From 0d79d418301c6594f6645582eed62e2ca5bc67fc Mon Sep 17 00:00:00 2001 From: squidadm Date: Fri, 8 Dec 2017 04:12:12 +1300 Subject: [PATCH] 4.0.22 --- ChangeLog | 28 +++++++++++++++++++++++----- configure.ac | 2 +- doc/release-notes/release-4.sgml | 4 ++-- src/ssl/support.cc | 2 +- 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index a939f13f05..4c1e50e822 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,21 @@ +Changes to squid-4.0.22 (07 Dec 2017): + + - Regression fix: Relay peer CONNECT error status line and headers to clients + - Bug 4767: SMP breaks IPv6 SNMP and cache manager queries + - Bug 4718: support filling raw buffer space of shared SBufs + - Bug 4648: object revalidation for HTTPS scheme + - Bug 4616: store_client.cc:92: "mem" assertion + - Bug 2821: ignore Content-Range in non-206 responses + - HTCP: Ignore packets with invalid URI + - TLS: Validate the shortest certificate chain + - TLS: Add checks for OpenSSL 1.1.0f API changes + - TLS: Fix reporting of validation errors for downloaded intermediate certs + - TLS: Fix SSL certificate cache refresh and collision handling + - Fix backwards compatibility for Squid-3.5 external_acl_type formats + - Fix invalid mime icon URLs in cache + - Do not die silently when dying early + - Docs: update translation files + Changes to squid-4.0.21 (02 Jul 2017): - Bug 4730: segfault while processing internal HTTP requests @@ -19,11 +37,11 @@ Changes to squid-4.0.21 (02 Jul 2017): Changes to squid-4.0.20 (01 Jun 2017): - - Bug #4692: SslBump breaks intercepted IPv6 connections - - Bug #4682: ignoring http_access deny when client-first bumping mode is used - - Bug #4662: build errors with LibreSSL 2.4.4 - - Bug #4659: sslproxy_foreign_intermediate_certs does not work - - Bug #4321: ssl_bump terminate does not terminate at step1 + - Bug 4692: SslBump breaks intercepted IPv6 connections + - Bug 4682: ignoring http_access deny when client-first bumping mode is used + - Bug 4662: build errors with LibreSSL 2.4.4 + - Bug 4659: sslproxy_foreign_intermediate_certs does not work + - Bug 4321: ssl_bump terminate does not terminate at step1 - Add 'has' ACL - Do not forward HTTP requests to dead idle peers - Do not unconditionally revive dead peers after a DNS refresh diff --git a/configure.ac b/configure.ac index 8a0d665bc1..0348489c23 100644 --- a/configure.ac +++ b/configure.ac @@ -5,7 +5,7 @@ ## Please see the COPYING and CONTRIBUTORS files for details. ## -AC_INIT([Squid Web Proxy],[4.0.21-VCS],[http://bugs.squid-cache.org/],[squid]) +AC_INIT([Squid Web Proxy],[4.0.22-VCS],[http://bugs.squid-cache.org/],[squid]) AC_PREREQ(2.61) AC_CONFIG_HEADERS([include/autoconf.h]) AC_CONFIG_AUX_DIR(cfgaux) diff --git a/doc/release-notes/release-4.sgml b/doc/release-notes/release-4.sgml index a63a8e485d..3c992d57f9 100644 --- a/doc/release-notes/release-4.sgml +++ b/doc/release-notes/release-4.sgml @@ -1,6 +1,6 @@
-Squid 4.0.21 release notes +Squid 4.0.22 release notes Squid Developers @@ -12,7 +12,7 @@ for Applied Network Research and members of the Web Caching community. Notice -

The Squid Team are pleased to announce the release of Squid-4.0.21 for testing. +

The Squid Team are pleased to announce the release of Squid-4.0.22 for testing. This new release is available for download from or the . diff --git a/src/ssl/support.cc b/src/ssl/support.cc index b23006dca8..78374ce032 100644 --- a/src/ssl/support.cc +++ b/src/ssl/support.cc @@ -1086,7 +1086,7 @@ Ssl::uriOfIssuerIfMissing(X509 *cert, Security::CertList const &serverCertificat if (const char *issuerUri = hasAuthorityInfoAccessCaIssuers(cert)) { // There is a URI where we can download a certificate. if (!findCertIssuerFast(SquidUntrustedCerts, cert) && - !issuerExistInCaDb(cert, context)) { + !issuerExistInCaDb(cert, context)) { // and issuer not found in local databases containing // untrusted certificates and trusted CA certificates return issuerUri; -- 2.47.2