The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.2.3 release!
This release is a security update and bug fix release resolving
several issues found in the prior releases.
Some major changes to be aware of:
* Squid handling of the Cache-Control header now follows HTTP/1.1.
Previous Squid versions were HTTP/1.0 compliant with extensions to
handle Cache-Control features within context of being an HTTP/1.0
proxy. Meaning Pragma: was given precedence and for historic reasons
Cache-Control:no-cache responses were not stored in the proxy cache.
This has now changed. With Squid-3.2 advertising HTTP/1.1 this
release now obeys RFC 2616 semantics for Cache-Control. In
particular:
- Traffic containing Cache-Control:no-cache MAY be stored for later
use and this release *will* cache them whenever possible.
- The Pragma header for HTTP/1.0 compatibiliy is now almost always
ignored.
- Authenticated responses are cached in a wider set of situations
where the response can be revalidated with the backend before
re-use.
NOTE: The refresh_pattern ignore-no-cache option is obsoleted by
this added feature support and several defects in the option which
made it violate HTTP have been resolved.
* Regression: SMP crashes on startup with multiple workers
A regression in the 3.2.2 release casued workers not to share memory.
Resulting in crashes and possibly other strange symptoms. This is now
corrected.
There are still several open bugs when operating with multiple SMP
workers and with ssl_crtd. So care and testing is still needed.
* Bug 3655: pinning failure breaking NTLM and Negotiate
A small regression in pinning earlier in 3.2 releases broke NTLM and
Negotiate connection re-use. Resulting in occasions where login would
be requested constantly or connections closed unexpectedly. This is
now corrected.
All users wanting SMP support are encouraged to upgrade to this
release as soon as possible.
All users making use of refresh_pattern ignore-* and override* options
are encouraged to upgrade to this release as soon as possible and to
re-evaluate whether you need any of those options.
All users with proxies handling Authenticated traffic are
encouraged to upgrade to this release.
Please remember to run "squid -k parse" when testing upgrade to a new
version of Squid. It will audit your configuration files and report
any identifiable issues the new release will have in your installation
before you "press go". We are still removing the infamous "Bungled
Config" halting points and adding checks, so if something is not
identified please report it.
See the ChangeLog for the full list of changes in this and earlier
releases.
All users of Squid-3.2 are encouraged to upgrade to this release as
time permits.
Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
when you are ready to make the switch to Squid-3.2
Upgrade tip:
"squid -k parse" is starting to display even more
useful hints about squid.conf changes.
This new release can be downloaded from our HTTP or FTP servers
http://www.squid-cache.org/Versions/v3/3.2/
ftp://ftp.squid-cache.org/pub/squid/
ftp://ftp.squid-cache.org/pub/archive/3.2/
or the mirrors. For a list of mirror sites see
http://www.squid-cache.org/Download/http-mirrors.html
http://www.squid-cache.org/Download/mirrors.html
If you encounter any issues with this release please
file a bug report.
http://bugs.squid-cache.org/
Amos Jeffries
Received on Sun Oct 21 2012 - 04:37:52 MDT
This archive was generated by hypermail 2.2.0 : Sun Oct 21 2012 - 12:00:09 MDT