* New upstream version. (LP: #2013423):
- Fix FATAL FwdState::noteDestinationsEnd exception. (LP: #1975399)
- Fix regression that made the default value for the esi_parser
configuration directive behave differently from its documented behavior.
It now correctly uses libxml2 if available and falls back to libexpat
otherwise.
- Fix unexpected dispatch of client CA certificates to https_port clients
when OpenSSL SSL_MODE_NO_AUTO_CHAIN mode is on.
- Add OpenSSL 3.0 support for features that were already supported by
squid. No new OpenSSL 3.0 feature support added at this time.
- The configuration directive ssl_engine is no longer recognized. Since
this option is not implemented for the OpenSSL 3 used in Ubuntu 22.04
LTS, this is not a functional regression. Now, instead of failing with
"FATAL: Your OpenSSL has no SSL engine support", it fails with "FATAL:
bad configuration: Cannot use ssl_engine in Squid built with OpenSSL 3.0
or newer".
- For a comprehensive list of changes, please see http://www.squid-cache.org/Versions/v5/ChangeLog.html.
* d/p/close-tunnel-if-to-server-conn-closes-after-client.patch: remove
upstreamed patch.
[ Fixed in 5.4 ]
* d/p/0004-Change-default-Makefiles-for-debian.patch: remove upstreamed
patch.
[ Fixed in 5.5 ]
* d/p/CVE-2021-46784.patch: remove upstreamed patch.
[ Fixed in 5.6 ]
* d/p/CVE-2022-41317.patch: drop patch to fix typo in manager ACL.
[ Fixed in 5.7 ]
* d/p/CVE-2022-41318.patch: drop patch to fix NTLM decoder truncated strings.
[ Fixed in 5.7 ]
* d/p/openssl3-*.patch: drop downstream OpenSSL 3 support patch.
[ Fixed in 5.7 ]
* d/p/99-ubuntu-ssl-cert-snakeoil.patch: refresh patch.
squid (5.2-1ubuntu4.4) jammy; urgency=medium
* Make builds fail when upstream test suite fails (LP: #2004050):
- d/p/series: do not rely on installed binaries for build time tests.
- d/rules: halt build upon test failures.
- d/rules: do not include additional configuration files during
build time tests. This would lead to test failures due to missing
paths.
- d/t/upstream-test-suite: use installed squid binary for
autopkgtest config file checks.
This bug was fixed in the package squid - 5.7-0ubuntu0. 22.04.1
--------------- 22.04.1) jammy; urgency=medium
squid (5.7-0ubuntu0.
* New upstream version. (LP: #2013423): :noteDestinatio nsEnd exception. (LP: #1975399) NO_AUTO_ CHAIN mode is on. www.squid- cache.org/ Versions/ v5/ChangeLog. html. tunnel- if-to-server- conn-closes- after-client. patch: remove Change- default- Makefiles- for-debian. patch: remove upstreamed 2021-46784. patch: remove upstreamed patch. 2022-41317. patch: drop patch to fix typo in manager ACL. 2022-41318. patch: drop patch to fix NTLM decoder truncated strings. *.patch: drop downstream OpenSSL 3 support patch. ubuntu- ssl-cert- snakeoil. patch: refresh patch.
- Fix FATAL FwdState:
- Fix regression that made the default value for the esi_parser
configuration directive behave differently from its documented behavior.
It now correctly uses libxml2 if available and falls back to libexpat
otherwise.
- Fix unexpected dispatch of client CA certificates to https_port clients
when OpenSSL SSL_MODE_
- Add OpenSSL 3.0 support for features that were already supported by
squid. No new OpenSSL 3.0 feature support added at this time.
- The configuration directive ssl_engine is no longer recognized. Since
this option is not implemented for the OpenSSL 3 used in Ubuntu 22.04
LTS, this is not a functional regression. Now, instead of failing with
"FATAL: Your OpenSSL has no SSL engine support", it fails with "FATAL:
bad configuration: Cannot use ssl_engine in Squid built with OpenSSL 3.0
or newer".
- For a comprehensive list of changes, please see
http://
* d/p/close-
upstreamed patch.
[ Fixed in 5.4 ]
* d/p/0004-
patch.
[ Fixed in 5.5 ]
* d/p/CVE-
[ Fixed in 5.6 ]
* d/p/CVE-
[ Fixed in 5.7 ]
* d/p/CVE-
[ Fixed in 5.7 ]
* d/p/openssl3-
[ Fixed in 5.7 ]
* d/p/99-
squid (5.2-1ubuntu4.4) jammy; urgency=medium
* Make builds fail when upstream test suite fails (LP: #2004050): test-suite: use installed squid binary for
- d/p/series: do not rely on installed binaries for build time tests.
- d/rules: halt build upon test failures.
- d/rules: do not include additional configuration files during
build time tests. This would lead to test failures due to missing
paths.
- d/t/upstream-
autopkgtest config file checks.
-- Athos Ribeiro <email address hidden> Thu, 30 Mar 2023 17:06:59 -0300