The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.5.22 release!
This release is a bug fix release resolving several issues found in the
prior Squid releases.
The major changes to be aware of:
* Bug #4471: revalidation doesn't work when expired cached object lacks
Historically Squid used only Last-Modified header value for evaluating
entry's last modification time while making an internal revalidation
requests. So, without Last-Modified it was not possible to correctly
fill the If-Modified-Since header value. Which would result in many
unnecessary MISS. This release now uses Date header to synthesize a
Last-Modified value if none is provided.
This change affects a binary difference in all cache objects stored.
* When upgrading, older cache content is handled automatically.
* When downgrading for any reason to an older version the cache will
need to be erased and rebuilt from empty to remove those new objects.
* Bug #4228: ./configure bug/typo
This bug caused Squid ./configure script to incorrectly fail to detect
missing but required Heimdal and GNU GSS Kerberos libraries. Squid would
build as if it were successful, then not provide the expected Kerberos
support and helpers.
* Bug #3819: "fd >= 0" assertion in file_write() during reconfiguration
This bug shows up as UFS code hitting assertions if it has to log
entries or rebuild swap.state during reconfiguration steps.
Asynchronous UFS cache_dirs such as diskd were the most exposed, but
even blocking UFS caching code could probably hit [rebuild] assertions.
The swap.state rebuilding (always initiated at startup) probably did not
work as intended if reconfiguration happened during the rebuild time
because reconfiguration closed the swap.state file being rebuilt.
Squid now protects that swap.state file and delays rebuilding progress
until reconfiguration is over. There may be other related issues still
* Bug #2833: Collapse internal revalidation requests
This feature extends Collapsed Forwarding to internal revalidation
requests. This implementation does not support Vary-controlled cache
objects and is limited to SMP-unaware caching environments, where each
Squid worker knows nothing about requests and caches handled by other
Prior to these changes, multiple concurrent HTTP requests for the same
stale cached object always resulted in multiple internal revalidation
requests sent by Squid to the origin server. Those internal requests
were likely to result in multiple competing Squid cache updates, causing
cache misses and/or more internal revalidation requests, negating
collapsed forwarding savings.
* Bug #4302 pt2: IPFilter v5 transparent interception
This bug showed up as NAT lookup failures or strange IP values being
returned when IPv6 traffic was intercepted using IPFilter.
* Fix logged request size (%http::>st) and other size-related %codes.
Squid was previously logging how many bytes it expected the size of HTTP
responses to be. Not the actual transferred sizes. On large aborted
objects it may be wildly wrong.
Also, the %http:: codes used in ICAP logs are related to the HTTP
message being delivered over ICAP, not the ICAP message.
All users of Squid-3 are encouraged to upgrade to this release as
soon as possible.
See the ChangeLog for the full list of changes in this and earlier
Please refer to the release notes at
when you are ready to make the switch to Squid-3.5
"squid -k parse" is starting to display even more
useful hints about squid.conf changes.
This new release can be downloaded from our HTTP or FTP servers
or the mirrors. For a list of mirror sites see
If you encounter any issues with this release please file a bug report.
squid-announce mailing list