squid-2.3.stable4-accel_only_access.patch
clientAccessCheck incorrectly returns ACCESS_ALLOWED for proxy requests
when configured as an HTTP accelerator only
squid-2.3.stable4-html_quoting.patch
Everywhere where Squid inserts text received from the network into a HTML
page (error pages, FTP listings, Gopher listings, ...) care must be taken
to ensure that the text is properly encoded as HTML, or a malicious user
might be able to insert script code or other HTML tags, and exploit the
web browser of any user visiting their page or clicking on that funny link
received in a email..
- NOTE: you can now override the dir used for cache/logs by using the
variable STATEDIR. i.e., "make STATEDIR=/alternate/dir package", and it
will be substituted into the INSTALL/DEINSTALL scripts.
- change MAINTAINER, ports@ -> brad@
- add 2 distribution patches;
squid-2.2.stable5-domain-match.patch
Matching a hostname and a domain name doesn't always work, depending on
leading dots and other edge conditions. Plus, the code for matching in
ACL's worked one way, while the code for matching 'cache_peer_domain' list
worked slighly different.
The patch below makes all host/domain matching operate the same way. It
also changes the rules a bit, so your current configuration probably will
not work the way you want after applying this patch.
- patch was included in the patches dir because of the difference in
relative path in comparison to all the other distribution patches.
squid-2.2.stable5-mkhttpdlogtime-end-of-year.patch = patch-ai
mkhttpdlogtime() generates a date string of the form 31/Dec/1999:23:59:59 +0900.
But when the year changes, the timezone offset will be wrong, for example:
01/Jan/2000:00:00:00 -1500.
