Prep for 3.1.15

diff --git a/ChangeLog b/ChangeLog
index bccd306fa3f19a9cc40bc469fd7b5cd80551f684..deb8a51bcddd3a8e96ea3a51c5859a70d553da65 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 Changes to squid-3.1.15 (28 Aug 2011):
 
        - Regression fix: vhost and defaultsite causing vport to be ignored
+       - Regression Bug 3295: broken escaping in rfc1738_do_escape
        - Bug #3232: fails to compile with OpenSSL v1.0.0
        - Bug #3222: cache_peer name is not logging on CONNECT
        - Bug #3131: fd_table[fd].closing() assert from ConnStateData::noteMoreBodySpaceAvailable()
@@ -16,6 +17,7 @@ Changes to squid-3.1.15 (28 Aug 2011):
        - Bug #1791: timestampsSet does not validate Date: if server sends very old date
        - Correct parsing of large Gopher indexes
        - Enable negative cacheing on unknown or -1 expiry timestamp
+       - Remove hierarchy_stoplist default value
        - Migrate cf_gen tool from C-style to C++
        - ... and several documentation and compiler warning fixes
 

diff --git a/doc/release-notes/release-3.1.html b/doc/release-notes/release-3.1.html
index fad6dd8344b9511035a84ffaacfd4b2010560ab8..c2f4486128e7706642b732e68529d3f481961721 100644 (file)
--- a/doc/release-notes/release-3.1.html
+++ b/doc/release-notes/release-3.1.html
@@ -90,7 +90,7 @@ While this release is not fully bug-free we believe it is ready for use in produ
 <P>
 <UL>
 <LI>The lack of some features available in Squid-2.x series. See the regression sections below for full details.</LI>
-<LI>CVE-2009-0801 : NAT interception vulnerability to malicious clients.</LI>
+<LI>CVE-2009-0801 : NAT interception vulnerability to malicious clients. This is fixed in 3.2 series.</LI>
 </UL>
 </P>
 
@@ -1321,6 +1321,9 @@ format, so all helpers will need to be checked and converted to cope with such i
 <DT><B>header_replace</B><DD>
 <P>Deprecated. Use request_header_replace or reply_header_replace instead.</P>
 
+<DT><B>hierarchy_stoplist</B><DD>
+<P>Default value altered to no content, allowing dynamic websites to be fetched through peers.</P>
+
 <DT><B>http_port transparent intercept ssl-bump connection-auth[=on|off] ignore-cc</B><DD>
 <P>Option 'transparent' is being deprecated in favour of 'intercept' which more clearly identifies what the option does.
 For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy using TPROXY support.</P>

diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 8eb7092a96bec775b81fbd6795b0558a62ca5088..eb7ea23d0ffd94dfc7706d3dc98aa2817ac243db 100644 (file)
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -31,7 +31,7 @@ Although this release is deemed good enough for use in many setups, please note
 
 <itemize>
        <item>The lack of some features available in Squid-2.x series. See the regression sections below for full details.
-       <item>CVE-2009-0801 : NAT interception vulnerability to malicious clients.
+       <item>CVE-2009-0801 : NAT interception vulnerability to malicious clients. This is fixed in 3.2 series.
 </itemize>
 
 <p>Currently known issues which only depends on available developer time and may still be resolved in a future 3.1 release are: