Hello community,
here is the log from the commit of package squid for openSUSE:Factory checked in at 2017-01-31 12:48:35
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/squid (Old)
and /work/SRC/openSUSE:Factory/.squid.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "squid"
Changes:
--------
--- /work/SRC/openSUSE:Factory/squid/squid.changes 2016-10-13 11:32:43.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.squid.new/squid.changes 2017-02-03 20:02:19.965794852 +0100
@@ -1,0 +2,30 @@
+Mon Jan 30 09:33:08 UTC 2017 - adam.majer@suse.de
+
+- Update Squid to 3.5.24
+ * Mitigate DoS attacks that use client-initiated SSL/TLS
+ renegotiation. Rate limit TLS renegotiation.
+ * SSLv2 records force SslBump bumping despite a matching step2
+ peek rule.
+ * Update External ACL helpers error handling and caching
+ * Fix regression in 3.5.23 where `cache deny` rule was not
+ obeyed.
+
+-------------------------------------------------------------------
+Fri Jan 27 15:15:15 UTC 2017 - adam.majer@suse.de
+
+- Update Squid to 3.5.23
+ * Do not share private responses with collapsed client(s).
+ (CVE-2016-10003)
+ * Fixes incorrect processing of responses to If-None-Modified
+ HTTP conditional requests. (CVE-2016-10002)
+ * partially fix hostHeaderVerify failures MISS when they should
+ be HIT
+ * HTTP/1.1: Add registered codes entry for new 103 (Early Hints)
+ status code
+ * Hang on DNS query with dead-end CNAME
+ * partial: Fix segfault via Ftp::Client::readControlReply
+ * Fix ssl::server_name ACL - was badly broken since inception.
+ * HTTP/1.1: make Vary:* objects cacheable
+ * fix Strange IPv6 shown in access.log
+
+-------------------------------------------------------------------
Old:
----
squid-3.5.22.tar.xz
squid-3.5.22.tar.xz.asc
New:
----
squid-3.5.24.tar.xz
squid-3.5.24.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ squid.spec ++++++
--- /var/tmp/diff_new_pack.2RgrY7/_old 2017-02-03 20:02:21.093636103 +0100
+++ /var/tmp/diff_new_pack.2RgrY7/_new 2017-02-03 20:02:21.097635540 +0100
@@ -1,7 +1,7 @@
#
# spec file for package squid
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%define squidconfdir %{_sysconfdir}/squid
Name: squid
-Version: 3.5.22
+Version: 3.5.24
Release: 0
Summary: A fully featured HTTP/1.0 proxy
License: GPL-2.0+
++++++ squid-3.5.22.tar.xz -> squid-3.5.24.tar.xz ++++++
++++ 41830 lines of diff (skipped)
++++++ squid-3.5.22.tar.xz.asc -> squid-3.5.24.tar.xz.asc ++++++
--- /work/SRC/openSUSE:Factory/squid/squid-3.5.22.tar.xz.asc 2016-10-13 11:32:43.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.squid.new/squid-3.5.24.tar.xz.asc 2017-02-03 20:02:19.925800481 +0100
@@ -1,19 +1,20 @@
-File: squid-3.5.22.tar.xz
-Date: Sun Oct 9 23:43:33 UTC 2016
-Size: 2324164
-MD5 : afb82d2748c06c95815c171463b4aa14
-SHA1: 73e9199dd9d2a7f107f78d03454830713a4a571d
+File: squid-3.5.24.tar.xz
+Date: Sat Jan 28 08:22:04 UTC 2017
+Size: 2326424
+MD5 : 3fae511e16b6379b61c011914673973d
+SHA1: f203637783301a4b86e554b6dd226de721762ae5
Key : 0xFF5CF463