[Bug 1547640] Re: proxy tries ipv6 and gets 503 when no ipv6 routes

[Amos Jeffries]

Andres,
 Because there is no way to distinguish between a local-only network and one 
using NAT without actually trying to connect to the IPs (which is exactly what 
Squid is doing - up to the limit of forward_max_tries). The problem is 
identical and far more widespread in IPv4. Disabling IPv4 whenever RFC1918 
addresses were the only ones assigned would cut a huge number of networks 
connectivity.

It simply comes down to the fact that despite some mistaken opinions to
the contrary, IPv6 is mandatory for any network that wishes to
communicate with the www. IPv4-only networks (even just on the global
facing part) will face more and more inability to communicate as time
passes. We can juggle some numbers to workaround the pain for a while.
But in the end IPv6 is mandatory.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1547640

Title:
  proxy tries ipv6 and gets 503 when no ipv6 routes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1547640/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1547640] Re: proxy tries ipv6 and gets 503 when no ipv6 routes

[Amos Jeffries]

And for the record. No Squid does not use libc getaddrinfo(). That API
provides speed restrictions several orders of magnitude too slow for
even small Squid installations.

** Description changed:

  Many people run squid (squid-deb-proxy, or maas-proxy) to provide ubuntu
  archive mirror caching and proxying.  MAAS sets this up by default for
  users with the 'maas-proxy' package.
  
  On or about Friday February 19, this setup began to fail for many people.
  Users would see 'apt-get update' returning 503 errors.  For me, I saw 503 on 
security.ubuntu.com addresses.
  
- The reason for the failure was that the squid proxy began using ipv6
- addresses for instead of ipv4.  The squid proxy host did not have ipv6
- connectivity and thus would fail.
+ The reason for the failure was that the DNS records for Ubuntu reacheda
+ threshold of 10 IPv6 entries. The squid proxy host did not have ipv6
+ connectivity and with a limit of 10 retries the failover does not reach
+ any IPv4 addresses - thus would fail.
  
  The fix/workaround is to add the following to your squid config:
-   # http://www.squid-cache.org/Doc/config/dns_v4_first/
-   dns_v4_first on
+   # http://www.squid-cache.org/Doc/config/forward_max_tries/
+   forward_max_tries 25
  
  The appropriate squid config file depends on what is running squid.
    maas-proxy: /usr/share/maas/maas-proxy.conf
    squid-deb-proxy: /etc/init/squid-deb-proxy.conf
  
  I'm not sure how this previously worked, nor what change was made.
  One change that was made in this time frame was a glibc update 
(2.19-0ubuntu6.6 to 2.19-0ubuntu6.7) for security (CVE-2013-7423 CVE-2014-9402 
CVE-2015-1472 CVE-2015-1473).  But it doesn't seem to make sense that that 
would change squid3 to start looking for  records when it did not 
previously.
  i can verify that as late as
-   Thu Feb 18 06:36:07 EST 2016
+   Thu Feb 18 06:36:07 EST 2016
  i was seeing entries in my squid logs with
-   1455713142.896335 10.7.2.103 TCP_REFRESH_UNMODIFIED/200 82620 GET 
http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease - 
HIER_DIRECT/91.189.88.149 -
+   1455713142.896335 10.7.2.103 TCP_REFRESH_UNMODIFIED/200 82620 GET 
http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease - 
HIER_DIRECT/91.189.88.149 -
  but now i get
-   1455879482.210  1 10.7.2.103 TCP_REFRESH_FAIL/200 635 GET 
http://security.ubuntu.com/ubuntu/dists/precise-security/main/i18n/Index - 
HIER_DIRECT/2001:67c:1562::14 -
+   1455879482.210  1 10.7.2.103 TCP_REFRESH_FAIL/200 635 GET 
http://security.ubuntu.com/ubuntu/dists/precise-security/main/i18n/Index - 
HIER_DIRECT/2001:67c:1562::14 -

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1547640

Title:
  proxy tries ipv6 and gets 503 when no ipv6 routes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1547640/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1547640] Re: proxy tries ipv6 and gets 503 when no ipv6 routes

[Amos Jeffries]

The upstream fix was http://www.squid-
cache.org/Versions/v3/3.5/changesets/squid-3-12982.patch - which is to
increase the number of IPs attempted to 25 instead of just 10.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1547640

Title:
  proxy tries ipv6 and gets 503 when no ipv6 routes

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1547640/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1235681] Re: squid3 always run with -N option, incompatible with SMP option (workers)

[Amos Jeffries]

For the record this usage of -N is an intentional addition for Upstart
integration with Squid-3. It is needed to avoid those much worse process
control start/stop issues mentioned in the report, and other less
obvious problems around the system.

The Ubuntu package dropping its Upstart integration patch as a whole
will remove this issue. At cost of dropping back to SysVinit for process
management.

Squid-3.5 versions currently in Debian upstream contains different
integration for dual compatibility with SysVinit and systemd which
offers better behaviour (and those "service" commands), but this does
not affect the Upstart support.

Squid-4 versions (not yet packaged) will be coming with some changes
that should make the -N option no longer needed for Upstart. That will
need to be verified when the time comes, if Upstart intgration is still
in the Ubuntu package at that point.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1235681

Title:
  squid3 always run with -N option, incompatible with SMP option
  (workers)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1235681/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1391159] Re: squid3 is not built with helper /usr/lib/squid3/ext_time_quota_acl

[Amos Jeffries]

Fix for this has been added upstream in Debian package 3.5.14-1

** Also affects: squid3 (Debian)
   Importance: Undecided
   Status: New

** Changed in: squid3 (Debian)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1391159

Title:
  squid3 is not built with helper /usr/lib/squid3/ext_time_quota_acl

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1391159/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1544400] Re: squid3: systemctl reports squid is running when there is a bungled squid.conf and it has exited.

[Amos Jeffries]

The squid3.service file is auto-generated. The actual upstream fix was:


commit 6ac65f75a971a4a87c18766f3fe9969e91cef591
Author: Mathieu Parent 
Date:   Thu Oct 8 09:40:50 2015 +0200

Set pidfile for systemd's sysv-generator

This actually changes the followind settings (from systemctl cat 
squid.service):
from:
  [Service]
  RemainAfterExit=yes
to:
  [Service]
  RemainAfterExit=no
  PIDFile=/var/run/squid.pid

diff --git a/debian/squid.rc b/debian/squid.rc
index 204b676..a27fd88 100644
--- a/debian/squid.rc
+++ b/debian/squid.rc
@@ -4,6 +4,8 @@
 #
 # Version: @(#)squid.rc  1.0  07-Jul-2006  lu...@debian.org
 #
+# pidfile: /var/run/squid.pid
+#
 ### BEGIN INIT INFO
 # Provides:  squid
 # Required-Start:$network $remote_fs $syslog

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1544400

Title:
  squid3: systemctl reports squid is running when there is a bungled
  squid.conf and it has exited.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1544400/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1473691] Re: squid: Update to latest upstream stable release (3.5)

[Amos Jeffries]

** Description changed:

- Squid's latest stable upstream version is currently 3.5 and fixes
- important bugs, such as the inability to fall back to IPv4 if a websites
- IPv6 connectivity is broken (e.g. http://readlist.com/lists/squid-
- cache.org/squid-users/11/58389.html), #1213455, #1214379, #1459638,
- #1448149, #1390132, #1423498 and #1532560.
+ Squid's latest upstream version is currently 3.5 and fixes important
+ bugs, such as the inability to fall back to IPv4 if a websites IPv6
+ connectivity is broken (e.g. http://readlist.com/lists/squid-cache.org
+ /squid-users/11/58389.html), #1213455, #1214379, #1459638, #1448149,
+ #1390132, #1423498 and #1532560.
  
  Please update the package from 3.3.8 to the version that Debian already
- has in its stable distribution.
+ has in its distribution.
  
  Question 268037 already asked the same - here's the filed bug.

** Summary changed:

- squid: Update to latest upstream stable release (3.5)
+ squid: Update to latest upstream release (3.5)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691

Title:
  squid: Update to latest upstream release (3.5)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1473691] Re: squid: Update to latest upstream stable release (3.5)

[Amos Jeffries]

** Summary changed:

- Update to latest upstream stable release (3.5)
+ squid: Update to latest upstream stable release (3.5)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691

Title:
  squid: Update to latest upstream stable release (3.5)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1473691] Re: Update to latest upstream stable release (3.5)

[Amos Jeffries]

** Description changed:

- Squid's latest stable upstream version is currently 3.5.7 and fixes
+ Squid's latest stable upstream version is currently 3.5 and fixes
  important bugs, such as the inability to fall back to IPv4 if a websites
  IPv6 connectivity is broken (e.g. http://readlist.com/lists/squid-
- cache.org/squid-users/11/58389.html). Please update the package from
- 3.3.8 to 3.5.7, or, at the very least, update it to version 3.4.8 that
- Debian already has in its stable distribution (Jessie, and Wheezy
- backports too).
+ cache.org/squid-users/11/58389.html), #1213455, #1214379, #1459638,
+ #1448149, #1390132, and #1532560.
+ 
+ Please update the package from 3.3.8 to the version that Debian already
+ has in its stable distribution.
  
  Question 268037 already asked the same - here's the filed bug.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691

Title:
  Update to latest upstream stable release (3.5)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1473691] Re: Update to latest upstream stable release (3.5)

[Amos Jeffries]

** Description changed:

  Squid's latest stable upstream version is currently 3.5 and fixes
  important bugs, such as the inability to fall back to IPv4 if a websites
  IPv6 connectivity is broken (e.g. http://readlist.com/lists/squid-
  cache.org/squid-users/11/58389.html), #1213455, #1214379, #1459638,
- #1448149, #1390132, and #1532560.
+ #1448149, #1390132, #1423498 and #1532560.
  
  Please update the package from 3.3.8 to the version that Debian already
  has in its stable distribution.
  
  Question 268037 already asked the same - here's the filed bug.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691

Title:
  squid: Update to latest upstream stable release (3.5)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1300064] Re: pinger crashed with SIGSEGV in __tzfile_compute()

[Amos Jeffries]

*** This bug is a duplicate of bug 1213455 ***
https://bugs.launchpad.net/bugs/1213455

** This bug is no longer a duplicate of bug 1214806
   pinger crashed with SIGSEGV in __tzfile_compute()
** This bug has been marked a duplicate of bug 1213455
   pinger crashed with SIGSEGV in __strftime_internal()

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1300064

Title:
  pinger crashed with SIGSEGV in __tzfile_compute()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1300064/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1218463] Re: pinger crashed with SIGSEGV in __tzfile_compute()

[Amos Jeffries]

*** This bug is a duplicate of bug 1213455 ***
https://bugs.launchpad.net/bugs/1213455

** This bug is no longer a duplicate of bug 1214806
   pinger crashed with SIGSEGV in __tzfile_compute()
** This bug has been marked a duplicate of bug 1213455
   pinger crashed with SIGSEGV in __strftime_internal()

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1218463

Title:
  pinger crashed with SIGSEGV in __tzfile_compute()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1218463/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1236239] Re: pinger assert failure: *** Error in `(pinger)': free(): invalid next size (normal): 0x00007efffc4e7df0 ***

[Amos Jeffries]

*** This bug is a duplicate of bug 1214379 ***
https://bugs.launchpad.net/bugs/1214379

** This bug has been marked a duplicate of bug 1214379
   pinger crashed with SIGSEGV in malloc_consolidate()

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1236239

Title:
  pinger assert failure: *** Error in `(pinger)': free(): invalid next
  size (normal): 0x7efffc4e7df0 ***

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1236239/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1081952] Re: squid 3.1.19 external_acl_type fail

[Amos Jeffries]

I think this bug is not valid.

The config does not meet the documented requirement that the script
interpreter be a *full path* to the sript interpreter, or helper binary.
"php" is not the full path to the PHP executable.

The helper is also closing its stdin communication socket to Squid
before sending any response back. When Squid receives that termination
signal, the helper state will be shutdown and ERR used in place of any
pending lookups.

** Changed in: squid3 (Ubuntu)
   Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1081952

Title:
  squid 3.1.19 external_acl_type fail

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1081952/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 392077] Re: Squid crashes with "assertion failed" mem->swapout.sio

[Amos Jeffries]

** Bug watch added: Squid Bugzilla #3852
   http://bugs.squid-cache.org/show_bug.cgi?id=3852

** Changed in: squid
   Importance: Medium => Unknown

** Changed in: squid
   Status: Invalid => Unknown

** Changed in: squid
 Remote watch: Squid Bugzilla #3453 => Squid Bugzilla #3852

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/392077

Title:
  Squid crashes with "assertion failed" mem->swapout.sio

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/392077/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1214806] Re: pinger crashed with SIGSEGV in __tzfile_compute()

[Amos Jeffries]

*** This bug is a duplicate of bug 1213455 ***
https://bugs.launchpad.net/bugs/1213455

** This bug has been marked a duplicate of bug 1213455
   pinger crashed with SIGSEGV in __strftime_internal()

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1214806

Title:
  pinger crashed with SIGSEGV in __tzfile_compute()

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1214806/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1404876] Re: pinger assert failure: *** Error in `(pinger)': free(): invalid pointer: 0x00007f3b5e73ebf0 ***

[Amos Jeffries]

*** This bug is a duplicate of bug 1214379 ***
https://bugs.launchpad.net/bugs/1214379

** This bug has been marked a duplicate of bug 1214379
   pinger crashed with SIGSEGV in malloc_consolidate()

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1404876

Title:
  pinger assert failure: *** Error in `(pinger)': free(): invalid
  pointer: 0x7f3b5e73ebf0 ***

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1404876/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1504200] Re: libecap2 FTBFS due to gcc5 transition

[Amos Jeffries]

squid3_ 3.3.8-1ubuntu16 resolves this for Squid

** Changed in: squid3 (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1504200

Title:
  libecap2 FTBFS due to gcc5 transition

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libecap/+bug/1504200/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1098641] Re: visible_hostname defaults to hostname of first http_port IP, not get_hostname()

[Amos Jeffries]

Oops, sorry 3.3.3 and later are checking for '.' present in the domin
name. So yes they should be fixed in regards to this.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1098641

Title:
  visible_hostname defaults to hostname of first http_port IP, not
  get_hostname()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1098641/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1194310] Re: cachemgr.cgi crashes after login

[Amos Jeffries]

Sorry, just read comment #3, that makes it confirmed as CVE-2013-0189

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1194310

Title:
  cachemgr.cgi crashes after login

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1194310/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1194310] Re: cachemgr.cgi crashes after login

[Amos Jeffries]

Sorry, just read comment 3, that makes it confirmed as CVE-2013-0189

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1194310

Title:
  cachemgr.cgi crashes after login

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1194310/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1194310] Re: cachemgr.cgi crashes after login

[Amos Jeffries]

This appears to be upstream bug 3790. Which was part of

http://www.squid-cache.org/Advisories/SQUID-2012_1.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5643
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0189

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-5643

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-0189

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1194310

Title:
  cachemgr.cgi crashes after login

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1194310/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1459638] Re: maximum_object_size has no effect in default configuration file

[Amos Jeffries]

For the record, upstream patch for this was http://www.squid-
cache.org/Versions/v3/3.4/changesets/squid-3.4-13130.patch. The code
part of this should apply fine to any affected version of Squid.

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1459638

Title:
  maximum_object_size has no effect in default configuration file

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1459638/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1098641] Re: visible_hostname defaults to hostname of first http_port IP, not get_hostname()

[Amos Jeffries]

This behaviour is a result of the upstream fix for upstream bug 2997. It
is still present in all Squid-3 (will be fixed in Squid-4). When Squid
is assigned an explicit listening IP and that IP has reverse-DNS it is
used instead of halting startup.

Only the first http_port or https_port is checked in the affected
versions. To prevent localhost being used, do not configure it as the
primary listening address for Squid.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1098641

Title:
  visible_hostname defaults to hostname of first http_port IP, not
  get_hostname()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1098641/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1496924] Re: squid3 FTBFS due to bad libecap3 dependency and logical-not-parentheses warning

[Amos Jeffries]

FYI: The libecap older than 1.0.0 and Squid older than 3.5 are in a
lock-step dependency due to the libecap API and ABI being unstable in
those versions. Even if you can get it to build the call sequence to the
API is wrong at run-time. You get to pick libecap2 (0.2) + squid (3.3,
3.4) or libecap3 (1.0.1) + squid (3.5), but not a mix.

At this stage of Wily I suggest reverting to libecap2.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1496924

Title:
  squid3 FTBFS due to bad libecap3 dependency and logical-not-
  parentheses warning

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1496924/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1496223] Re: squid3 FTBFS due to linux-libc-dev and libc6-dev headers mismatch

[Amos Jeffries]

Also please note that this is not a bug specific to Squid. It is due to
the netfilter/in.h having a cross-include collision with the linux-
headers-4.2 headers. The kernel maintainers have a patch to try to
workaround it, but any software using system headers before
netfilter/in.h will FTBS. Squid is just one of those collateral damage
applications.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1496223

Title:
  squid3 FTBFS due to linux-libc-dev and libc6-dev headers mismatch

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1496223/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1496223] Re: squid3 FTBFS due to linux-libc-dev and libc6-dev headers mismatch

[Amos Jeffries]

Upstream patch at http://www.squid-
cache.org/Versions/v4/changesets/squid-4-14311.patch should apply fairly
easily to all Squid versions.

** Changed in: squid
   Importance: Unknown => Critical

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1496223

Title:
  squid3 FTBFS due to linux-libc-dev and libc6-dev headers mismatch

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1496223/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1480900] Re: ancient squid causes security risk

[Amos Jeffries]

duplicate of
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/1480900

Title:
  ancient squid causes security risk

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1480900/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1480900] Re: ancient squid causes security risk

[Amos Jeffries]

*** This bug is a duplicate of bug 1473691 ***
https://bugs.launchpad.net/bugs/1473691

** This bug has been marked a duplicate of bug 1473691
   Update to latest upstream stable release (3.5)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/1480900

Title:
  ancient squid causes security risk

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1480900/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1473691] Re: Update to latest upstream stable release (3.5)

[Amos Jeffries]

** Description changed:

- Squid's latest stable upstream version is currently 3.5.6 and fixes
+ Squid's latest stable upstream version is currently 3.5.7 and fixes
  important bugs, such as the inability to fall back to IPv4 if a websites
  IPv6 connectivity is broken (e.g. http://readlist.com/lists/squid-
  cache.org/squid-users/11/58389.html). Please update the package from
- 3.3.8 to 3.5.6, or, at the very least, update it to version 3.4.8 that
+ 3.3.8 to 3.5.7, or, at the very least, update it to version 3.4.8 that
  Debian already has in its stable distribution (Jessie, and Wheezy
  backports too).
  
  Question 268037 already asked the same - here's the filed bug.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1473691

Title:
  Update to latest upstream stable release (3.5)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1473691/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1097032] Re: Please provide GNUTLS support in squid

[Amos Jeffries]

Upstream bug tracker for this is http://bugs.squid-
cache.org/show_bug.cgi?id=2741. The (very basic) initial stages have
been added to squid-3.5 which is now available in Debian repositories -
and enabled. There is still a lot to be done though, so it may not be
generally useful for a few versions.

** Bug watch added: Squid Bugzilla #2741
   http://bugs.squid-cache.org/show_bug.cgi?id=2741

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1097032

Title:
  Please provide GNUTLS support in squid

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1097032/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1304496] Re: add --version to squid3

[Amos Jeffries]

The -v command line option is already available.

If that is not providing a version number then your package is more than
10 years old, contains some severe security vulnerabilities and
desperately needs upgrading.

** Changed in: squid3 (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1304496

Title:
  add --version to squid3

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1304496/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1277388] Re: aptitude install squid installs wrong version

[Amos Jeffries]

The upstream wiki is somewhat out of date. The Squid-3.3 versions of
Squid which are installed with "aptitude install squid" on current
Ubuntu do contain almost all the Squid-2 features.

The few useful ones which it omits are in later Squid versions not yet
packaged for Ubuntu, but available from Debian repositories. If there
are missing features please get in touch with upstream about available
options for getting them ported from the obsolete Squid-2.6/2.7 fork
back to the Squid mainline releases.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/1277388

Title:
  aptitude install squid installs wrong version

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1277388/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1480900] Re: ancient squid causes security risk

[Amos Jeffries]

** Also affects: squid3 (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: squid3 (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1480900

Title:
  ancient squid causes security risk

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1480900/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1277388] Re: aptitude install squid installs wrong version

[Amos Jeffries]

** Changed in: squid (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/1277388

Title:
  aptitude install squid installs wrong version

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/1277388/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1336742] Re: Caching responses with Vary header

[Amos Jeffries]

Debian Sid and Jesse package squid3 includes the fix for this bug.
Please update the Ubuntu packages to match the upstream Debain
repository.

** Also affects: squid3 (Debian)
   Importance: Undecided
   Status: New

** Changed in: squid3 (Debian)
   Status: New = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1336742

Title:
  Caching responses with Vary header

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1336742/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 16669]

[Amos Jeffries]

The auto-detect default is equivalent to --with-gnutls --without-
openssl.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/16669

Title:
  Squid: Compile with --enable-ssl

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/16669/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1214856] Re: ipv6 squid deny_info redirect loop

[Amos Jeffries]

this us a user configuration error.

** Bug watch added: Squid Bugzilla #3934
   http://bugs.squid-cache.org/show_bug.cgi?id=3934

** Also affects: squid via
   http://bugs.squid-cache.org/show_bug.cgi?id=3934
   Importance: Unknown
   Status: Unknown

** Changed in: squid (Ubuntu)
   Status: New = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/1214856

Title:
  ipv6 squid deny_info redirect loop

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1214856/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1182240] Re: Brazilian Portuguese language errorpage directory

[Amos Jeffries]

I am re-opening this due to the closure being based on an assumption
that the original report was accurate.

pt-bz refers to Portuguese reading/writing citizens of Belize (NOT
Brazil). Which is a valid ISO code missing from the squid-langpack
package.

Any information on whether Belize Portuguese dialect can be presented
with Brazillian or European Portuguese texts or whether they require a
third translation is very welcome. Until then upstream will contain a
symlink entry for pt-bz to pt-br based on the geographical distance for
dialect locale.

** Changed in: squid3 (Ubuntu)
   Status: Invalid = New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1182240

Title:
  Brazilian Portuguese language errorpage directory

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1182240/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 16669] Re: Squid: Compile with --enable-ssl

[Amos Jeffries]

GnuTLS has been passed to the upstream bugzilla, so is on the TODO list.
However all we are seeing is demands that we do the *enormous*
conversion task for free. Nobody supposedly needing SSL has been
willing to contribute towards development, even as patch submissions to
assist.

I have finally got around to starting
https://code.launchpad.net/~yadi/squid/crypto-ng as a tracker to begin
forward progress. however, without support you can expect it to go just
as slowly as before. Any assistance is VERY welcome.

alternatively there are several proposals to make a special Squid
package using OpenSSL available through non-free repositories. AFAIK the
packaging maintainers have not made their thoughts on that known.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/16669

Title:
  Squid: Compile with --enable-ssl

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/16669/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 927744] Re: rotate around round robin hosts is not configurable

[Amos Jeffries]

balance_on_multiple_ip directive configures whether Squid does any
internal rotation, on/off. The 3.1 default is OFF. Turning it ON
explicitly would cause the issue described.


positive_dns_ttl causes DNS records to be discarded at a forced timeout 
ignoring the upstream rotation TTL. The default in 3.1 is to obey upstream DNS 
servers. Setting it explicitly to a short time period will cause the problem as 
described.


So in summary, this problem report is showing all the signs of being explicitly 
configured to happen. It is likely the squid in question is operating out of a 
configuration file from some earlier squid version where the directives were 
configured to values which cause this bug.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/927744

Title:
  rotate around round robin hosts is not configurable

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/927744/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1056248] Re: assertion failed: AclProxyAuth.cc:229: authenticateUserAuthenticated(Filled(checklist)-auth_user_request)

[Amos Jeffries]

*** This bug is a duplicate of bug 496886 ***
https://bugs.launchpad.net/bugs/496886

** This bug has been marked a duplicate of bug 496886
   Squid crashes with assertion failed authenticateUserAuthenticated

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1056248

Title:
  assertion failed: AclProxyAuth.cc:229:
  authenticateUserAuthenticated(Filled(checklist)-auth_user_request)

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/1056248/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 1016560] Re: Please merge squid3 3.1.20-1

[Amos Jeffries]

As related to those bugs it is non-critical. There are three upstream
bug fixes in 3.1.20 however which close remote triggered security
problems. Merge is advised by upstream (me).

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/1016560

Title:
  Please merge squid3 3.1.20-1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1016560/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 988802] Re: squid3 killed by ABRT signal. assertion failed: disk.cc377: fd = 0

[Amos Jeffries]

Upstream bug referenced here is about cache storage failures during
startup/reconfigure. Which seems a bit at odds with resolv.conf loading
errors, although it may be a secondary bug result of the resolv.conf
reconfigure action being successfully triggered very early after
startup.

A stack trace is required to identify and confirm the code path leading
to this crash. To be compared with the traces already available
upstream.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/988802

Title:
  squid3 killed by ABRT signal. assertion failed: disk.cc377: fd = 0

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/988802/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 805931] Re: assertion failed: comm.cc:572: fdc_table[fd].active == 1

[Amos Jeffries]

** Bug watch added: Squid Bugzilla #2827
   http://bugs.squid-cache.org/show_bug.cgi?id=2827

** Also affects: squid via
   http://bugs.squid-cache.org/show_bug.cgi?id=2827
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/805931

Title:
  assertion failed: comm.cc:572: fdc_table[fd].active == 1

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/805931/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 115475] Re: tproxy support (iptables squid)

[Amos Jeffries]

You should not have to recompile the kernel if its accepting connections
through TPROXY properly. Double-check the IPs squid is identifying as
the client IP though to make sure that arrival is happening correctly.

We found a small bit alignment bug in the 3.2 series not setting the
spoof flag correctly on some systems, which caused this same behaviour.
I thought 3.1 was okay but I will take a closer look later today to
double check whether 3.1 has a similar regression.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid3 in Ubuntu.
https://bugs.launchpad.net/bugs/115475

Title:
  tproxy support (iptables  squid)

To manage notifications about this bug go to:
https://bugs.launchpad.net/squid/+bug/115475/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 596041] Re: /var/tmp is not cleared after squid restart

[Amos Jeffries]

Squid does not use /var/tmp.

** Changed in: squid (Ubuntu)
   Status: Confirmed = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/596041

Title:
  /var/tmp is not cleared after squid restart

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 16669] Re: Squid: Compile with --enable-ssl

[Amos Jeffries]

** Bug watch added: Squid Bugzilla #2741
   http://bugs.squid-cache.org/show_bug.cgi?id=2741

** Also affects: squid via
   http://bugs.squid-cache.org/show_bug.cgi?id=2741
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in Ubuntu.
https://bugs.launchpad.net/bugs/16669

Title:
  Squid: Compile with --enable-ssl

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 692131] Re: package squid 2.7.STABLE9-2.1ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1

[Amos Jeffries]

*** This bug is a duplicate of bug 696460 ***
https://bugs.launchpad.net/bugs/696460

** This bug has been marked a duplicate of bug 696460
   package squid 2.7.STABLE9-2ubuntu5 failed to install/upgrade: ErrorMessage: 
podproces instalovaný post-installation skript vrátil chybový status 1
 * You can subscribe to bug 696460 by following this link: 
https://bugs.launchpad.net/ubuntu/+source/squid/+bug/696460/+subscribe

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in ubuntu.
https://bugs.launchpad.net/bugs/692131

Title:
  package squid 2.7.STABLE9-2.1ubuntu1 failed to install/upgrade:
  ErrorMessage: subprocess installed post-installation script returned
  error exit status 1

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 573853] Re: Cannot control squid Unknown instance

[Amos Jeffries]

There seems to be some confusion over the way these squid processes
operates.

In your trace:

root 14719 0.0 0.0 24796 1076 ? Ss 14:26 0:00 /usr/sbin/squid
proxy 14721 2.2 0.2 40212 10352 ? Sl 14:26 0:00 (squid)


the process /usr/sbin/squid is a daemon supervisor. Ensuring worker
(squid) process remains running and restarting it on failures.

Adding upstart to manage this manager process is redundant. Using  -N is
the correct way to start squid up to version 3.1 without the
supervisor/master process. 3.2+ with multiple workers will require
changes in either upstart or squid to integrate them better, but the -N
mode is still available meanwhile to disable the SMP support.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in ubuntu.
https://bugs.launchpad.net/bugs/573853

Title:
  Cannot control squid Unknown instance

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 640511] Re: squid in lucid adds bogus port number to Host: line if one isn't provided (in original or via vport=)

[Amos Jeffries]

This is a feature designed for maximum compatibility with other
software.

From squid developer discussions:
 hno:
 default port in accel mode is the listening port unless told otherwise by the 
host header or vport. If you run Squid on port 3128 but it's actually 
processing port 80 requests then you need to tell this to squid with vport=80. 
It's hard to automatically account for NATs or other reverse proxies infront 
remapping things in unexpected manners without config hints.
this default port == listening port is needed to support accel mode on 
non-port80 in an clean manner.

note that you also have this same issue for the same reasons if you run
Squid (:80) - Apache (:8080) unless you tell Apache to override it's
idea of the listening port.

the short answer is: Do not remap ports in reverse proxy setups, doing so 
always bites back one way or another. Use IP addresses instead for request 
routing purposes.


In response to the multiple backends problem:
 If the backends are themselves configurable to separate the domain/port they 
are listening on from the public domain/port this is a non issue.

 Squid can listen on multiple ports quite happily, each of which will
perform this same Host: re-writing to its own number and can (a) be
dedicated to requests going to certain backends using that port. or (b)
have their own vport=N option correcting the port back to the public one
for subsequent URL generation.

** Changed in: squid
   Importance: Unknown = Undecided

** Changed in: squid
   Status: Unknown = New

** Changed in: squid
 Remote watch: bugs.squid-cache.org/ #2192 = None

** Changed in: squid (Ubuntu)
   Status: New = Invalid

** Changed in: squid
   Status: New = Invalid

-- 
squid in lucid adds bogus port number to Host: line if one isn't provided (in 
original or via vport=)
https://bugs.launchpad.net/bugs/640511
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 415410] Re: MIR for squid-langpack

[Amos Jeffries]

The only issue that is unclear is whether the package is on automatic-
import from Debian Testing.

Also, the package version in lucid is quite old and will need another
re-sync. I expect just prior to the April 15th translations deadline. We
should have more texts pushed through Debian QA by then.

-- 
MIR for squid-langpack
https://bugs.launchpad.net/bugs/415410
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid-langpack in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 506328] Re: Please sync squid-langpack 20090111-1 (main) from Debian unstable (main).

[Amos Jeffries]

Can anything be done to better streamline the import of this particular package 
from Debian to Ubuntu?
The content installed is non-executable and relatively volatile localization 
texts. The schedule Debian keeps is already on the outer border of slow for 
spreading corrections.

** Summary changed:

- Please sync squid-langpack 20091005-1 (main) from Debian testing (main).
+ Please sync squid-langpack 20090111-1 (main) from Debian unstable (main).

-- 
Please sync squid-langpack 20090111-1 (main) from Debian unstable (main).
https://bugs.launchpad.net/bugs/506328
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid-langpack in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 415410] Re: MIR for squid-langpack

[Amos Jeffries]

For the record:
  http://www.squid-cache.org/   menu link: Getting Squid - /Download/
  http://www.squid-cache.org/Download/ links: Official source code release - 
/Versions/
  http://www.squid-cache.org/Versions/  links: langpack - /Versions/langpack/

(was one clicks deeper off the versions pages, but now adjusted for
easier access)

-- 
MIR for squid-langpack
https://bugs.launchpad.net/bugs/415410
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid-langpack in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 115475] Re: tproxy support (iptables squid)

[Amos Jeffries]

TPROXY support has been integrated upstream in the upcoming Squid 3.1,
iptables 1.4.3, and kernel 2.6.28.

Keen testers are invited to locate the latest code for each of the three
and provide feedback on how it goes. Should now be a simple matter of
finding the right build options and configuration settings.

** Also affects: squid
   Importance: Undecided
   Status: New

** Changed in: squid3 (Ubuntu)
Sourcepackagename: squid = squid3
 Assignee: (unassigned) = Amos Jeffries (squid3)
   Status: Triaged = In Progress

-- 
tproxy support (iptables  squid)
https://bugs.launchpad.net/bugs/115475
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to squid in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs