-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-3.3.13 release!
This release is a security fix release resolving a major vulnerability found in the prior Squid releases. REMINDER: This and older releases are already deprecated by Squid-3.4 availablility. The major changes to be aware of: * CVE-2014-3609 : SQUID-2014:2 Denial of service in request processing http://www.squid-cache.org/Advisories/SQUID-2014_2.txt This vulnerability allows any client who is allowed to use the proxy to perform a denial of service attack on Squid. This issue is particularly impacting reverse-proxy installations. A simple squid.conf workaround is available for quick use and those unable to upgrade. See the Advisory notice for details. See the ChangeLog for the full list of changes in this and earlier releases. All users are urged to upgrade as soon as possible. Please remember to run "squid -k parse" when testing upgrade to a new version of Squid. It will audit your configuration files and report any identifiable issues the new release will have in your installation before you "press go". We are still removing the infamous "Bungled Config" halting points and adding checks, so if something is not identified please report it. Please refer to the release notes at http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html when you are ready to make the switch to Squid-3.3 Upgrade tip: "squid -k parse" is starting to display even more useful hints about squid.conf changes. This new release can be downloaded from our HTTP or FTP servers http://www.squid-cache.org/Versions/v3/3.3/ ftp://ftp.squid-cache.org/pub/squid/ ftp://ftp.squid-cache.org/pub/archive/3.3/ or the mirrors. For a list of mirror sites see http://www.squid-cache.org/Download/http-mirrors.html http://www.squid-cache.org/Download/mirrors.html If you encounter any issues with this release please file a bug report. http://bugs.squid-cache.org/ Amos Jeffries -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJT/gnhAAoJELJo5wb/XPRjxbQH/j8yDWmRKHoeEttXmci9vXUY 2HMUloJjC7AMDkMWM9CaPebwNsLeTQEmtoQ5DtnxhPZA/QcXCf+sjWQNv+Kyrpx8 f6psq3jMVXn+xgDHeDd1EvBa+a3XqYkRp7tKxz4IDsIGxfja5L7W39PGV6ErHlMa b4U674R7GJM9xLpj6sfeKWoW2xhv7620i7Zk8ZZVpYH/mwgxW7TRjYmev4YVnixC XG+f0ExseElc+fNvvc2bGsXKgQBAy1S1DjxnagQ+FrIEyT4R9nUge4YC6G0JPmbW 73XMx9blJp5jby7WgKD+YLufJbJAY4TdT6mETN4TwYecaoy/2vZJ/wxW/6TLLis= =kP6w -----END PGP SIGNATURE-----