RPM will be available in a couple tests.
The RPM includes all the ssl-bump helpers needed.
You will might want to take a look at:
http://wiki.squid-cache.org/Features/DynamicSslCert
Which gives you almost anything.
the only differnce is that the needed file is at lib64/squid
or something Else.
There is a need to disable SELINUX to let squid run fine.
http://www1.ngtech.co.il/rpm/centos/6/x86_64/
will be updated in the next hours.
Eliezer
On 07/11/2013 09:48 AM, Amos Jeffries wrote:
> The Squid HTTP Proxy team is very pleased to announce the availability
> of the Squid-3.3.7 release!
>
>
> This release is a security bug fix release resolving a vulnerability
> issue found in the prior Squid releases.
>
>
> The major changes to be aware of:
>
> * Buffer Overflow vulnerability fixed
>
> The security vulnerability SQUID-2013:2 is fixed by this release.
>
> This vulnerability was identified from active 0-day attacks affecting
> Squid-3.2 and later versions. Upgrade or patching of existing proxy
> installations is highly recommended.
>
> The underlying bug is preent in all Squid 2.0 and later but only
> exposed in 3.2 series. Patches are provided in the Advisory for all
> 3.x versions as a preventative measure for older versions.
>
>
> * Multiple SSL build issues resolved
>
> A better fix for bug 3759 which also incorporates a fix for bug 3297
> and several other unreported bugs has been added. These bugs are
> present with OpenSSL 1.0.0* versions on some Fedora, RHEL, CentOS
> and operating system distributions derived from them.
>
> They are visible as compile errors mentioning "const _STACK *",
> "const SSL_METHOD" and/or "sk_OPENSSL_PSTRING_value" when building
> against an affected OpenSSL library.
>
> Other compile errors may still exist. Please contribute to the
> existing bugzilla entries or report any new issues identified in this
> version.
>
>
>
> See the ChangeLog for the full list of changes in this and earlier
> releases.
>
>
> All users are urged to upgrade to this release as soon as possible.
>
>
> Please remember to run "squid -k parse" when testing upgrade to a new
> version of Squid. It will audit your configuration files and report
> any identifiable issues the new release will have in your installation
> before you "press go". We are still removing the infamous "Bungled
> Config" halting points and adding checks, so if something is not
> identified please report it.
>
>
>
> Please refer to the release notes at
> http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html
> when you are ready to make the switch to Squid-3.3
>
> Upgrade tip:
> "squid -k parse" is starting to display even more
> useful hints about squid.conf changes.
>
> This new release can be downloaded from our HTTP or FTP servers
>
> http://www.squid-cache.org/Versions/v3/3.3/
> ftp://ftp.squid-cache.org/pub/squid/
> ftp://ftp.squid-cache.org/pub/archive/3.3/
>
> or the mirrors. For a list of mirror sites see
>
> http://www.squid-cache.org/Download/http-mirrors.html
> http://www.squid-cache.org/Download/mirrors.html
>
> If you encounter any issues with this release please file a bug report.
> http://bugs.squid-cache.org/
>
>
> Amos Jeffries
>
Received on Fri Jul 12 2013 - 23:21:00 MDT
This archive was generated by hypermail 2.2.0 : Sat Jul 13 2013 - 12:00:05 MDT