[squid-users] Squid 3.2.9 is available

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Thu, 14 Mar 2013 11:38:16 +1300

The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.2.9 release!

This release is a security bug fix release resolving a security
vulnerability found in the prior releases along with some other bugs.

  Please note that with 3.3 series becoming STABLE the 3.2 series is
  now officially deprecated.

Squid-3.3 represents the first Squid series fully formed within our
rapid release cycle. As such the difference between 3.3 and 3.2 series
is very small and this release of 3.3 constitutes a drop-in replacement
for Squid-3.2.9 with the additional benefit of several SSL-bump
enhancement features only affecting installations using the SSL-bump
features.

The major changes to be aware of in this release:

* CVE-2013-1839 / SQUID-2013:1 has been resolved

This vulnerability affects all Squid installations making use of
HTTP language negotiation features on error pages. It permits
specially crafted requests from any source to cause Squid to stop
responding to all clients.

* Several build isues on Solaris and OpenIndiana resolved

Some more fixes complimenting the updates made in earlier 3.2 releases
have been added to allow compilation on Solaris and OpenIndiana.

* cache.log "Failed to select source" messages

After source selection algorithm changes introduced in 3.2 these have
been appearing on common DNS failures as well as the more important
peer outages. Which can cause large cache.log to be created by the
Squid service on busy servers or under DoS conditions.
These have now been reduced down to level 2 debug.

  See the ChangeLog for the full list of changes in this and earlier
  releases.

  Users of Squid-3.2 with error page language negotiation are urged
  to upgrade to this release or Squid-3.3.3 as soon as possible.

  All users of Squid-3.2 are encouraged to upgrade to the 3.3 series
  stable release as soon as possible.

Please remember to run "squid -k parse" when testing upgrade to a new
version of Squid. It will audit your configuration files and report
any identifiable issues the new release will have in your installation
before you "press go". We are still removing the infamous "Bungled
Config" halting points and adding checks, so if something is not
identified please report it.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
when you are ready to make the switch to Squid-3.2

Upgrade tip:
   "squid -k parse" is starting to display even more
    useful hints about squid.conf changes.

This new release can be downloaded from our HTTP or FTP servers

http://www.squid-cache.org/Versions/v3/3.2/
ftp://ftp.squid-cache.org/pub/squid/
ftp://ftp.squid-cache.org/pub/archive/3.2/

or the mirrors. For a list of mirror sites see

http://www.squid-cache.org/Download/http-mirrors.html
http://www.squid-cache.org/Download/mirrors.html

If you encounter any issues with this release please
file a bug report.
http://bugs.squid-cache.org/

Amos Jeffries
Received on Wed Mar 13 2013 - 22:38:41 MDT

This archive was generated by hypermail 2.2.0 : Thu Mar 14 2013 - 12:00:06 MDT