c00279
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.4.6-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
c00279
c00279
* Wed Jul 2 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.6-1
c00279
- Update to latest upstream version 3.4.6
c00279
c00279
* Fri Jun 13 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.5-6
c00279
- Fixed #855111: set unlimited start and shutdown timeout
c00279
c00279
* Sun Jun 08 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.5-5
c00279
- Run squid under user and group squid
c00279
c00279
* Sun Jun 08 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.4.5-4
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
c00279
c00279
* Tue May 27 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.5-3
c00279
- Remove sysvinit subpackage 
c00279
- Enable rock store
c00279
c00279
* Fri May 23 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.5-2
c00279
- Fixed #1099970: missing /var/run/squid folder
c00279
- Reverted #1038160: breaks SMP mode
c00279
c00279
* Tue May 6 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.5-1
c00279
- Update to latest upstream version 3.4.5
c00279
c00279
* Fri Apr 25 2014 Michal Luscon <mluscon@redhat.com> - 7:3.4.4.2-1
c00279
- Update to latest upstream version 3.4.4.2
c00279
c00279
* Thu Mar 13 2014 Pavel Å imerda <psimerda@redhat.com> - 7:3.4.4-1
c00279
- bump to 3.4.4
c00279
c00279
* Tue Feb 04 2014 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.4.3-1
c00279
- Update to latest upstream bugfix version 3.4.3
c00279
c00279
* Mon Jan 06 2014 Pavel Å imerda <psimerda@redhat.com> - 7:3.4.1-2
c00279
- Resolves: #1038160 - avoid running squid's own supervisor process
c00279
c00279
* Mon Dec 30 2013 Michal Luscon <mluscon@redhat.com> - 7:3.4.1-1
c00279
- Rebase to latest stable upstream release 3.4.1
c00279
- Fixed #1034306: fails to build for AArch64
c00279
- Fixed: active ftp
c00279
c00279
* Tue Dec 03 2013 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.3.11-1
c00279
- Update to latest upstream bugfix version 3.3.11
c00279
c00279
* Fri Sep 13 2013 Michal Luscon <mluscon@redhat.com> - 7:3.3.9-1
c00279
- Update to latest upstream version 3.3.9
c00279
- Fixed #976815: file descriptors are hard coded to 16384
c00279
- Fixed: active ftp crashing
c00279
- Fixed: offset of patches
c00279
c00279
* Thu Aug 08 2013 Michal Luscon <mluscon@redhat.com> - 7:3.3.8-3
c00279
- Fixed #994814: enable time_quota helper
c00279
c00279
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.3.8-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
c00279
c00279
* Mon Jul 22 2013 Michal Luscon <mluscon@redhat.com> - 7:3.3.8-1
c00279
- Update to latest upstream version 3.3.8
c00279
- Fixed: CVE-2013-4123
c00279
- Fixed: CVE-2013-4115
c00279
c00279
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 7:3.3.4-3
c00279
- Perl 5.18 rebuild
c00279
c00279
* Wed May  8 2013 Ville Skyttä <ville.skytta@iki.fi> - 7:3.3.4-2
c00279
- Fix basic auth and log daemon DB helper builds.
c00279
- Use xz compressed tarball, fix source URLs.
c00279
- Fix bogus dates in %%changelog.
c00279
c00279
* Fri May 3 2013 Michal Luscon <nluscon@redhat.com> - 7:3.3.4-1
c00279
- Rebase to latest upstream version 3.3.4
c00279
c00279
* Tue Apr 23 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.9-3
c00279
- Option '-k' is not stated in squidclient man
c00279
- Remove pid from service file(#913262)
c00279
c00279
* Fri Apr 19 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.9-2
c00279
- Enable full RELRO (-Wl,-z,relro -Wl,-z,now)
c00279
c00279
* Tue Mar 19 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.9-1
c00279
- Update to latest upstream version 3.2.9
c00279
- Fixed: CVE-2013-1839
c00279
- Removed: makefile-patch (+make check)
c00279
c00279
* Mon Mar 11 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.8-3
c00279
- Resolved: /usr move - squid service file
c00279
c00279
* Sat Mar 09 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.8-2
c00279
- Resolved: #896127 - basic_ncsa_auth does not work
c00279
c00279
* Fri Mar 08 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.8-1
c00279
- Update to latest upstream version 3.2.8
c00279
- Fixed rawhide build issues (-make check)
c00279
c00279
* Thu Feb 07 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.7-1
c00279
- Update to latest upstream version 3.2.7
c00279
c00279
* Thu Jan 24 2013 Michal Luscon <mluscon@redhat.com> - 7:3.2.5-2
c00279
- CVE-2013-0189: Incomplete fix for the CVE-2012-5643
c00279
c00279
* Mon Dec 17 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.5-1
c00279
- Update to latest upstream version 3.2.5
c00279
c00279
* Mon Nov 05 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.3-3
c00279
- Resolved: #71483 - httpd 2.4 requires new configuration directives
c00279
c00279
* Fri Oct 26 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.3-2
c00279
- Resolved: #854356 - squid.service use PIDFile
c00279
- Resolved: #859393 - Improve cache_swap script
c00279
- Resolved: #791129 - disk space warning
c00279
- Resolved: #862252 - reload on VPN or network up/down
c00279
- Resolved: #867531 - run test suite during build
c00279
- Resolved: #832684 - missing after dependency nss-lookup.target
c00279
- Removed obsolete configure options
c00279
c00279
* Mon Oct 22 2012 Tomas Hozza <thozza@redhat.com> - 7:3.2.3-1
c00279
- Update to latest upstream version 3.2.3
c00279
c00279
* Tue Oct 16 2012 Tomas Hozza <thozza@redhat.com> - 7:3.2.2-1
c00279
- Update to latest upstream version 3.2.2
c00279
c00279
* Fri Oct 05 2012 Tomas Hozza <thozza@redhat.com> - 7:3.2.1-2
c00279
- Introduced new systemd-rpm macros in squid spec file. (#850326)
c00279
c00279
* Wed Aug 29 2012 Michal Luscon <mluscon@redhat.com> - 7:3.2.1-1
c00279
- Update to latest upstream 3.2.1
c00279
c00279
* Sat Jul 21 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.2.0.16-3
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
c00279
c00279
* Mon Apr 02 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.16-2
c00279
- Enable SSL CRTD for ssl bump
c00279
c00279
* Wed Mar 07 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.16-1
c00279
- Upstream 3.2.0.16 bugfix release
c00279
c00279
* Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.2.0.15-2
c00279
- Rebuilt for c++ ABI breakage
c00279
c00279
* Mon Feb 06 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.15-1
c00279
- Upstream 3.2.0.15 bugfix release
c00279
c00279
* Wed Feb 01 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.14-7
c00279
- update with upstreamed patch versions
c00279
c00279
* Tue Jan 17 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.14-6
c00279
- upstream gcc-4.7 patch
c00279
- fix for bug #772483 running out of memory, mem_node growing out of bounds
c00279
c00279
* Mon Jan 16 2012 Jiri Skala <jskala@redhat.com> - 7:3.2.0.14-5
c00279
- fixes FTBFS due to gcc-4.7
c00279
c00279
* Fri Jan 13 2012 Jiri Skala <jskala@redhat.com> - 7:3.2.0.14-4
c00279
- fixes #772481 - Low number of open files for squid process
c00279
- fixes FTBFS due to gcc4.7
c00279
c00279
* Thu Jan 05 2012 Henrik Nordstrom <henrik@henriknordstrom.net> - 3.2.0.14-3
c00279
- rebuild for gcc-4.7.0
c00279
c00279
* Mon Dec 19 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.14-2
c00279
- fixes #768586 - Please enable eCAP support again
c00279
c00279
* Wed Dec 14 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.14-1
c00279
- update to latest upstream 3.2.0.14
c00279
c00279
* Mon Nov 07 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.13-5
c00279
- fixes #751679 - host_strict_verify setting inverted in squid.conf
c00279
c00279
* Thu Nov 03 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.13-4
c00279
- fixes #750550 - Squid might depend on named
c00279
c00279
* Wed Oct 26 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.13-3
c00279
- added upstream fix for #747125
c00279
c00279
* Wed Oct 26 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.13-2
c00279
- fixes #747103 - squid does not start if /var/spool/squid is empty
c00279
- fixes #747110 - squid does not start adding "memory_pools off"
c00279
c00279
* Mon Oct 17 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.13-1
c00279
- update to latest upstream 3.2.0.13
c00279
c00279
* Tue Sep 20 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.12-1
c00279
- update to latest upstream 3.2.0.12
c00279
c00279
* Mon Aug 29 2011 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.11-3
c00279
- update to latest upstream 3.2.0.11
c00279
c00279
* Sat Aug 27 2011 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.2.0.10-3
c00279
- Fix for SQUID-2011:3 Gopher vulnerability
c00279
c00279
* Thu Aug 18 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.10-2
c00279
- rebuild for rpm
c00279
c00279
* Mon Aug 01 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.10-1
c00279
- update to latest upsteam 3.2.0.10
c00279
c00279
* Mon Aug 01 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.9-2
c00279
- rebuild for libcap
c00279
c00279
* Tue Jun 07 2011 Jiri Skala <jskala@redhat.com> - 7:3.2.0.9-1
c00279
- upgrade to squid-3.2
c00279
- fixes #720445 - Provide native systemd unit file
c00279
- SysV initscript moved to subpackage
c00279
- temproary disabled eCap
c00279
c00279
* Wed May 18 2011 Jiri Skala <jskala@redhat.com> - 7:3.1.12-3
c00279
- enabled eCAP support
c00279
c00279
* Wed May 04 2011 Jiri Skala <jskala@redhat.com> - 7:3.1.12-2
c00279
- applied corrections of unused patch (Ismail Dönmez)
c00279
c00279
* Fri Apr 15 2011 Jiri Skala <jskala@redhat.com> - 7:3.1.12-1
c00279
- Update to 3.1.12 upstream release
c00279
c00279
* Thu Feb 10 2011 Jiri Skala <jskala@redhat.com> - 7:3.1.11-1
c00279
- Update to 3.1.11 upstream release
c00279
- fixes issue with unused variale after mass rebuild (gcc-4.6)
c00279
c00279
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.1.10-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
c00279
c00279
* Thu Jan 06 2011 Jiri Skala <jskala@redhat.com> - 7:3.1.10-1
c00279
- Update to 3.1.10 upstream release
c00279
c00279
* Fri Nov 05 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.9-5
c00279
- rebuild for libxml2
c00279
c00279
* Mon Nov 01 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.9-4
c00279
- fixes #647967 - build with -fPIE option back and dropped proper libltdl usage
c00279
c00279
* Sat Oct 30 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.9-3
c00279
- Bug #647967 - License clarification & spec-file cleanup
c00279
c00279
* Mon Oct 25 2010 Henrik Nordstrom <henrik@henriknordstrom.net> 7:3.1.9-2
c00279
- Upstream 3.1.9 bugfix release
c00279
c00279
* Wed Oct 13 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.8-2
c00279
- fixes #584161 - squid userid not added to wbpriv group
c00279
c00279
* Sun Sep 05 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.8-1
c00279
- Bug #630445: SQUID-2010:3 Denial of service issue
c00279
c00279
* Tue Aug 24 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.7-1
c00279
- Upstream 3.1.7 bugfix release
c00279
c00279
* Fri Aug 20 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.6-1
c00279
- Upstream 3.1.6 bugfix release
c00279
- Build with system libtool-ltdl
c00279
c00279
* Thu Jul 15 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.5-2
c00279
- Upstream 3.1.5 bugfix release
c00279
- Upstream patch for Bug #614665: Squid crashes with  ident auth
c00279
- Upstream patches for various memory leaks
c00279
c00279
* Mon May 31 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.4-2
c00279
- Correct case-insensitiveness in HTTP list header parsing
c00279
c00279
* Sun May 30 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.4-1
c00279
- Upstream 3.1.4 bugfix release, issues relating to IPv6, TPROXY, Memory
c00279
  management, follow_x_forwarded_for, and stability fixes
c00279
c00279
* Fri May 14 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.3-2
c00279
- Fully fix #548903 - "comm_open: socket failure: (97) Address family not supported by protocol" if IPv6 disabled
c00279
- Various IPv6 related issues fixed, making tcp_outgoing_address behave
c00279
  as expected and no commResetFD warnings when using tproxy setups.
c00279
c00279
* Sun May 02 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.3-1
c00279
- Update to 3.1.3 Upstream bugfix release, fixing WCCPv1
c00279
c00279
* Mon Apr 19 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.1-4
c00279
- Bug #583489: Adjust logrotate script to changes in logrotate package.
c00279
c00279
* Mon Apr 19 2010 Jiri Skala <jskala@redhat.com>
c00279
- fixes #548903 - "comm_open: socket failure: (97) Address family not supported by protocol" if IPv6 disabled
c00279
c00279
* Tue Mar 30 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.1-2
c00279
- Update to 3.1.1 Squid bug #2827 crash with assertion failed:
c00279
  FilledChecklist.cc:90: "conn() != NULL" under high load.
c00279
c00279
* Mon Mar 15 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.18-1
c00279
- Upgrade to 3.1.0.18 fixing Digest authentication and improved HTTP/1.1 support
c00279
c00279
* Sun Feb 28 2010 Henrik Nordstrom <henrik@henriknordstrom.net> -  7:3.1.0.17-3
c00279
- Bug 569120, fails to open unbound ipv4 listening sockets
c00279
c00279
* Thu Feb 25 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.17-2
c00279
- Upgrade to 3.1.0.17
c00279
c00279
* Thu Feb 18 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.16-7
c00279
- Workaround for Fedora-13 build failure
c00279
c00279
* Sun Feb 14 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.16-6
c00279
- Patch for Squid security advisory SQUID-2010:2, denial of service
c00279
  issue in HTCP processing (CVE-2010-0639)
c00279
c00279
* Sun Feb 07 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.16-5
c00279
- Rebuild 3.1.0.16 with corrected upstream release.
c00279
c00279
* Wed Feb 03 2010 Jiri Skala <jskala@redhat.com> - 7:3.1.0.16-4
c00279
- spec file modified to be fedora packaging guidline compliant
c00279
- little shifting lines in init script header due to rpmlint complaint
c00279
- fixes assertion during start up
c00279
c00279
* Mon Feb 01 2010 Henrik Nordstrom <henrik@henriknordstrom.net> 7:3.1.0.16-3
c00279
- Upgrade to 3.1.0.16 for DNS related DoS fix (Squid-2010:1)
c00279
c00279
* Sat Jan 09 2010 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.15-3
c00279
- fixed #551302 PROXY needs libcap. Also increases security a little.
c00279
- merged relevant upstream bugfixes waiting for next 3.1 release
c00279
c00279
* Mon Nov 23 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.15-2
c00279
- Update to 3.1.0.15 with a number of bugfixes and a workaround for
c00279
  ICEcast/SHOUTcast streams.
c00279
c00279
* Mon Nov 23 2009 Jiri Skala <jskala@redhat.com> 7:3.1.0.14-2
c00279
- fixed #532930 Syntactic error in /etc/init.d/squid
c00279
- fixed #528453 cannot initialize cache_dir with user specified config file
c00279
c00279
* Sun Sep 27 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.14-1
c00279
- Update to 3.1.0.14
c00279
c00279
* Sat Sep 26 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.13-7
c00279
- Include upstream patches fixing important operational issues
c00279
- Enable ESI support now that it does not conflict with normal operation
c00279
c00279
* Fri Sep 18 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.13-6
c00279
- Rotate store.log if enabled
c00279
c00279
* Wed Sep 16 2009 Tomas Mraz <tmraz@redhat.com> - 7:3.1.0.13-5
c00279
- Use password-auth common PAM configuration instead of system-auth
c00279
c00279
* Tue Sep 15 2009 Jiri Skala <jskala@redhat.com> - 7:3.1.0.13-4
c00279
- fixed #521596 - wrong return code of init script
c00279
c00279
* Tue Sep 08 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.13-3
c00279
- Enable squid_kerb_auth
c00279
c00279
* Mon Sep 07 2009 Henrik Nordstrom <henrik@henriknordtrom.net> - 7:3.1.0.13-2
c00279
- Cleaned up packaging to ease future maintenance
c00279
c00279
* Fri Sep 04 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.1.0.13-1
c00279
- Upgrade to next upstream release 3.1.0.13 with many new features
c00279
  * IPv6 support
c00279
  * NTLM-passthru
c00279
  * Kerberos/Negotiate authentication scheme support
c00279
  * Localized error pages based on browser language preferences
c00279
  * Follow X-Forwarded-For capability
c00279
  * and more..
c00279
c00279
* Mon Aug 31 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 3.0.STABLE18-3
c00279
- Bug #520445 silence logrotate when Squid is not running
c00279
c00279
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 7:3.0.STABLE18-2
c00279
- rebuilt with new openssl
c00279
c00279
* Tue Aug 04 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE18-1
c00279
- Update to 3.0.STABLE18
c00279
c00279
* Sat Aug 01 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE17-3
c00279
- Squid Bug #2728: regression: assertion failed: http.cc:705: "!eof"
c00279
c00279
* Mon Jul 27 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE17-2
c00279
- Bug #514014, update to 3.0.STABLE17 fixing the denial of service issues
c00279
  mentioned in Squid security advisory SQUID-2009_2.
c00279
c00279
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.0.STABLE16-3
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
c00279
c00279
* Wed Jul 01 2009 Jiri Skala <jskala@redhat.com> 7:3.0.STABLE16-2
c00279
- fixed patch parameter of bXXX patches
c00279
c00279
* Mon Jun 29 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE16-1
c00279
- Upgrade to 3.0.STABLE16
c00279
c00279
* Sat May 23 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE15-2
c00279
- Bug #453304 - Squid requires restart after Network Manager connection setup
c00279
c00279
* Sat May 09 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE15-1
c00279
- Upgrade to 3.0.STABLE15
c00279
c00279
* Tue Apr 28 2009 Jiri Skala <jskala@redhat.com> - 7:3.0.STABLE14-3
c00279
- fixed ambiguous condition in the init script (exit 4)
c00279
c00279
* Mon Apr 20 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE14-2
c00279
- Squid bug #2635: assertion failed: HttpHeader.cc:1196: "Headers[id].type == ftInt64"
c00279
c00279
* Sun Apr 19 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE14-1
c00279
- Upgrade to 3.0.STABLE14
c00279
c00279
* Fri Mar 06 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE13-2
c00279
- backported logfile.cc syslog parameters patch from 3.1 (b9443.patch)
c00279
- GCC-4.4 workaround in src/wccp2.cc
c00279
c00279
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7:3.0.STABLE13-2
c00279
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
c00279
c00279
* Thu Feb 5 2009 Jonathan Steffan <jsteffan@fedoraproject.org> - 7:3.0.STABLE13-1
c00279
- upgrade to latest upstream
c00279
c00279
* Tue Jan 27 2009 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE12-1
c00279
- upgrade to latest upstream
c00279
c00279
* Sun Jan 18 2009 Tomas Mraz <tmraz@redhat.com> - 7:3.0.STABLE10-4
c00279
- rebuild with new openssl
c00279
c00279
* Fri Dec 19 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE10-3
c00279
- actually include the upstream bugfixes in the build
c00279
c00279
* Fri Dec 19 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE10-2
c00279
- upstream bugfixes for cache corruption and access.log response size errors
c00279
c00279
* Fri Oct 24 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE10-1
c00279
- upgrade to latest upstream
c00279
c00279
* Sun Oct 19 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE9-2
c00279
- disable coss support, not officially supported in 3.0
c00279
c00279
* Sun Oct 19 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE9-1
c00279
- update to latest upstream
c00279
c00279
* Thu Oct 09 2008 Henrik Nordstrom <henrik@henriknordstrom.net> - 7:3.0.STABLE7-4
c00279
- change logrotate to move instead of copytruncate
c00279
c00279
* Wed Oct 08 2008 Jiri Skala <jskala@redhat.com> - 7:3.0.STABLE7-3
c00279
- fix #465052 -  FTBFS squid-3.0.STABLE7-1.fc10
c00279
c00279
* Thu Aug 14 2008 Jiri Skala <jskala@redhat.com> - 7:3.0.STABLE7-2
c00279
- used ncsa_auth.8 from man-pages. there will be this file removed due to conflict
c00279
- fix #458593 noisy initscript
c00279
- fix #463129 init script tests wrong conf file
c00279
- fix #450352 - build.patch patches only generated files
c00279
c00279
* Wed Jul 02 2008 Jiri Skala <jskala@redhat.com> - 7:3.0.STABLE7-1
c00279
- update to latest upstream
c00279
- fix #453214
c00279
c00279
* Mon May 26 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE6-2
c00279
- fix bad allocation
c00279
c00279
* Wed May 21 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE6-1
c00279
- upgrade to latest upstream
c00279
- fix bad allocation
c00279
c00279
* Fri May 09 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE5-2
c00279
- fix configure detection of netfilter kernel headers (#435499),
c00279
  patch by aoliva@redhat.com
c00279
- add support for negotiate authentication (#445337)
c00279
c00279
* Fri May 02 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE5-1
c00279
- upgrade to latest upstream
c00279
c00279
* Tue Apr 08 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE4-1
c00279
- upgrade to latest upstream
c00279
c00279
* Thu Apr 03 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE2-2
c00279
- add %%{optflags} to make
c00279
- remove warnings about unused return values
c00279
c00279
* Thu Mar 13 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE2-1
c00279
- upgrade to latest upstream 3.0.STABLE2
c00279
- check config file before starting (#428998)
c00279
- whitespace unification of init script
c00279
- some minor path changes in the QUICKSTART file
c00279
- configure with the --with-filedescriptors=16384 option
c00279
c00279
* Tue Feb 26 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE1-3
c00279
- change the cache_effective_group default back to none
c00279
c00279
* Mon Feb 11 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE1-2
c00279
- rebuild for 4.3
c00279
c00279
* Wed Jan 23 2008 Martin Nagy <mnagy@redhat.com> - 7:3.0.STABLE1-1
c00279
- upgrade to latest upstream 3.0.STABLE1
c00279
c00279
* Tue Dec 04 2007 Martin Bacovsky <mbacovsk@redhat.com> - 2.6.STABLE17-1
c00279
- upgrade to latest upstream 2.6.STABLE17
c00279
c00279
* Wed Oct 31 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE16-3
c00279
- arp-acl was enabled
c00279
c00279
* Tue Sep 25 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE16-2
c00279
- our fd_config patch was replaced by upstream's version 
c00279
- Source1 (FAQ.sgml) points to local source (upstream's moved to wiki)
c00279
c00279
* Fri Sep 14 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE16-1
c00279
- upgrade to latest upstream 2.6.STABLE16
c00279
c00279
* Wed Aug 29 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 7:2.6.STABLE14-2
c00279
- Rebuild for selinux ppc32 issue.
c00279
c00279
* Thu Jul 19 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE14-1
c00279
- update to latest upstream 2.6.STABLE14
c00279
- resolves: #247064: Initscript Review
c00279
c00279
* Tue Mar 27 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE12-1
c00279
- update to latest upstream 2.6.STABLE12
c00279
- Resolves: #233913: squid: unowned directory
c00279
c00279
* Mon Feb 19 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE9-2
c00279
- Resolves: #226431: Merge Review: squid
c00279
c00279
* Mon Jan 29 2007 Martin Bacovsky <mbacovsk@redhat.com> - 7:2.6.STABLE9-1
c00279
- update to the latest upstream
c00279
c00279
* Sun Jan 14 2007 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE7-1
c00279
- update to the latest upstream
c00279
c00279
* Tue Dec 12 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE6-1
c00279
- update to the latest upstream
c00279
c00279
* Mon Nov  6 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE5-1
c00279
- update to the latest upstream
c00279
c00279
* Thu Oct 26 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE4-4
c00279
- added fix for #205568 - marked cachemgr.conf as world readable
c00279
c00279
* Wed Oct 25 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE4-3
c00279
- added fix for #183869 - squid can abort when getting status
c00279
- added upstream fixes:
c00279
    * Bug #1796: Assertion error HttpHeader.c:914: "str"
c00279
    * Bug #1779: Delay pools fairness, correction to first patch
c00279
    * Bug #1802: Crash on exit in certain conditions where cache.log is not writeable
c00279
    * Bug #1779: Delay pools fairness when multiple connections compete for bandwidth
c00279
    * Clarify the select/poll/kqueue/epoll configure --enable/disable options
c00279
- reworked fd patch for STABLE4
c00279
c00279
* Tue Oct 17 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE4-2
c00279
- upstream fixes:
c00279
  * Accept 00:00-24:00 as a valid time specification (upstream BZ #1794)
c00279
  * aioDone() could be called twice
c00279
  * Squid reconfiguration (upstream BZ #1800)
c00279
c00279
* Mon Oct 2 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE4-1
c00279
- new upstream
c00279
- fixes from upstream bugzilla, items #1782,#1780,#1785,#1719,#1784,#1776
c00279
c00279
* Tue Sep 5 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE3-2
c00279
- added upstream patches for ACL
c00279
c00279
* Mon Aug 21 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE3-1
c00279
- the latest stable upstream
c00279
c00279
* Thu Aug 10 2006 Karsten Hopp <karsten@redhat.de> 7:2.6.STABLE2-3
c00279
- added some requirements for pre/post install scripts
c00279
c00279
* Fri Aug 04 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE2-2
c00279
- added patch for #198253 - squid: don't chgrp another pkg's
c00279
  files/directory
c00279
c00279
* Mon Jul 31 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE2-1
c00279
- the latest stable upstream
c00279
- reworked fd config patch
c00279
c00279
* Tue Jul 25 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE1-3
c00279
- the latest CVS upstream snapshot
c00279
c00279
* Wed Jul 19 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE1-2
c00279
- the latest CVS snapshot
c00279
c00279
* Tue Jul 18 2006 Martin Stransky <stransky@redhat.com> - 7:2.6.STABLE1-1
c00279
- new upstream + the latest CVS snapshot from 2006/07/18
c00279
- updated fd config patch
c00279
- enabled epoll
c00279
- fixed release format (#197405)
c00279
- enabled WCCPv2 support (#198642)
c00279
c00279
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 7:2.5.STABLE14-2.1
c00279
- rebuild
c00279
c00279
* Thu Jun 8 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE14-2
c00279
- fix for squid BZ#1511 - assertion failed: HttpReply.c:105: "rep"
c00279
c00279
* Tue May 30 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE14-1
c00279
- update to new upstream
c00279
c00279
* Sun May 28 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE13-5
c00279
- fixed libbind patch (#193298)
c00279
c00279
* Wed May 3  2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE13-4
c00279
- added extra group check (#190544)
c00279
c00279
* Wed Mar 29 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE13-3
c00279
- improved pre script (#187217) - added group switch
c00279
c00279
* Thu Mar 23 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE13-2
c00279
- removed "--with-large-files" on 64bit arches
c00279
c00279
* Mon Mar 13 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE13-1
c00279
- update to new upstream
c00279
c00279
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 7:2.5.STABLE12-5.1
c00279
- bump again for double-long bug on ppc(64)
c00279
c00279
* Tue Feb 07 2006 Martin Stransky <stransky@redhat.com> - 7:2.5.STABLE12-5
c00279
- new upstream patches
c00279
c00279
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 7:2.5.STABLE12-4.1
c00279
- rebuilt for new gcc4.1 snapshot and glibc changes
c00279
c00279
* Wed Dec 28 2005  Martin Stransky <stransky@redhat.com> 7:2.5.STABLE12-4
c00279
- added follow-xff patch (#176055)
c00279
- samba path fix (#176659)
c00279
c00279
* Mon Dec 19 2005  Martin Stransky <stransky@redhat.com> 7:2.5.STABLE12-3
c00279
- fd-config.patch clean-up
c00279
- SMB_BadFetch patch from upstream
c00279
c00279
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
c00279
- rebuilt
c00279
c00279
* Mon Nov 28 2005  Martin Stransky <stransky@redhat.com> 7:2.5.STABLE12-2
c00279
- rewriten patch squid-2.5.STABLE10-64bit.patch, it works with
c00279
  "--with-large-files" option now
c00279
- fix for #72896 - squid does not support > 1024 file descriptors,
c00279
  new "--enable-fd-config" option for it.
c00279
c00279
* Wed Nov 9 2005  Martin Stransky <stransky@redhat.com> 7:2.5.STABLE12-1
c00279
- update to STABLE12
c00279
- setenv patch
c00279
c00279
* Mon Oct 24 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE11-6
c00279
- fix for delay pool from upstream
c00279
c00279
* Thu Oct 20 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE11-5
c00279
- fix for #171213 - CVE-2005-3258 Squid crash due to malformed FTP response
c00279
- more fixes from upstream
c00279
c00279
* Fri Oct 14 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE11-4
c00279
- enabled support for large files (#167503)
c00279
c00279
* Thu Oct 13 2005 Tomas Mraz <tmraz@redhat.com> 7:2.5.STABLE11-3
c00279
- use include instead of pam_stack in pam config
c00279
c00279
* Thu Sep 29 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE11-2
c00279
- added patch for delay pools and some minor fixes
c00279
c00279
* Fri Sep 23 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE11-1
c00279
- update to STABLE11
c00279
c00279
* Mon Sep 5 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE10-4
c00279
- Three upstream patches for #167414
c00279
- Spanish and Greek messages
c00279
- patch for -D_FORTIFY_SOURCE=2 
c00279
c00279
* Tue Aug 30 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE10-3
c00279
- removed "--enable-truncate" option (#165948)
c00279
- added "--enable-cache-digests" option (#102134)
c00279
- added "--enable-ident-lookups" option (#161640)
c00279
- some clean up (#165949)
c00279
c00279
* Fri Jul 15 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE10-2
c00279
- pam_auth and ncsa_auth have setuid (#162660)
c00279
c00279
* Thu Jul 7 2005 Martin Stransky <stransky@redhat.com> 7:2.5.STABLE10-1
c00279
- new upstream version
c00279
- enabled fakeauth utility (#154020)
c00279
- enabled digest authentication scheme (#155882)
c00279
- all error pages marked as config (#127836)
c00279
- patch for 64bit statvfs interface (#153274)
c00279
- added httpd config file for cachemgr.cgi (#112725)
c00279
c00279
* Mon May 16 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-7
c00279
- Upgrade the upstream -dns_query patch from -4 to -5
c00279
c00279
* Wed May 11 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-6
c00279
- More upstream patches, including a fix for
c00279
  bz#157456 CAN-2005-1519 DNS lookups unreliable on untrusted networks
c00279
c00279
* Tue Apr 26 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-5
c00279
- more upstream patches, including a fix for
c00279
  CVE-1999-0710 cachemgr malicious use
c00279
c00279
* Fri Apr 22 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-4
c00279
- More upstream patches, including the fixed 2GB patch.
c00279
- include the -libbind patch, which prevents squid from using the optional
c00279
  -lbind library, even if it's installed.
c00279
c00279
* Tue Mar 15 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE9-2
c00279
- New upstream version, with 14 upstream patches.
c00279
c00279
* Wed Feb 16 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE8-2
c00279
- new upstream version with 4 upstream patches.
c00279
- Reorganize spec file to apply upstream patches first
c00279
c00279
* Tue Feb 1 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE7-4
c00279
- Include two more upstream patches for security vulns:
c00279
  bz#146783 Correct handling of oversized reply headers
c00279
  bz#146778 CAN-2005-0211 Buffer overflow in WCCP recvfrom() call
c00279
c00279
* Tue Jan 25 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE7-3
c00279
- Include more upstream patches, including two for security holes.
c00279
c00279
* Tue Jan 18 2005 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE7-2
c00279
- Add a triggerin on samba-common to make /var/cache/samba/winbindd_privileged
c00279
  accessable so that ntlm_auth will work.  It needs to be in this rpm,
c00279
  because the Samba RPM can't assume the squid user exists.
c00279
  Note that this will only work if the Samba RPM is recent enough to create
c00279
  that directory at install time instead of at winbindd startup time.
c00279
  That should be samba-common-3.0.0-15 or later.
c00279
  This fixes bugzilla #103726
c00279
- Clean up extra whitespace in this spec file.
c00279
- Add additional upstream patches. (Now 18 upstream patches).
c00279
- patch #112 closes CAN-2005-0096 and CAN-2005-0097, remote DOS security holes.
c00279
- patch #113 closes CAN-2005-0094, a remote buffer-overflow DOS security hole.
c00279
- patch #114 closes CAN-2005-0095, a remote DOS security hole.
c00279
- Remove the -nonbl (replaced by #104) and -close (replaced by #111) patches, since
c00279
  they're now fixed by upstream patches.
c00279
c00279
* Mon Oct 25 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE7-1
c00279
- new upstream version, with 3 upstream patches.
c00279
  Updated the -build and -config patches
c00279
- Include patch from Ulrich Drepper <frepper@redhat.com> to more
c00279
  intelligently close all file descriptors.
c00279
c00279
* Mon Oct 18 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE6-3
c00279
- include patch from Ulrich Drepper <drepper@redhat.com> to stop
c00279
  problems with O_NONBLOCK.  This closes #136049
c00279
c00279
* Tue Oct 12 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE6-2
c00279
- Include fix for CAN-2004-0918
c00279
c00279
* Tue Sep 28 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE6-1
c00279
- New upstream version, with 32 upstream patches.
c00279
  This closes #133970, #133931, #131728, #128143, #126726
c00279
c00279
- Change the permissions on /etc/squid/squid.conf to 640.  This closes
c00279
  bugzilla #125007
c00279
c00279
* Mon Jun 28 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5STABLE5-5
c00279
- Merge current upstream patches.
c00279
- Fix the -pipe patch to have the correct name of the winbind pipe.
c00279
c00279
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
c00279
- rebuilt
c00279
c00279
* Mon Apr 5 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE5-2
c00279
- Include the first 10 upstream patches
c00279
- Add a patch for the correct location of the winbindd pipe.  This closes
c00279
  bugzilla #107561
c00279
- Remove the change to ssl_support.c from squid-2.5.STABLE3-build patch
c00279
  This closes #117851
c00279
- Include /etc/pam.d/squid .  This closes #113404
c00279
- Include a patch to close #111254 (assignment in assert)
c00279
- Change squid.init to put output messages in /var/log/squid/squid.out
c00279
  This closes #104697
c00279
- Only useradd the squid user if it doesn't already exist, and error out
c00279
  if the useradd fails.  This closes #118718.
c00279
c00279
* Tue Mar 2 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE5-1
c00279
- New upstream version, obsoletes many patches.
c00279
- Fix --datadir passed to configure.  Configure automatically adds /squid
c00279
  so we shouldn't.
c00279
- Remove the problematic triggerpostun trigger, since is's broken, and FC2
c00279
  never shipped with that old version.
c00279
- add %%{?_smp_mflags} to make line.
c00279
c00279
* Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
c00279
- rebuilt
c00279
c00279
* Mon Feb 23 2004 Tim Waugh <twaugh@redhat.com>
c00279
- Use ':' instead of '.' as separator for chown.
c00279
c00279
* Fri Feb 20 2004 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE4-3
c00279
- Clean up the spec file to work on 64-bit platforms (use %%{_libdir}
c00279
  instead of /usr/lib, etc)
c00279
- Make the release number in the changelog section agree with reality.
c00279
- use -fPIE rather than -fpie.  s390 fails with just -fpie
c00279
c00279
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
c00279
- rebuilt
c00279
c00279
* Thu Feb 5 2004 Jay Fenlason <fenlason@redhat.com>
c00279
- Incorporate many upstream patches
c00279
- Include many spec file changes from D.Johnson <dj@www.uk.linux.org>
c00279
c00279
* Tue Sep 23 2003 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE4-1
c00279
- New upstream version.
c00279
- Fix the Source: line in this spec file to point to the correct URL.
c00279
- redo the -location patch to work with the new upstream version.
c00279
c00279
* Mon Jun 30 2003 Jay Fenlason <fenlason@redhat.com> 7:2.5.STABLE3-0
c00279
- Spec file change to enable the nul storage module. bugzilla #74654
c00279
- Upgrade to 2.5STABLE3 with current official patches.
c00279
- Added --enable-auth="basic,ntlm": closes bugzilla #90145
c00279
- Added --with-winbind-auth-challenge: closes bugzilla #78691
c00279
- Added --enable-useragent-log and --enable-referer-log, closes
c00279
- bugzilla #91884
c00279
# - Changed configure line to enable pie
c00279
# (Disabled due to broken compilers on ia64 build machines)
c00279
#- Patched to increase the maximum number of file descriptors #72896
c00279
#- (disabled for now--needs more testing)
c00279
c00279
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
c00279
- rebuilt
c00279
c00279
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
c00279
- rebuilt
c00279
c00279
* Wed Jan 15 2003 Bill Nottingham <notting@redhat.com> 7:2.5.STABLE1-1
c00279
- update to 2.5.STABLE1
c00279
c00279
* Wed Nov 27 2002 Tim Powers <timp@redhat.com> 7:2.4.STABLE7-5
c00279
- remove unpackaged files from the buildroot
c00279
c00279
* Tue Aug 27 2002 Nalin Dahyabhai <nalin@redhat.com> 2.4.STABLE7-4
c00279
- rebuild
c00279
c00279
* Wed Jul 31 2002 Karsten Hopp <karsten@redhat.de>
c00279
- don't raise an error if the config file is incomplete
c00279
  set defaults instead (#69322, #70065)
c00279
c00279
* Thu Jul 18 2002 Bill Nottingham <notting@redhat.com> 2.4.STABLE7-2
c00279
- don't strip binaries
c00279
c00279
* Mon Jul  8 2002 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.4.STABLE7
c00279
- fix restart (#53761)
c00279
c00279
* Tue Jun 25 2002 Bill Nottingham <notting@redhat.com>
c00279
- add various upstream bugfix patches
c00279
c00279
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
c00279
- automated rebuild
c00279
c00279
* Thu May 23 2002 Tim Powers <timp@redhat.com>
c00279
- automated rebuild
c00279
c00279
* Fri Mar 22 2002 Bill Nottingham <notting@redhat.com>
c00279
- 2.4.STABLE6
c00279
- turn off carp
c00279
c00279
* Mon Feb 18 2002 Bill Nottingham <notting@redhat.com>
c00279
- 2.4.STABLE3 + patches
c00279
- turn off HTCP at request of maintainers
c00279
- leave SNMP enabled in the build, but disabled in the default config
c00279
c00279
* Fri Jan 25 2002 Tim Powers <timp@redhat.com>
c00279
- rebuild against new libssl
c00279
c00279
* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
c00279
- automated rebuild
c00279
c00279
* Mon Jan 07 2002 Florian La Roche <Florian.LaRoche@redhat.de>
c00279
- require linuxdoc-tools instead of sgml-tools
c00279
c00279
* Tue Sep 25 2001 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.4.STABLE2
c00279
c00279
* Mon Sep 24 2001 Bill Nottingham <notting@redhat.com>
c00279
- add patch to fix FTP crash
c00279
c00279
* Mon Aug  6 2001 Bill Nottingham <notting@redhat.com>
c00279
- fix uninstall (#50411)
c00279
c00279
* Mon Jul 23 2001 Bill Nottingham <notting@redhat.com>
c00279
- add some buildprereqs (#49705)
c00279
c00279
* Sun Jul 22 2001 Bill Nottingham <notting@redhat.com>
c00279
- update FAQ
c00279
c00279
* Tue Jul 17 2001 Bill Nottingham <notting@redhat.com>
c00279
- own /etc/squid, /usr/lib/squid
c00279
c00279
* Tue Jun 12 2001 Nalin Dahyabhai <nalin@redhat.com>
c00279
- rebuild in new environment
c00279
- s/Copyright:/License:/
c00279
c00279
* Tue Apr 24 2001 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.4.STABLE1 + patches
c00279
- enable some more configure options (#24981)
c00279
- oops, ship /etc/sysconfig/squid
c00279
c00279
* Fri Mar  2 2001 Nalin Dahyabhai <nalin@redhat.com>
c00279
- rebuild in new environment
c00279
c00279
* Tue Feb  6 2001 Trond Eivind Glomsrød <teg@redhat.com>
c00279
- improve i18n
c00279
- make the initscript use the standard OK/FAILED
c00279
c00279
* Tue Jan 23 2001 Bill Nottingham <notting@redhat.com>
c00279
- change i18n mechanism
c00279
c00279
* Fri Jan 19 2001 Bill Nottingham <notting@redhat.com>
c00279
- fix path references in QUICKSTART (#15114)
c00279
- fix initscript translations (#24086)
c00279
- fix shutdown logic (#24234), patch from <jos@xos.nl>
c00279
- add /etc/sysconfig/squid for daemon options & shutdown timeouts
c00279
- three more bugfixes from the Squid people
c00279
- update FAQ.sgml
c00279
- build and ship auth modules (#23611)
c00279
c00279
* Thu Jan 11 2001 Bill Nottingham <notting@redhat.com>
c00279
- initscripts translations
c00279
c00279
* Mon Jan  8 2001 Bill Nottingham <notting@redhat.com>
c00279
- add patch to use mkstemp (greg@wirex.com)
c00279
c00279
* Fri Dec 01 2000 Bill Nottingham <notting@redhat.com>
c00279
- rebuild because of broken fileutils
c00279
c00279
* Sat Nov 11 2000 Bill Nottingham <notting@redhat.com>
c00279
- fix the acl matching cases (only need the second patch)
c00279
c00279
* Tue Nov  7 2000 Bill Nottingham <notting@redhat.com>
c00279
- add two patches to fix domain ACLs
c00279
- add 2 bugfix patches from the squid people
c00279
c00279
* Fri Jul 28 2000 Bill Nottingham <notting@redhat.com>
c00279
- clean up init script; fix condrestart
c00279
- update to STABLE4, more bugfixes
c00279
- update FAQ
c00279
c00279
* Tue Jul 18 2000 Nalin Dahyabhai <nalin@redhat.com>
c00279
- fix syntax error in init script
c00279
- finish adding condrestart support
c00279
c00279
* Fri Jul 14 2000 Bill Nottingham <notting@redhat.com>
c00279
- move initscript back
c00279
c00279
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com>
c00279
- automatic rebuild
c00279
c00279
* Thu Jul  6 2000 Bill Nottingham <notting@redhat.com>
c00279
- prereq /etc/init.d
c00279
- add bugfix patch
c00279
- update FAQ
c00279
c00279
* Thu Jun 29 2000 Bill Nottingham <notting@redhat.com>
c00279
- fix init script
c00279
c00279
* Tue Jun 27 2000 Bill Nottingham <notting@redhat.com>
c00279
- don't prereq new initscripts
c00279
c00279
* Mon Jun 26 2000 Bill Nottingham <notting@redhat.com>
c00279
- initscript munging
c00279
c00279
* Sat Jun 10 2000 Bill Nottingham <notting@redhat.com>
c00279
- rebuild for exciting FHS stuff
c00279
c00279
* Wed May 31 2000 Bill Nottingham <notting@redhat.com>
c00279
- fix init script again (#11699)
c00279
- add --enable-delay-pools (#11695)
c00279
- update to STABLE3
c00279
- update FAQ
c00279
c00279
* Fri Apr 28 2000 Bill Nottingham <notting@redhat.com>
c00279
- fix init script (#11087)
c00279
c00279
* Fri Apr  7 2000 Bill Nottingham <notting@redhat.com>
c00279
- three more bugfix patches from the squid people
c00279
- buildprereq jade, sgmltools
c00279
c00279
* Sun Mar 26 2000 Florian La Roche <Florian.LaRoche@redhat.com>
c00279
- make %%pre more portable
c00279
c00279
* Thu Mar 16 2000 Bill Nottingham <notting@redhat.com>
c00279
- bugfix patches
c00279
- fix dependency on /usr/local/bin/perl
c00279
c00279
* Sat Mar  4 2000 Bill Nottingham <notting@redhat.com>
c00279
- 2.3.STABLE2
c00279
c00279
* Mon Feb 14 2000 Bill Nottingham <notting@redhat.com>
c00279
- Yet More Bugfix Patches
c00279
c00279
* Tue Feb  8 2000 Bill Nottingham <notting@redhat.com>
c00279
- add more bugfix patches
c00279
- --enable-heap-replacement
c00279
c00279
* Mon Jan 31 2000 Cristian Gafton <gafton@redhat.com>
c00279
- rebuild to fix dependencies
c00279
c00279
* Fri Jan 28 2000 Bill Nottingham <notting@redhat.com>
c00279
- grab some bugfix patches
c00279
c00279
* Mon Jan 10 2000 Bill Nottingham <notting@redhat.com>
c00279
- 2.3.STABLE1 (whee, another serial number)
c00279
c00279
* Tue Dec 21 1999 Bernhard Rosenkraenzer <bero@redhat.com>
c00279
- Fix compliance with ftp RFCs
c00279
  (http://www.wu-ftpd.org/broken-clients.html)
c00279
- Work around a bug in some versions of autoconf
c00279
- BuildPrereq sgml-tools - we're using sgml2html
c00279
c00279
* Mon Oct 18 1999 Bill Nottingham <notting@redhat.com>
c00279
- add a couple of bugfix patches
c00279
c00279
* Wed Oct 13 1999 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.2.STABLE5.
c00279
- update FAQ, fix URLs.
c00279
c00279
* Sat Sep 11 1999 Cristian Gafton <gafton@redhat.com>
c00279
- transform restart in reload and add restart to the init script
c00279
c00279
* Tue Aug 31 1999 Bill Nottingham <notting@redhat.com>
c00279
- add squid user as user 23.
c00279
c00279
* Mon Aug 16 1999 Bill Nottingham <notting@redhat.com>
c00279
- initscript munging
c00279
- fix conflict between logrotate & squid -k (#4562)
c00279
c00279
* Wed Jul 28 1999 Bill Nottingham <notting@redhat.com>
c00279
- put cachemgr.cgi back in /usr/lib/squid
c00279
c00279
* Wed Jul 14 1999 Bill Nottingham <notting@redhat.com>
c00279
- add webdav bugfix patch (#4027)
c00279
c00279
* Mon Jul 12 1999 Bill Nottingham <notting@redhat.com>
c00279
- fix path to config in squid.init (confuses linuxconf)
c00279
c00279
* Wed Jul  7 1999 Bill Nottingham <notting@redhat.com>
c00279
- 2.2.STABLE4
c00279
c00279
* Wed Jun 9 1999 Dale Lovelace <dale@redhat.com>
c00279
- logrotate changes
c00279
- errors from find when /var/spool/squid or
c00279
- /var/log/squid didn't exist
c00279
c00279
* Thu May 20 1999 Bill Nottingham <notting@redhat.com>
c00279
- 2.2.STABLE3
c00279
c00279
* Thu Apr 22 1999 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.2.STABLE.2
c00279
c00279
* Sun Apr 18 1999 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.2.STABLE1
c00279
c00279
* Thu Apr 15 1999 Bill Nottingham <notting@redhat.com>
c00279
- don't need to run groupdel on remove
c00279
- fix useradd
c00279
c00279
* Mon Apr 12 1999 Bill Nottingham <notting@redhat.com>
c00279
- fix effective_user (bug #2124)
c00279
c00279
* Mon Apr  5 1999 Bill Nottingham <notting@redhat.com>
c00279
- strip binaries
c00279
c00279
* Thu Apr  1 1999 Bill Nottingham <notting@redhat.com>
c00279
- duh. adduser does require a user name.
c00279
- add a serial number
c00279
c00279
* Tue Mar 30 1999 Bill Nottingham <notting@redhat.com>
c00279
- add an adduser in %%pre, too
c00279
c00279
* Thu Mar 25 1999 Bill Nottingham <notting@redhat.com>
c00279
- oog. chkconfig must be in %%preun, not %%postun
c00279
c00279
* Wed Mar 24 1999 Bill Nottingham <notting@redhat.com>
c00279
- switch to using group squid
c00279
- turn off icmp (insecure)
c00279
- update to 2.2.DEVEL3
c00279
- build FAQ docs from source
c00279
c00279
* Tue Mar 23 1999 Bill Nottingham <notting@redhat.com>
c00279
- logrotate changes
c00279
c00279
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
c00279
- auto rebuild in the new build environment (release 4)
c00279
c00279
* Wed Feb 10 1999 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.2.PRE2
c00279
c00279
* Wed Dec 30 1998 Bill Nottingham <notting@redhat.com>
c00279
- cache & log dirs shouldn't be world readable
c00279
- remove preun script (leave logs & cache @ uninstall)
c00279
c00279
* Tue Dec 29 1998 Bill Nottingham <notting@redhat.com>
c00279
- fix initscript to get cache_dir correct
c00279
c00279
* Fri Dec 18 1998 Bill Nottingham <notting@redhat.com>
c00279
- update to 2.1.PATCH2
c00279
- merge in some changes from RHCN version
c00279
c00279
* Sat Oct 10 1998 Cristian Gafton <gafton@redhat.com>
c00279
- strip binaries
c00279
- version 1.1.22
c00279
c00279
* Sun May 10 1998 Cristian Gafton <gafton@redhat.com>
c00279
- don't make packages conflict with each other...
c00279
c00279
* Sat May 02 1998 Cristian Gafton <gafton@redhat.com>
c00279
- added a proxy auth patch from Alex deVries <adevries@engsoc.carleton.ca>
c00279
- fixed initscripts
c00279
c00279
* Thu Apr 09 1998 Cristian Gafton <gafton@redhat.com>
c00279
- rebuilt for Manhattan
c00279
c00279
* Fri Mar 20 1998 Cristian Gafton <gafton@redhat.com>
c00279
- upgraded to 1.1.21/1.NOVM.21
c00279
c00279
* Mon Mar 02 1998 Cristian Gafton <gafton@redhat.com>
c00279
- updated the init script to use reconfigure option to restart squid instead
c00279
  of shutdown/restart (both safer and quicker)
c00279
c00279
* Sat Feb 07 1998 Cristian Gafton <gafton@redhat.com>
c00279
- upgraded to 1.1.20
c00279
- added the NOVM package and tryied to reduce the mess in the spec file
c00279
c00279
* Wed Jan 7 1998 Cristian Gafton <gafton@redhat.com>
c00279
- first build against glibc
c00279
- patched out the use of setresuid(), which is available only on kernels
c00279
  2.1.44 and later
c00279