From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sun, 28 Aug 2011 07:49:15 +0000 (-0600)
Subject: Prep for 3.1.15
X-Git-Tag: SQUID_3_1_15~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=64194e8b5664c4dfffd7478269dec36a2ce8a02b;p=thirdparty%2Fsquid.git

Prep for 3.1.15
---

diff --git a/ChangeLog b/ChangeLog
index bccd306fa3..deb8a51bcd 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 Changes to squid-3.1.15 (28 Aug 2011):
 
 	- Regression fix: vhost and defaultsite causing vport to be ignored
+	- Regression Bug 3295: broken escaping in rfc1738_do_escape
 	- Bug #3232: fails to compile with OpenSSL v1.0.0
 	- Bug #3222: cache_peer name is not logging on CONNECT
 	- Bug #3131: fd_table[fd].closing() assert from ConnStateData::noteMoreBodySpaceAvailable()
@@ -16,6 +17,7 @@ Changes to squid-3.1.15 (28 Aug 2011):
 	- Bug #1791: timestampsSet does not validate Date: if server sends very old date
 	- Correct parsing of large Gopher indexes
 	- Enable negative cacheing on unknown or -1 expiry timestamp
+	- Remove hierarchy_stoplist default value
 	- Migrate cf_gen tool from C-style to C++
 	- ... and several documentation and compiler warning fixes
 
diff --git a/doc/release-notes/release-3.1.html b/doc/release-notes/release-3.1.html
index fad6dd8344..c2f4486128 100644
--- a/doc/release-notes/release-3.1.html
+++ b/doc/release-notes/release-3.1.html
@@ -90,7 +90,7 @@ While this release is not fully bug-free we believe it is ready for use in produ
 <P>
 <UL>
 <LI>The lack of some features available in Squid-2.x series. See the regression sections below for full details.</LI>
-<LI>CVE-2009-0801 : NAT interception vulnerability to malicious clients.</LI>
+<LI>CVE-2009-0801 : NAT interception vulnerability to malicious clients. This is fixed in 3.2 series.</LI>
 </UL>
 </P>
 
@@ -1321,6 +1321,9 @@ format, so all helpers will need to be checked and converted to cope with such i
 <DT><B>header_replace</B><DD>
 <P>Deprecated. Use request_header_replace or reply_header_replace instead.</P>
 
+<DT><B>hierarchy_stoplist</B><DD>
+<P>Default value altered to no content, allowing dynamic websites to be fetched through peers.</P>
+
 <DT><B>http_port transparent intercept ssl-bump connection-auth[=on|off] ignore-cc</B><DD>
 <P>Option 'transparent' is being deprecated in favour of 'intercept' which more clearly identifies what the option does.
 For now option 'tproxy' remains with old behaviour meaning fully-invisible proxy using TPROXY support.</P>
diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 8eb7092a96..eb7ea23d0f 100644
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -31,7 +31,7 @@ Although this release is deemed good enough for use in many setups, please note
 
 <itemize>
 	<item>The lack of some features available in Squid-2.x series. See the regression sections below for full details.
-	<item>CVE-2009-0801 : NAT interception vulnerability to malicious clients.
+	<item>CVE-2009-0801 : NAT interception vulnerability to malicious clients. This is fixed in 3.2 series.
 </itemize>
 
 <p>Currently known issues which only depends on available developer time and may still be resolved in a future 3.1 release are: