[squid-announce] Squid 3.5.5 is available

Fri Jun 5 22:06:18 UTC 2015

The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-3.5.5 release!

This release is a bug fix and stability release resolving several issues
found in the prior Squid releases.

The major changes to be aware of:

* Regression: comm_connect_addr on failures returns Comm:OK

This regression in IPv6/IPv4 failover was introduced by the fix for bug
4238 in Squid-3.5.4 due to incorrect use of the 'errno' system API.

The Squid use of this system API is now undergoing a full audit. Several
other patches included in this release have come about as a result. and
more will be coming in later releases. The other misuses largely appear
to be resulting in incorrect or confusing debug information (eg. Bug
4236: SSL negotiation error of 'success').

* Bug 3930: assertion 'connIsUsable(http->getConn())'

This bug appears when a perfect storm of conditions occur; Squid with
many asynchronous helpers and/or ICAP adaptation responding slowly, on
high speed networking is running at or near its maximum capacity of
traffic loading.

* Bug 4132: regression in short_icon_urls with global_internal_static

This regression in Squid-3.2 is user visible, but only as an annoyance.
When generating FTP directory listings or HTTPS error messages Squid
would incorrectly respond with an error page indicating the icon was not
available.

It is also related to the cache manager HTTPS access denial issues in
earlier releases. Although fixing this does not fully resolve those issues.

* Bug 4238: assertion Read.cc:205: "params.data == data"

This bug appears when Squid operates with a large number of idle server
connections. Occasionally it has to close them without an active request
signalling closure. Wrong close event sequencing resulted in this
unexpected state assertion.

* Fix missing external ACL helper notes

external ACL helper notes were only added onto the HTTP request that
kicked off the external ACL lookup, and not cached ACL responses.
Configurations that depend on external ACL helper notes during later
processing have not been behaving as expected.

* Multiple stability fixes

Alongside the above major issues a number of other issues including
assertions, incorrect traffic rejections, unnecessary resource
consumption, output messages, and default configuration settings have
been resolved in this release.

* HTTP/2 compatibility

HTTP/2 is now a published RFC standard. This releases documentation is
updated to reflect that and is mentioned in the ChangeLog. However it
should be noted that Squid-3.5 remains HTTP/1.1 software. All it
contains is compatibility logics to detect and properly reject or bypass
HTTP/2 messages.

 All users of Squid are urged to upgrade to this release as soon as
possible.

 See the ChangeLog for the full list of changes in this and earlier
 releases.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v3/3.5/RELEASENOTES.html
when you are ready to make the switch to Squid-3.5

Upgrade tip:
  "squid -k parse" is starting to display even more
   useful hints about squid.conf changes.

This new release can be downloaded from our HTTP or FTP servers

 http://www.squid-cache.org/Versions/v3/3.5/
 ftp://ftp.squid-cache.org/pub/squid/
 ftp://ftp.squid-cache.org/pub/archive/3.5/

or the mirrors. For a list of mirror sites see

 http://www.squid-cache.org/Download/http-mirrors.html
 http://www.squid-cache.org/Download/mirrors.html

If you encounter any issues with this release please file a bug report.
http://bugs.squid-cache.org/

Amos Jeffries