Hello community,

here is the log from the commit of package squid for openSUSE:Factory checked 
in at 2016-10-13 11:32:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/squid (Old)
 and      /work/SRC/openSUSE:Factory/.squid.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "squid"

Changes:
--------
--- /work/SRC/openSUSE:Factory/squid/squid.changes      2016-08-03 
11:42:59.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.squid.new/squid.changes 2016-10-13 
11:32:43.000000000 +0200
@@ -1,0 +2,67 @@
+Wed Oct 12 14:51:59 UTC 2016 - adam.ma...@suse.de
+
+- Update Squid to 3.5.22
+  * HTTP: MUST ignore a [revalidation] response with an older Date
+    header.
+  * Optimized/simplified buffering: Appending nothing is always
+    possible.
+  * Avoid segfaults when debugging section 4 at level 9.
+  * fix #4302 pt2: IPFilter v5 transparent interception
+  * Bug #4471: revalidation doesn't work when expired cached
+    object lacks Last-Modified.
+  * Bug #2833: Collapse internal revalidation requests
+    (SMP-unaware caches)
+  * Bug #3819: "fd >= 0" assertion in file_write() during
+    reconfiguration
+  * Do not leak url_rewrite_extras and store_id_extras on
+    reconfigure/shutdown.
+  * Fix potential ICAP null pointer dereference after rev.14082
+  * Fix logged request size (%http::>st) and other size-related
+    %codes.
+
+-------------------------------------------------------------------
+Tue Sep 13 15:32:34 UTC 2016 - adam.ma...@suse.de
+
+- Merge changes from SLE12 SP2 so we have identical packages
+
+-------------------------------------------------------------------
+Mon Sep 12 09:57:30 UTC 2016 - adam.ma...@suse.de
+
+- Update Squid to 3.5.21
+  * fix assertion failure in xcalloc when using many cache_dir
+    Squid is documented as supporting up to 64 cache directories,
+    but would crash with a memory allocation error if more than
+    a few were actually configured.
+  * fix authentication credentials IP TTL updated incorrectly
+    This bug caused error in max_user_ip ACL accounting to allow
+    clients to shift IP address more times than configured.
+    Fix may have an effect on IPv6 clients using "proviacy adressing"
+    to rotate IPs.
+  * fix mal-formed Cache-Control:stale-if-error header
+    This bug shows up as incorrect stale-if-error values being
+    relayed by Squid breaking the use of this feature in the
+    recipients. Squid now relays the header values correctly.
+  * fix Proxy-Authenticate problem using ICAP server
+    With this change Squid now treats the ICAP REQMOD adaptation
+    point as a part of itself with regards to proxy authentication.
+    The Proxy-Authentication header received from the client is
+    delivered as part of the HTTP request headers in expectation
+    that the ICAP service may authenticate and/or
+    produce 407 response itself.
+  * fix HTTP: MUST always revalidate Cache-Control:no-cache responses
+    This bug shows up as Squid not revalidating some responses until
+    they became stale according to refresh_pattern heuristic rules
+    (specifically the minimum caching age). Squid now revalidates
+    these objects on every request.
+  * fix HTTP: do not allow Proxy-Connection to override Connection
+  * fix SSL CN wildcard must only match a single domain fragment
+    This bug shows up as incorrect matching (or non-matching) of the
+    ss::server_name ACL against TLS certificate values. Squid now
+    treats the certificate CN fields according to X.509 domain
+    matching requirements instead of HTTP domain matching
+    requirements.
+- squid-brokenad.patch
+  * propertly capitalize option name
+  * make the conditional if() not a riddle
+
+-------------------------------------------------------------------

Old:
----
  squid-3.5.20.tar.xz
  squid-3.5.20.tar.xz.asc

New:
----
  squid-3.5.22.tar.xz
  squid-3.5.22.tar.xz.asc

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ squid.spec ++++++
--- /var/tmp/diff_new_pack.Ex8XcO/_old  2016-10-13 11:32:45.000000000 +0200
+++ /var/tmp/diff_new_pack.Ex8XcO/_new  2016-10-13 11:32:45.000000000 +0200
@@ -20,7 +20,7 @@
 %define         squidconfdir %{_sysconfdir}/squid
 
 Name:           squid
-Version:        3.5.20
+Version:        3.5.22
 Release:        0
 Summary:        A fully featured HTTP/1.0 proxy
 License:        GPL-2.0+
@@ -28,7 +28,6 @@
 Url:            http://www.squid-cache.org/Versions/v3/3.5
 Source0:        
http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz
 Source1:        
http://www.squid-cache.org/Versions/v3/3.5/%{name}-%{version}.tar.xz.asc
-
 Source3:        squid.init
 Source4:        squid.sysconfig
 Source5:        pam.squid
@@ -50,6 +49,10 @@
 Patch104:       squid-old-kerberos.patch
 
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+# BuildRequires:  autoconf
+# BuildRequires:  automake
+# If you want to run unit tests, these also need mounted /dev/shm and /proc
+# BuildRequires:  cppunit-devel
 BuildRequires:  db-devel
 # needed by bootstrap.sh
 BuildRequires:  cyrus-sasl-devel
@@ -131,7 +134,7 @@
 %setup -q
 cp %{SOURCE10} .
 # upstream patches after RELEASE
-#
+
 ##### other patches
 %patch100
 perl -p -i -e 's|%{_prefix}/local/bin/perl|%{_bindir}/perl|' `find -name 
"*.pl"`
@@ -140,6 +143,7 @@
 %patch104
 
 %build
+# autoreconf -fi
 export CFLAGS="%{optflags} -fPIE -fPIC -DOPENSSL_LOAD_CONF"
 export CXXFLAGS="%{optflags} -fPIE -fPIC -DOPENSSL_LOAD_CONF"
 export LDFLAGS="-Wl,--as-needed -Wl,--no-undefined -Wl,-z,relro,-z,now -pie"

++++++ squid-3.5.20.tar.xz -> squid-3.5.22.tar.xz ++++++
++++ 4197 lines of diff (skipped)

++++++ squid-3.5.20.tar.xz.asc -> squid-3.5.22.tar.xz.asc ++++++
--- /work/SRC/openSUSE:Factory/squid/squid-3.5.20.tar.xz.asc    2016-07-14 
09:47:39.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.squid.new/squid-3.5.22.tar.xz.asc       
2016-10-13 11:32:43.000000000 +0200
@@ -1,20 +1,19 @@
-File: squid-3.5.20.tar.xz
-Date: Fri Jul  1 13:49:42 UTC 2016
-Size: 2319780
-MD5 : 48fb18679a30606de98882528beab3a7
-SHA1: 2bb6d3568e7167c9b99fea092a97287d0e430863
+File: squid-3.5.22.tar.xz
+Date: Sun Oct  9 23:43:33 UTC 2016
+Size: 2324164
+MD5 : afb82d2748c06c95815c171463b4aa14
+SHA1: 73e9199dd9d2a7f107f78d03454830713a4a571d
 Key : 0xFF5CF463 <squ...@treenet.co.nz>
-      fingerprint = EA31 CC5E 9488 E516 8D2D  CC5E B268 E706 FF5C F463
+      
       keyring = http://www.squid-cache.org/pgp.asc
       keyserver = subkeys.pgp.net
 -----BEGIN PGP SIGNATURE-----
-Version: GnuPG v1
 
-iQEcBAABAgAGBQJXdnW5AAoJELJo5wb/XPRjqzsH+wXT0yt47aqoGWI8D1YpRaW5
-KPYvJdos0zPfgIPFWXxngH+ZpJcSPD21QuiEPS8BqISxm+/+By+0QIljITnHWFOV
-/wo1nwL/IMissmD+9bksyBede+BsZdz1PSwl9V1MzvuGL4vwOC0UZD9RT9RYvMwj
-Exfw80v/01bAVpV8U3tsBodk4Rz3AWIHhH2Tf9O2EZ/pIAtEHtDbkdLk81rSwNED
-tL6yV/n+BoWgAPg/+YPVGRK/h5nD4tBkTD6YBCnxp5PJmybhvAjLr/J96PtPpHdC
-or7Vx1lVpKvkXwZjn936+v4pqv19lsvKs5zLtGKBG2wMmoSIo2bf/bGhhT5kBDc=
-=znHp
+iQEcBAABCAAGBQJX+tbSAAoJELJo5wb/XPRjl2gH/ReWuyxU88issJB6RDkqpg1z
+ULCFIGXOZieUB1Ec+kh6gkothXfFSmec4U/3nx42N2e1cFlQby9lRY27e7T47na7
+rA8ZiXc8gXNrE06GCtFXIR9AvRQrySAJMES6wJT4LigkfbS3wZt3PvUw+RUgGCcz
+RC14yLwFgzaAR7d9RVgZWBIOXlz4NUvdlb/ri+kiHc2mfT09ikm9NX+t5wJ64MfI
+S/U2tFJLDeqG0B4Sx/lnl35h7f2mk+c9DPfmTDkZSE1dJScE34GtEpehJQwZcxA9
+EHgPwIP4BFIReywnCwhDMY17JDkC58gXyOBNjSd6v0PzyvXbSQLAYYJu1MKzKi8=
+=JCC/
 -----END PGP SIGNATURE-----

++++++ squid-brokenad.patch ++++++
--- /var/tmp/diff_new_pack.Ex8XcO/_old  2016-10-13 11:32:46.000000000 +0200
+++ /var/tmp/diff_new_pack.Ex8XcO/_new  2016-10-13 11:32:46.000000000 +0200
@@ -18,7 +18,7 @@
 -                debug((char *) "%s| %s: DEBUG: Found principal name: %s\n", 
LogTime(), PROGRAM, principal_name);
 -                found = 1;
 +              if (margs->brokenad == 1) {
-+                    if (!strncmp(principal_name,"HTTP/",strlen("HTTP/"))==0){
++                    if (strncmp(principal_name,"HTTP/",strlen("HTTP/")) != 0){
 +                        debug((char *) "%s| %s: DEBUG: Found principal 
without 'HTTP/' service name: %s NOT USING IT\n", LogTime(), PROGRAM, 
principal_name);
 +                    } else {
 +                        debug((char *) "%s| %s: DEBUG: Found principal with 
'HTTP/' service name: %s\n", LogTime(), PROGRAM, principal_name);
@@ -66,7 +66,7 @@
              fprintf(stderr, "-l ldap url\n");
              fprintf(stderr, "-b ldap bind path\n");
              fprintf(stderr, "-s use SSL encryption with Kerberos 
authentication\n");
-+            fprintf(stderr, "-x force use of HTTP/ principal on ms ad 
2008\n");
++            fprintf(stderr, "-x force use of HTTP/ principal on MS AD 
2008\n");
              fprintf(stderr, "-a allow SSL without cert verification\n");
              fprintf(stderr, "-m maximal depth for recursive searches\n");
              fprintf(stderr, "-h help\n");


Reply via email to