[squid-users] Squid 3.1.7 is available

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 24 Aug 2010 19:39:04 +1200

The Squid HTTP Proxy team is very pleased to announce the
availability of the Squid-3.1.7 release!

This release fixes a number of bugs in the earlier Squid releases.

One regression introduced with 3.1.6 when contacting IPv4-only DNS
resolvers opens a small but exploitable DoS vulnerability. All users of
Squid-3.1.6 are urged to upgrade to this release as soon as possible.

Several HTTP/1.1 compliance bugs have been resolved. The most noticeable
of these is that Squid is now more correctly operating connection
keep-alive to clients.

  The fix for keep-alive has resolved several apparent bugs in NTLM and
Negotiate authentication and brought to light a compatibility issue with
the major modern browsers. The issue appears to end-users as multiple
browser popups if for any reason they need to supply new NTLM/Negotiate
credentials for a connection. The default if unset for NTLM and
Negotiate auth_param keep_alive has become OFF to avoid this.

The visible_hostname directive has been updated with several fixes to
avoid killing Squid when the machine hostname is mis-configured or
unavailable at startup. To retain consistency with existing
distributions practice the value of "localhost" is used in the event of
a lookup failure.

All users of Squid-3.1.6 are urged to upgrade to this release as soon as

Users of other Squid-3.1 and 3.0 are encouraged to upgrade at their
earliest convenience.

Please refer to the release notes at
if and when you are ready to make the switch to Squid-3.1

This new release can be downloaded from our HTTP or FTP servers


or the mirrors. For a list of mirror sites see


If you encounter any issues with this release please file a bug report.

Amos Jeffries
Received on Tue Aug 24 2010 - 07:39:13 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 24 2010 - 12:00:03 MDT