[squid-announce] Squid 4.0.16 beta is available

Amos Jeffries squid3 at treenet.co.nz
Mon Oct 31 03:07:05 UTC 2016 

The Squid HTTP Proxy team is very pleased to announce the availability
of the Squid-4.0.16 release!


This release is a bug fix and stability release resolving several issues
found in the prior Squid releases.


The major changes to be aware of:


* Regex ACL performance improvement

The code loading regex ACL data has been refactored. The result has been
a surprisingly large improvement in speed when loading configuration
files containing regex ACLs with many values.


* HTTP: initial support for Cache-Control:immutable

The 'immutable' Cache-Control value is a new experimental caching
control which allows servers to indicate certain responses are not going
to change during their freshness lifetime. It is an improved version the
refresh_pattern 'ignore-reload' option.

NP: the 'ignore-reload' option remains until this control is fully
standardised. It is expected to become increasingly useless as wider use
of 'immutable' grows amongst servers.


Some changes shared with the future 3.5.23 release are noteworthy:

* Bug #4627: fix generate-host-certificates default

The squid.conf documentation has for some time said that this feature
was enabled by default. That was incorrect for Squid-3 and previous
Squid-4 releases.

This release actually enables the certificate generator by default in
Squid-4.


* HTTP: support Vary:* caching

Under RFC 2616 responses containing "Vary: *" header were not cachable.
That requirement has been loosened by RFC 7231 and Squid is now able to
cache these responses.


* ssl::server_name ACL badly broken since inception

The original server_name code mishandled all SNI checks and some rare
host checks. This was most visible with the reports that the
ssl::server_name ACL tests would fail where the equivalent regex ACL
test would behave differently, usually by matching. Or in situations
where neither would match despite the value appearing to be available.


 All users of Squid-4.0.x with ACL type ssl::server_name or
ssl::server_name_regex should upgrade to this release and re-test for
desired SSL-Bump feature behaviour.

 All users of Squid-4.0.x are encouraged to upgrade to this release as
soon as possible.

 All users of Squid-3 are encouraged to test this release out and plan
for upgrades where possible.


 See the ChangeLog for the full list of changes in this and earlier
 releases.

Please refer to the release notes at
http://www.squid-cache.org/Versions/v4/RELEASENOTES.html
when you are ready to make the switch to Squid-4

This new release can be downloaded from our HTTP or FTP servers

 http://www.squid-cache.org/Versions/v4/
 ftp://ftp.squid-cache.org/pub/squid/
 ftp://ftp.squid-cache.org/pub/archive/4/

or the mirrors. For a list of mirror sites see

 http://www.squid-cache.org/Download/http-mirrors.html
 http://www.squid-cache.org/Download/mirrors.html

If you encounter any issues with this release please file a bug report.
http://bugs.squid-cache.org/


Amos Jeffries

More information about the squid-announce mailing list