3.1.8�$B=P$^$7$?!#�(B
- Bug 2583: pure virtual method called
�$B4^$^$l$F$$$^$9!#�(B
�$B$G!"$3$s$J$3$H=q$$$F$"$j$^$9!#�(B
This release brings several very important bug fixes, security updates
and some HTTP/1.1 improvements into 3.1.
swg.dump �$B$N�(B squid �$B$O$5$/$C$HF~$lBX$($F$*$-$^$9!#�(B
---
�$BFJ86�(B �$B?r�(B / Takashi Tochihara <tochi_at_iij.ad.jp>
Internet Initiative Japan Inc.
From: Amos Jeffries <squid3_at_treenet.co.nz>
Subject: [squid-users] Squid 3.1.8 is available
Date: Sun, 05 Sep 2010 00:48:11 +1200
> The Squid HTTP Proxy team is very pleased to announce the
> availability of the Squid-3.1.8 release!
>
>
> This release brings several very important bug fixes, security updates
> and some HTTP/1.1 improvements into 3.1.
>
>
> On the security front we have three major additions:
>
> * Fixes for the request processing vulnerability tagged SQUID-2010:3.
> http://www.squid-cache.org/Advisories/SQUID-2010_3.txt
>
> * A hardening of the DNS client against packet queueing approaches used
> * to enable attacks. This completes the protection against attacks
> * published by Yamaguchi late in 2009.
>
> * An HTTP request-line parser hardened against several categories of
> * request attack. This greatly increasing the speed of detection and
> * reducing resources used to detect these categories of attack.
>
>
> Several outstanding major bugs have also been identified and fixed:
>
> - Bug 3020: Segmentation fault: nameservers[vc->ns].vc = NULL
> - Bug 3005,2972: Locate LTDL headers correctly (again)
> - Bug 2872: leaking file descriptors
> - Bug 2583: pure virtual method called
>
> As you can see yet another attempt to get over the libtool / libltdl
> build issues has been made. If you are building Squid with a libtool
> 1.x version please try to do so first on these bundles without using
> any of the hacks and workarounds. For any libltdl or LoadableModules
> problems in this package please mention in the bug 2972 bugzilla
> report along with your libtool/libltdl versions.
>
>
> Due to the security enhancements all users of Squid-3 are urged to
> upgrade to this release as soon as possible.
>
>
> Please refer to the release notes at
> http://www.squid-cache.org/Versions/v3/3.1/RELEASENOTES.html
> if and when you are ready to make the switch to Squid-3.1
>
> This new release can be downloaded from our HTTP or FTP servers
>
> http://www.squid-cache.org/Versions/v3/3.1/
> ftp://ftp.squid-cache.org/pub/squid/
> ftp://ftp.squid-cache.org/pub/archive/3.1/
>
> or the mirrors. For a list of mirror sites see
>
> http://www.squid-cache.org/Download/http-mirrors.dyn
> http://www.squid-cache.org/Download/mirrors.dyn
>
> If you encounter any issues with this release please file a bug
> report.
> http://bugs.squid-cache.org/
>
>
> Amos Jeffries
Received on Sun Sep 05 2010 - 07:15:27 MDT