squid3 (3.5.23-5+deb8u7) jessie-security; urgency=high

  * Non-maintainer upload by the ELTS team.
  * Fix CVE-2023-50269, CVE-2023-49286, CVE-2023-49285, CVE-2023-46847,
    CVE-2024-23638.
  * Several security vulnerabilities have been discovered in Squid, a full
    featured web proxy cache. Due to programming errors in Squid's HTTP request
    parsing, remote attackers may be able to execute a denial of service attack
    by sending large X-Forwarded-For header or trigger a stack buffer overflow
    while performing HTTP Digest authentication. Other issues facilitate a
    denial of service attack against Squid's Helper process management.
    In regard to CVE-2023-46728: Please note that support for the Gopher
    protocol has simply been removed in future Squid versions. There is no fix
    available. We recommend to reject all gopher URL requests instead.

 -- Markus Koschany <apo@debian.org>  Tue, 30 Jan 2024 22:38:42 +0100

squid3 (3.5.23-5+deb8u6) jessie; urgency=medium

  * Non-maintainer upload by the Debian ELTS Team.
  * CVE-2022-41317: Exposure of Sensitive Information in Cache Manager
  * CVE-2022-41318: Buffer Over Read in SSPI and SMB Authentication

 -- Abhijith PA <abhijith@debian.org>  Thu, 03 Nov 2022 12:30:04 +0530

squid3 (3.5.23-5+deb8u5) jessie; urgency=high

  * Non-maintainer upload by the ELTS Security Team.
  * CVE-2021-28116: Squid through 4.14 and 5.x through 5.0.5, in some
    configurations, allows information disclosure because of an out-of-bounds
    read in WCCP protocol data. This can be leveraged as part of a chain for
    remote code execution as nobody. (Closes: #986804)
  * CVE-2021-46784: In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x
    before 5.6, due to improper buffer management, a Denial of Service can
    occur when processing long Gopher server responses.

 -- Chris Lamb <lamby@debian.org>  Mon, 08 Aug 2022 07:41:27 -0700

squid3 (3.5.23-5+deb8u4) jessie-security; urgency=high

  * Non-maintainer upload by the ELTS Security Team.
  * CVE-2021-28651: Denial of Service in URN processing.
  * CVE-2021-28652: Denial of Service issue in Cache Manager.
  * CVE-2021-31806,CVE-2021-31807,CVE-2021-31808:
    Multiple Issues in HTTP Range header.
  * CVE-2021-33620: Denial of Service in HTTP Response processing.

 -- Sylvain Beucler <beuc@debian.org>  Tue, 08 Jun 2021 20:13:08 +0200

squid3 (3.5.23-5+deb8u3) jessie-security; urgency=high

  * Non-maintainer upload by the ELTS team.
  * Fix HTTP Request Smuggling (Fixes: CVE-2020-25097) (Closes: # 985068)
    - Due to improper input validation Squid is vulnerable to an HTTP
      Request Smuggling attack.

 -- Utkarsh Gupta <utkarsh@debian.org>  Fri, 19 Mar 2021 01:17:41 +0530

squid3 (3.5.23-5+deb8u2) jessie-security; urgency=high

  * Non-maintainer upload by the ELTS team.
  * Fix CVE-2020-15049:
    An issue was discovered in http/ContentLengthInterpreter.cc in Squid. A
    Request Smuggling and Poisoning attack can succeed against the HTTP cache.
    The client sends an HTTP request with a Content-Length header containing
    "+\ "-" or an uncommon shell whitespace character prefix to the length
    field-value.
    This update also includes several other improvements to the HttpHeader
    parsing code.
  * Fix CVE-2020-15810 and CVE-2020-15811:
    Due to incorrect data validation, HTTP Request Smuggling attacks may
    succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This
    allows any client, including browser scripts, to bypass local security and
    poison the proxy cache and any downstream caches with content from an
    arbitrary source. When configured for relaxed header parsing (the default),
    Squid relays headers containing whitespace characters to upstream servers.
    When this occurs as a prefix to a Content-Length header, the frame length
    specified will be ignored by Squid (allowing for a conflicting length to be
    used from another Content-Length header) but relayed upstream.
  * Fix CVE-2020-24606:
    Squid before allows a trusted peer to perform Denial of Service by
    consuming all available CPU cycles during handling of a crafted Cache
    Digest response message. This only occurs when cache_peer is used with the
    cache digests feature. The problem exists because peerDigestHandleReply()
    livelocking in peer_digest.cc mishandles EOF.

 -- Markus Koschany <apo@debian.org>  Thu, 08 Oct 2020 21:22:22 +0200

squid3 (3.5.23-5+deb8u1) jessie-security; urgency=high

  * Non-maintainer upload by the ELTS team.
  * Fix CVE-2018-19132, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521,
    CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526,
    CVE-2019-12528, CVE-2019-12529, CVE-2019-13345, CVE-2019-18676,
    CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860,
    CVE-2020-11945, CVE-2020-8449 and CVE-2020-8450.
    Several security vulnerabilites were discovered in squid3.
    Due to incorrect input validation and URL request handling it was possible
    to bypass access restrictions which allowed access to restricted HTTP
    servers and to cause a denial-of-service.

 -- Markus Koschany <apo@debian.org>  Thu, 27 Aug 2020 18:02:26 +0200

squid3 (3.5.23-5+deb9u3) stretch-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix regression when parsing icap and ecap protocols. Do not return
    PROTO_NONE anymore and prevent an assertion. (Closes: #965012)
  * Improve patch for CVE-2019-12529 and replace more base64 code with code
    from Nettle's crypto library.
  * Enable the test suite by default now. Fix test failures.

 -- Markus Koschany <apo@debian.org>  Sat, 08 Aug 2020 20:51:51 +0200

squid3 (3.5.23-5+deb9u2) stretch-security; urgency=medium

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2018-19132, CVE-2019-12519, CVE-2019-12520, CVE-2019-12521,
    CVE-2019-12523, CVE-2019-12524, CVE-2019-12525, CVE-2019-12526,
    CVE-2019-12528, CVE-2019-12529, CVE-2019-13345, CVE-2019-18676,
    CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860,
    CVE-2020-11945, CVE-2020-8449 and CVE-2020-8450.
    Several security vulnerabilites were discovered in squid3.
    Due to incorrect input validation and URL request handling it was possible
    to bypass access restrictions which allowed access to restricted HTTP
    servers and to cause a denial-of-service.

 -- Markus Koschany <apo@debian.org>  Fri, 10 Jul 2020 21:58:09 +0200

squid3 (3.5.23-5+deb9u1) stretch-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * ESI: make sure endofName never exceeds tagEnd (CVE-2018-1000024)
    (Closes: #888719)
  * Fix indirect IP logging for transactions without a client connection
    (CVE-2018-1000027) (Closes: #888720)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sun, 11 Feb 2018 22:00:18 +0100

squid3 (3.5.23-5) unstable; urgency=medium

  * Reload squid so that it uses modified config, not default one.

 -- Santiago Garcia Mantinan <manty@debian.org>  Sat, 03 Jun 2017 00:36:55 +0200

squid3 (3.5.23-4) unstable; urgency=medium

  [ Andreas Beckmann <anbe@debian.org> ]
  * debian/squid.postinst
    - Fix another upgrade edge case from 2.7 default install (Closes: #801564)

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * debian/squid.logrotate
    - Add missing piece of fix for sarg daily reports (LP: #1414754)

 -- Santiago Garcia Mantinan <manty@debian.org>  Fri, 02 Jun 2017 00:19:55 +0200

squid3 (3.5.23-3) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * debian/squid.preinst
    - Fix upgrade sequence from jesse squid3 package (Closes: #858556)

  [ Santiago Garcia Mantinan <manty@debian.org> ]
  * debian/squid.{preinst,postinst,postrm}
    - Fix problems with empty squid3 dir and squid 2.7 installed
      (use the right logic with better checks).
    - Avoid install abortion by stopping squid3 only when it runs.

  [ Eric Veiras Galisson <bugs@sietch-tabr.com> ]
  * debian/squid.rc
    - Fix returncode is wrong with conf file with errors (Closes: #857137)

 -- Santiago Garcia Mantinan <manty@debian.org>  Sat, 08 Apr 2017 02:52:28 +0200

squid3 (3.5.23-2) unstable; urgency=medium

  [ Santiago Garcia Mantinan <manty@debian.org> ]
  * debian/squid.{preinst,postinst,postrm}
    - Fix upgrade sequence from 2.7 packages (Closes: #801564)

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * debian/control
    - Relax dependency between squid and squid-common packages (Closes: #399489)
    - Add squidclient Recommends on ssl-cert

  [ Robie Basak <robie.basak@canonical.com> ]
  * debian/control
    - Add missing pre-depends on adduser
    - Add Vcs-Browser URL

 -- Santiago Garcia Mantinan <manty@debian.org>  Sun, 19 Mar 2017 23:23:57 +0100

squid3 (3.5.23-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release (Closes: #793473, #822952)
    - Fixes security issue SQUID-2016:10 (CVE-2016-10003) (Closes: #848491)
    - Fixes security issue SQUID-2016:11 (CVE-2016-10002) (Closes: #848493)

  * debian/patches/
    - Remove patch included upstream

  * debian/tests/
    - Use package build-deps when testing so the make commands will work

 -- Luigi Gangitano <luigi@debian.org>  Sun, 18 Dec 2016 23:39:24 +0200

squid3 (3.5.22-1) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release

  * debian/patches
    - Add upstream patch to fix adaptation crashes

  * debian/{control, rules, squid.postinst}
    - Accept patch to remove setuid from pinger (Closes: #822992)

  [ Luigi Gangitano ]
  * debian/compat
    - Bump to debhelper compatibility level 10

  * debian/{control,tests/}
    - Add DEP-8 autopkgtest for upstream test suite, thanks to
      Santiago Ruano Rincan (Closes: #829141)

  * debian/rules
    - Avoid linking with unneeded libraries, thanks to Yuriy M. Kaminskiyi
      (Closes: #822998)

 -- Luigi Gangitano <luigi@debian.org>  Sat, 29 Oct 2016 23:13:00 +0200

squid3 (3.5.19-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release (Closes: #823968)
    - Fixes security issue SQUID-2016:7 (CVE-2016-4553)
    - Fixes security issue SQUID-2016:8 (CVE-2016-4554)
    - Fixes security issue SQUID-2016:9 (CVE-2016-4555, CVE-2016-4556)

  * debian/control
    - Bumped Standards-Version to 3.9.8, no change needed

  * debian/rules
    - Send hardening CPPFLAGS to custom build tools

 -- Luigi Gangitano <luigi@debian.org>  Tue, 10 May 2016 23:43:00 +0200

squid3 (3.5.17-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
    - Fixes security issue SQUID-2016:5 (CVE-2016-4051)
    - Fixes security issue SQUID-2016:6 (CVE-2016-4052, CVE-2016-4053,
      CVE-2016-4054)

 -- Luigi Gangitano <luigi@debian.org>  Fri, 22 Apr 2016 14:43:00 +0200

squid3 (3.5.16-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
    - Fixes security issue SQUID-2016:3 (CVE-2016-3947) (Closes: #819783)
    - Fixes security issue SQUID-2016:4 (CVE-2016-3948) (Closes: #819784)

  * debian/patches/
    - Remove patch included upstream

 -- Luigi Gangitano <luigi@debian.org>  Sun, 03 Apr 2016 19:57:00 +0200

squid3 (3.5.15-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release
    - Fixes security issues SQUID-2016:2
      (CVE-2016-2569, CVE-2016-2570, CVE-2016-2571)
      (Closes: #816011)

  * debian/patches/03-upstream-bug4447.patch
    - add upstream patch for their bug #4447

  [ Robie Basak <robie.basak@canonical.com> ]
  * debian/control
    - Add lsb-release build dep. This is required for the --enable-build-info
      line in debian/rules to work correctly.

  * debian/squid.logrotate
    - Run sarg-reports if present before rotating logs.

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Bumped Standards-Version to 3.9.7, no change needed

 -- Luigi Gangitano <luigi@debian.org>  Tue, 01 Mar 2016 19:39:00 +0100

squid3 (3.5.14-1) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release (Closes: #812038)

  * debian/control
    - add Depends libdbi-perl (Closes: #807512)
    - Fixed lintian complaint about squid3 package description
    - Fixed Vcs-Git Header pointing anonscm.debian.org

  * debian/rules
    - build ext_time_quota_acl helper (LP: #1391159)

  * debian/squid.install
    - add missing helper man pages

 -- Luigi Gangitano <luigi@debian.org>  Tue, 16 Feb 2016 23:14:00 +0100

squid3 (3.5.12-1) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release

  * debian/squid.postinst
    - remove unneeded config edits for manager ACL (Closes: #801564)

  * debian/patches/
    - add upstream patch to cleanup FATAL log messages

  [ Mathieu Parent ]
  * Fix FATAL parsing before start/reload/restart (Closes: #800341)
  * Set pidfile for systemd's sysv-generator (Closes: #800341)

 -- Luigi Gangitano <luigi@debian.org>  Wed, 09 Dec 2015 19:03:47 +0100

squid3 (3.5.10-1) unstable; urgency=high

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New Upstream Release (Closes: #799923, #800876)

  * debian/squid.rc
    - Grok pid_filename from squid.conf (Closes: #520736)
    - Update SELinux context when creating directories (Closes: #798827)

  [ Luigi Gangitano <luigi@debian.org> ]
    - Urgency high due to regression fix for CVE-2015-5400.

 -- Luigi Gangitano <luigi@debian.org>  Mon, 05 Oct 2015 23:28:00 +0200

squid3 (3.5.7-1) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New upstream release (Closes: #789602, #793400, #253777)

  * debian/rules
    - Add BUILDCXXFLAGS to use hardening flags during build

  * debian/squid.links
    - Add symlink for squid3.8 man(8) page to resolve lintian issue

  * debian/squid.postinst
    - Remove unnecessary 'squid -z' (Closes: #794639)

  [ Luigi Gangitano <luigi@debian.org> ]
  * Rebuild using GCC-5 (Closes: #794536)

  * debian/squid.postinst
    - Check for squid3 initscript before we try to execute it

  * debian/squid.rc
    - Set working directory to /var/run/squid

 -- Luigi Gangitano <luigi@debian.org>  Thu,  6 Aug 2015 01:14:00 +0200

squid3 (3.5.6-1) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New upstream release (Closes: #760303)
    - Fixed upstream macro issue that fail to pass reproducible builds test
    - Fixes CVE-2015-5400: Improper Protection of Alternate Path
      (Closes: #793128)

  * Removed deprecated MSNT and MSNT-multi-domain authentication helpers

  * Transition squid3 to squid
    - Renamed squid3 package to squid (Closes: #521053, #565555, #672156)
      (Closes: #294431, #569575, #714334, #279840, #576423, #779127)
    - Renamed squid3-common package to squid-common
    - Renamed squid3-dbg package to squid-dbg
    - Add dummy transitional package squid3

  * debian/patches/
    - Removed patches included upstream and refresh others

  * debian/squid3-cgi.dirs
    - Removed old unused packaging file

  * debian/control
    - Add dependency on libgnutls28-dev for squidclient HTTPS support

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/control
    - Changed dependency on libecap3-dev (Closes: #789774)
    - Made squid-common conflict and replace squid3-common
    - Fixed dependencies and sections of transitional packages

  * {NEWS,README}.Debian
    - Added information on package name migration

 -- Luigi Gangitano <luigi@debian.org>  Wed, 22 Jul 2015 23:24:00 +0200

squid3 (3.4.8-6) unstable; urgency=medium

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/patches/31-squid-3.4-13199.patch
    - Added upstream patch fixing excessive CPU usage (Closes: #776461)

  * debian/patches/32-squid-3.4-13210.patch
    - Added upstream patch fixing excessive CPU and memory usage in 
      NTLM and Negotiate authentication helpers (Closes: #776463) 

  * debian/patches/33-squid-3.4-13211.patch
    - Added upstream patch fixing a possible replay vulnerability on Digest
      authentication (Closes: #776464)

  * debian/patches/34-squid-3.4-13213.patch
    - Added upstream patch fixing incorrect security permissions for
      TOS/DiffServ packet marking (Closes: #776468)

  * debian/patches/35-squid-3.4-13203.patch 
    - Added upstream patch fixing squidclient unable to connect to host with
      both IPv4 and IPv6 addresses (Closes: #742425)

 -- Luigi Gangitano <luigi@debian.org>  Wed, 28 Jan 2015 12:34:42 +0100

squid3 (3.4.8-5) unstable; urgency=medium

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/squid3.{pre,post}inst
    - Moved ACL manager fix to postinst (Closes: #773032)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 16 Dec 2014 13:43:03 +0100

squid3 (3.4.8-4) unstable; urgency=medium

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/squid3.preinst
    - Revert changes on abort-upgrade 

 -- Luigi Gangitano <luigi@debian.org>  Fri, 05 Dec 2014 10:44:02 +0100

squid3 (3.4.8-3) unstable; urgency=medium

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * debian/squid3.preinst
    - Remove obsolete manager ACL definition from squid.conf
      when upgrading squid3 package (Closes: #768170)


  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/squid3.preinst
    - Fix configuration file only if needed and match any uncommented line

 -- Luigi Gangitano <luigi@debian.org>  Fri,  5 Dec 2014 01:27:51 +0100

squid3 (3.4.8-2) unstable; urgency=medium

  [ Santiago Garcia Mantinan <manty@debian.org> ]
  * Add patch to remove bashisms from cert_tool
  * Add manual page for squid-purge
  * Create run_dir needed for SMP with several workers to run. This
    fixes #710126 (Closes: #732183, #760400)
  * Use CONFIG instead of sq (Closes: #763867)
  * Remove find_cache_type and use grepconf (both functions were =).
  * Allow find_cache_dir and grepconf to have whitespace in the beginning
    (Closes: #761209)
  * Add config check before reload/restart, thanks Freddy (Closes: #728222)

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * debian/squid3.postinst
    - update grepconf to support SMP macros and sub-config files
      when locating cache_dir and effective user/group

  * debian/squid3.rc
    - remove special handling for obsolete COSS cache type
    - change grepconf to support SMP macros and sub-config files

  * debian/rules
    - add distribution details to squid -v display output
      this obsoletes the Ubuntu fix-distribution.patch

  * debian/control
    - bumped libecap dependency version to 0.2.0-2

  * debian/squid3.resolvconf
    - added check on /usr availability before squid3 restart (Closes: #765476)

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/squid3.rc
    - Change config check to config parse on start/reload/restart

  * debian/control
    - Fixed XS-Vcs-Git Header pointing anonscm.debian.org

 -- Luigi Gangitano <luigi@debian.org>  Wed, 29 Oct 2014 15:50:51 +0100

squid3 (3.4.8-1) unstable; urgency=high
 
  * Urgency high due to security fixes

  [ Amos Jeffries <amosjeffries@squid-cache.org> ]
  * New upstream release (Closes: #737008)
    - Fixes CVE-2014-6270: off by one in snmp subsystem (Closes: #761002)
    - Fixes CVE-2014-CVE-2014-7141 and CVE-214-7142 (Closes: #760999)
      + pinger remote DoS vulnerabilities
    - Fixes CVE-2014-0128: Denial of Service in SSL-Bump (Closes: #741312)

  * debian/patches/
    - remove CVE-2014-3609.patch included upstream
    - remove 17-pod2man-check.patch obsoleted by new version
    - add upstream patch 21-squid-3.4-13176-memoryleak.patch:
      memory leak in external_acl_type helper with cache=0 or ttl=0

  * debian/rules
    - add --disable-arch-native to build with portable CPU support

  * debian/control
    - libecap API support is specific to version 0.2.0
    - use nettle for crypto library

  * debian/watch
    - updated watch pattern for upstream major series

  * debian/rules
    - Remove obsolete --enable-underscores (Closes: #693905)

  [ Luigi Gangitano <luigi@debian.org> ]
  * debian/patches/
    - refreshed all patches to match 3.4.8

  * debian/control
    - Added dependency for missing intepreter ksh
    - Bumped Standard-Version to 3.9.6, no change needed
    - Added XS-Vcs-Git Header pointing to Alioth repository

 -- Luigi Gangitano <luigi@debian.org>  Fri, 17 Oct 2014 00:10:00 +1300

squid3 (3.3.8-1.2) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Add CVE-2014-3609.patch patch.
    CVE-2014-3609: Denial of Service in Range header processing.
    Ignore Range headers with unidentifiable byte-range values. If squid is
    unable to determine the byte value for ranges, treat the header as
    invalid. (Closes: #759509)

 -- Salvatore Bonaccorso <carnil@debian.org>  Thu, 28 Aug 2014 18:03:47 +0200

squid3 (3.3.8-1.1) unstable; urgency=low

  * Non-maintainer upload.
  * Fix "FTBFS: cp: cannot stat
    '/«PKGBUILDDIR»/debian/tmp/usr/share/man/man8/basic_db_auth.8': No
    such file or directory":
    new patch 17-pod2man-check.patch:
    fix config.test files' check for perl and pod2man
    (Closes: #725599)

 -- gregor herrmann <gregoa@debian.org>  Sat, 23 Nov 2013 21:05:10 +0100

squid3 (3.3.8-1) unstable; urgency=high

  * Urgency high due to security fixes

  * New upstream release
    - Fixes security issues (Closes: #716743)
      + Buffer overflow in HTTP request handling (Ref: SQUID-2013:2,
        CVE-2013-4115)
      + DoS in request processing (Ref: SQUID-2013:3, CVE-2013-4123)
    - Includes PNG image used in error pages, with new copyright assignement
      (Closes: #683255)

  * Added /var/run/squid3 dir to host sockets in SMP configuration
    (Closes: #710126)

  * debian/control
    - Bumped Standard-Version to 3.9.4, no change needed

 -- Luigi Gangitano <luigi@debian.org>  Sun, 21 Jul 2013 18:28:36 +0200

squid3 (3.3.4-1) unstable; urgency=low

  * New upstream release
    - Added support for SHA passwords in ncsa_auth (Closes: #652010)

  * debian/squid3.lintian-overrides
    - Added override for pinger setuid bin

  * debian/watch
    - Fixed pattern to skip the last dot

  * debian/rules
    - Removed reference to cppunit-basedir

 -- Luigi Gangitano <luigi@debian.org>  Mon, 06 May 2013 16:46:33 +0200

squid3 (3.3.3-2) unstable; urgency=low

  I would like to thank Amos Jeffries <squid3@treenet.co.nz> for his help
  with this release.

  * debian/control
    - Added Build-Depend on pkg-config to solve FTBFS when ecap is enabled
      (Closes: #706025)
    - Fixed package descriptions
    - Added Build-Depend on libnetfilter-conntrack-dev
    - Added Suggests on winbindd for NTLM authentication

  * debian/patches/01-cf.data.debian.patch
    - Removed change to visible_hostname defaut value (Closes: #705983)
    - Fixed path of ntlm_auth helper in example

  * debian/rules
    - Removed --enable-arp-acl options obsoleted by --enable-eui
    - Fixed FTBFS on hurd due to missing netfilter support
    - Enabled Rock store type support
    - Added SETUID bit to pinger program

  * debian/watch
    - Fixed pattern to match all the released versions of 3.3 

 -- Luigi Gangitano <luigi@debian.org>  Tue, 23 Apr 2013 15:38:39 +0200

squid3 (3.3.3-1) unstable; urgency=low

  * New upstream release (Closes: #694633, #701799, #702540)
    - Removed upstream patches
      + debian/patches/20-ipv6-fix
      + debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
      + debian/patches/fix-701123-regression-in-cachemgr.patch
    - Includes upstream fix for CVE-2009-0801 (Closes: #521052)
    - Includes upstream fix for rejection of benign request containing variants
      of double CR (Closes: #669148)

  * debian/control
    - Added dependency on libecap2-dev
    - Added squid-purge package

  * debian/source
    - Enabled ECAP support
    - Fixed configure invocation to match new syntax
    - Removed unneeded rename of helper man pages
    - Fixed list of helpers to build, adding fake agents (Closes: #644280)
      and negotiate wrapper (Closes: #656304)

  * debian/watch
    - Updated for 3.3

  * debian/squid3.logrotate
    - Added check for existing binary in logrotate script (Closes: #703954)

 -- Luigi Gangitano <luigi@debian.org>  Sun, 21 Apr 2013 23:51:11 +0200

squid3 (3.1.20-2.2) unstable; urgency=low

  * Non-maintainer upload.
  * Add fix-701123-regression-in-cachemgr.patch patch.
    Fix missing bits in the fix for CVE-2012-5643 and CVE-2013-0189 causing
    cachemgr.cgi crashing when authentication credentials are supplied.
    Thanks to Amos Jeffries <amos@treenet.co.nz> (Closes: #701123)

 -- Salvatore Bonaccorso <carnil@debian.org>  Sat, 23 Feb 2013 13:44:48 +0100

squid3 (3.1.20-2.1) unstable; urgency=high

  * Non-maintainer upload

  * Urgency high due to security fixes

  * debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch
    - Added upstream fix for squid-cgi (cachemgr) memory leaks and denial of
      service vulnerability (Closes: #696187)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 05 Feb 2013 23:16:27 +0100

squid3 (3.1.20-2) unstable; urgency=low

  * debian/patches/20-ipv6-fix
    - Added upstream fix for squid not working when IPv6 is not loaded
      (Closes: #660489)

 -- Luigi Gangitano <luigi@debian.org>  Thu, 06 Dec 2012 20:02:56 +0100

squid3 (3.1.20-1) unstable; urgency=low

  * New upstream release

  * debian/control
    - Bumped Standard-Version to 3.9.3, no change needed
    - Added missing dependency on dpkg-dev (>= 1.16.1~)

  * debian/rules
    - Enabled hardening options (Closes: #669684)

  * debian/patches/01-cf.data.debian.patch
    - Fixed minor typos in configuration file (Closes: #670832, #673350)

 -- Luigi Gangitano <luigi@debian.org>  Mon, 18 Jun 2012 14:20:53 +0200

squid3 (3.1.19-1) unstable; urgency=low

  * New upstream release
    - Removed patch integrated upstream
      + 19-adaptation-compile

  * debian/rules
    - Enabled WCCPv2 support (Closes: #654877)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 07 Feb 2012 16:19:12 +0100

squid3 (3.1.18-1) unstable; urgency=low

  * New upstream release

  * debian/patches/19-adaptation-compile.patch
    - Added upstream patch to fix compile failure

 -- Luigi Gangitano <luigi@debian.org>  Mon, 26 Dec 2011 22:04:28 +0100

squid3 (3.1.16-1) unstable; urgency=low

  * New upstream release

  * Changed source format to 3.0 (quilt)

  * debian/squid3.rc
    - Added LSB compliant option to init script (Closes: #645780)
      Thanks to Fredrik Eriksson

 -- Luigi Gangitano <luigi@debian.org>  Thu,  3 Nov 2011 13:37:17 +0100

squid3 (3.1.15-1) unstable; urgency=high

  * Urgency high due to security fixes

  * New upstream release
    - Fixes DoS issue in Gopher client (Closes: #639755)
      (Ref: CVE-2011-3205, SQUID-2011:3)

  * debian/control
    - Removed hardcoded list of non-Linux architectures (Closes: #634765)

 -- Luigi Gangitano <luigi@debian.org>  Fri, 02 Sep 2011 13:33:41 +0200

squid3 (3.1.14-1) unstable; urgency=low

  * New upstream release
    - Fixes FTBFS with GCC 4.6 (Closes: #625405)
    - Fixes issue with IPv4/IPv6 DNS resolution (Closes: #604566)
    - Fixes issue with IPv6 resolution in access.log (Closes: #604832)

  * debian/control
    - Bumped Standard-Version to 3.9.2, no change needed

  * debian/squid.rc
    - Fixed init script preventing alterate cache dir from being created
      (Closes: #623935)

 -- Luigi Gangitano <luigi@debian.org>  Sat, 09 Jul 2011 17:58:46 +0200

squid3 (3.1.12-1) unstable; urgency=low

  * New upstream release
    - Removed patch integrated upstream
      + 18-gcc-4.5-fix
    - Rebuild against libdb5.1 (Closes: #621453)

  * debian/control
    - Remove article at start of synopsis, to make lintian happy

 -- Luigi Gangitano <luigi@debian.org>  Mon, 11 Apr 2011 18:47:02 +0200

squid3 (3.1.11-1) unstable; urgency=low

  * New upstream release

  * debian/patches/18-gcc-4.5-fix
    - Added upstream fix for gcc 4.5 building (Closes: #613153)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 15 Feb 2011 01:46:19 +0100

squid3 (3.1.10-1) unstable; urgency=low

  * New upstream release (Closes: #609881)
    - Removed patches integrated upstream
      + 16-CVE-2010-3072
      + 17-CVE-2010-2951
    - Fixes TCP DNS lookups failure on IPv6-disabled systems (Closes: #607379)
    - Fixes HTTPS not working if IPv6 is disabled (Closes: #594713)

  * debian/rules
    - Enable ZPH feature (Closes: #597687)

  * debian/squid3.ufw.profile
    - Added UFW profile, thanks to Alessio Treglia (Closes: #605088)

  * debian/control
    - Added versioned dependency on squid-langpack

 -- Luigi Gangitano <luigi@debian.org>  Fri, 21 Jan 2011 18:43:56 +0100

squid3 (3.1.6-1.2) unstable; urgency=low

  * Non-maintainer upload.
  * Fix DoS while processing large DNS replies with no IPv6 resolver present
    (CVE-2010-2951) (Closes: #599709)

 -- Ben Hutchings <ben@decadent.org.uk>  Sat, 30 Oct 2010 17:00:55 +0200

squid3 (3.1.6-1.1) unstable; urgency=high

  * Non-maintainer upload by the security team
  * Fix DoS due to wrong string handling (Closes: #596086)
    Fixes: CVE-2010-3072

 -- Steffen Joeris <white@debian.org>  Mon, 13 Sep 2010 17:07:51 +1000

squid3 (3.1.6-1) unstable; urgency=low

  * New upstream release

  * debian/rules
    - Removed now-default --enable-ipv6 option

  * debian/control
    - Bumped Standard-Version to 3.9.1, no change needed

  * debian/patches/01-cf.data.pre
    - Updated to match new upstream default IPv6 configuration

 -- Luigi Gangitano <luigi@debian.org>  Mon, 09 Aug 2010 00:59:26 +0200

squid3 (3.1.5-2) unstable; urgency=low

  * debian/control
    - Added build dependency on libltdl-dev fixing FTBFS on most archs

 -- Luigi Gangitano <luigi@debian.org>  Wed, 07 Jul 2010 15:21:06 +0200

squid3 (3.1.5-1) unstable; urgency=low

  * New upstream release

  * debian/control
    - Bumped Standard-Version to 3.9.0

 -- Luigi Gangitano <luigi@debian.org>  Tue, 06 Jul 2010 23:26:26 +0200

squid3 (3.1.4-1) unstable; urgency=low

  * New upstream release
    - Fixes several issues with IPv6 socket handling (Closes: #581901, #584223)
    - Fixes assertion in comm.cc (Closes: #572368)

 -- Luigi Gangitano <luigi@debian.org>  Fri, 04 Jun 2010 14:49:32 +0200

squid3 (3.1.3-2) unstable; urgency=low

  * debian/rules
    - Actually enable IPv6 (how did I miss this?)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 04 May 2010 11:15:49 +0200

squid3 (3.1.3-1) unstable; urgency=low

  * New upstream release
    - Fix incorrect behaviour of --enable-ipv6 (Closes: #578047)
    - Removed patches integrated upstream
      + 14-kfreebsd-compile

 -- Luigi Gangitano <luigi@debian.org>  Sun, 02 May 2010 19:31:38 +0200

squid3 (3.1.1-3) unstable; urgency=low

  * debian/{squid3.install,rules}
    - Install documented version of squid.conf as file, not directory
      (Closes: #577615)

 -- Luigi Gangitano <luigi@debian.org>  Thu, 15 Apr 2010 11:14:08 +0200

squid3 (3.1.1-2) unstable; urgency=low

  * debian/watch
    - Updated pattern to match 3.1 releases

  * debian/control
    - Excluded dependency on libcap2-dev on kfreebsd

  * debian/patches/14-kfreebsd-compile
    - Added patch to enable kfreebsd compilato, thanks to Petr Salinger
      (Closes: #576952)

  * debian/{rules,control,squid-cgi.install}
    - Rename squid3-cgi package to squid-cgi (Closes: #489061)

  * debian/patches/15-cachemgr-default-config
    - Fix squid-cgi default configuration file path

  * debian/source/format
    - Added format specification file, still with 1.0 version

 -- Luigi Gangitano <luigi@debian.org>  Mon, 12 Apr 2010 11:49:01 +0200

squid3 (3.1.1-1) unstable; urgency=low

  * New upstream release

  * debian/control
   - Bumped Standard-Version to 3.8.4, no change needed

 -- Luigi Gangitano <luigi@debian.org>  Thu, 01 Apr 2010 00:33:21 +0200

squid3 (3.1.0.18-1) UNRELEASED; urgency=low

  * New upstream release

  * debian/rules
    - Fix wrong resolvconf directory (Closes: #565652)

 -- Luigi Gangitano <luigi@debian.org>  Mon, 15 Mar 2010 19:35:50 +0100

squid3 (3.1.0.17-1) UNRELEASED; urgency=low

  * New upstream release, fixes
    - Remote Denial of Service issue in HTCP (Closes: #572554)
      (Ref: SQUID-2010:2 CVE-2010-0639)

 -- Luigi Gangitano <luigi@debian.org>  Fri, 12 Mar 2010 15:41:00 +0100

squid3 (3.1.0.16-1) experimental; urgency=low

  * New upstream release
    - Adds client_ip_max_connection to avoid DoS under Slowloris attack
      (Ref: TEMP-0533661-009115 Closes: #533664)
    - Handle DNS header-only packets as invalid
      (Ref: SQUID-2010:1 CVE-2010-0308)
    - Fixes memory filling during file download (Closes: #562012)

 -- Luigi Gangitano <luigi@debian.org>  Wed, 10 Feb 2010 18:53:36 +0100

squid3 (3.1.0.15-1) experimental; urgency=low

  * New upstream release
    - Fixes assertion failures on malformed Content-Range response headers
      (Closes: #541032)

  * debian/README.Debian
    - Fixed reference to RELEASENOTES.html (Closes: #561007)

  * debian/README.source
    - Added directions on source handling

  * debian/control
    - Remove duplicated informations that can be inherited from source stanza
    - Added autotools-dev build-dependency to enable cdbs fix for ancient 
      helper files

 -- Luigi Gangitano <luigi@debian.org>  Thu, 14 Jan 2010 22:44:13 +0100

squid3 (3.1.0.14-2) experimental; urgency=low

  * debian/rules
    - Enable ESI support (Closes: #506241)

  * debian/control
    - Add Build-Dep on libexpat1-dev and libxml2-dev, needed by ESI support

 -- Luigi Gangitano <luigi@debian.org>  Tue, 29 Sep 2009 19:55:23 +0200

squid3 (3.1.0.14-1) experimental; urgency=low

  * New upstream release
    - Fixes FTBFS in GNU/kFreeBSD (Closes: #545965)
    - Fixes incorrect handling of IMS (Closes: #499379)

  * debian/patches/01-cf.data.debian
    - Updated to match new upstream

 -- Luigi Gangitano <luigi@debian.org>  Tue, 29 Sep 2009 19:31:16 +0200

squid3 (3.1.0.13-2) experimental; urgency=low

  * debian/rules
    - Disable language files generation
    - Do not clean libcppunit that is not shipped with squid anymore

  * debian/control
    - Removed dependency on sharutils
    - Added dependency on libcap2, will enable TPROXY support (Closes: 398970)
    - Fixed squid3-common description, no more error pages

  * debian/squidclient.1
    - Removed man page integrated upstream

  * debian/squid3.rc
    - Removed obsolete -D option 

  * debian/patches/01-cf.data.debian
    - Added ::1 to localhost definition in ACLs

 -- Luigi Gangitano <luigi@debian.org>  Fri, 25 Sep 2009 23:02:40 +0200

squid3 (3.1.0.13-1) experimental; urgency=low

  * Upload to experimental

  * New upstream release
    - Fixes Follow-X-Forwarded-For support (Closes: #523943)
    - Adds IPv6 support (Closes: #432351)

  * debian/rules
    - Removed obsolete configuration options
    - Enable db and radius basic authentication modules

  * debian/patches/01-cf.data.debian
    - Adapted to new upstream version

  * debian/patches/02-makefile-defaults
    - Adapted to new upstream version

  * debian/{squid.postinst,squid.rc,README.Debian,watch}
    - Updated references to squid 3.1

  * debian/squid3.install
    - Install CSS file for error pages
    - Install manual pages for new authentication modules

  * debian/squid3-common.install
    - Install documented version of configuration file in /usr/share/doc/squid3

 -- Luigi Gangitano <luigi@debian.org>  Thu, 24 Sep 2009 14:51:06 +0200

squid3 (3.0.STABLE19-1) unstable; urgency=low

  * New upstream release
    - Fixes DoS in exthernal auth header parser (Ref: CVE-2009-2855)

  * debian/squid.rc
    - Fixed dependencies in init.d script, thanks to Petter Reinholdtsen
      (Closes: #546362)

  * debian/control
   - Bumped Standard-Version to 3.8.3, no change needed

 -- Luigi Gangitano <luigi@debian.org>  Sun, 20 Sep 2009 01:33:00 +0200

squid3 (3.0.STABLE18-1) unstable; urgency=high

  * New upstream release
    - Removed patches integrated upstream
      + 12-gcc44-fixes
      + 13-signed-unsigned-fixes
      + SQUID-2009-2

  * debian/rules
    - Enable ARP ACLs (Closes: #538023)
    - Enable SNMP support (Closes: #537187)

  * debian/control
    - Fix dependency for squid3-dbg on squid3 =${binary:Version}
    - Added dependency of squid3-dbg on ${misc:Depends}

  * debian/squid3-common.postinst
    - Added DEBHELPER placeholder

 -- Luigi Gangitano <luigi@debian.org>  Sun, 09 Aug 2009 00:28:56 +0200

squid3 (3.0.STABLE16-2.1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix multiple possible denial of service vectors in the processing of
    requests or responses
    (SQUID-2009-2; CVE-2009-2622; CVE-2009-2621; 12-SQUID-2009_2.dpatch).

 -- Nico Golde <nion@debian.org>  Tue, 04 Aug 2009 21:56:36 +0200

squid3 (3.0.STABLE16-2) unstable; urgency=low

  * debian/patches/13-signed-unsigned-fixes
    - Added upstream patch fixing build errors on 64-bit archs
      (Closes: #536588)

  * debian/README.Debian
    - Removed instability notice of development version

  * debian/control
    - Fixed squid3-dbg section and priority to match archive override

 -- Luigi Gangitano <luigi@debian.org>  Sat, 11 Jul 2009 13:46:45 +0200

squid3 (3.0.STABLE16-1) unstable; urgency=low

  * New upstream release

  * debian/patches/12-gcc44-fixes
    - Added upstream patch fixing build erros with GCC 4.4 (Closes: #526672)

  * debian/control
   - Bumped Standard-Version to 3.8.2, no change needed

  * debian/NEWS.Debian
    - Fixed format of NEWS.Debian (double space at start)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 07 Jul 2009 18:56:41 +0200

squid3 (3.0.STABLE15-1) unstable; urgency=low

  * New upstream release
    - Fixes wrong reference to digest_pw_auth (Closes: #517528)

  * debian/{control,squid3-common.{install,postinst,links},NEWS.Debian}
    - Added dependency on squid-langpack, linked error directory to
      /usr/share/squid-langpack (Closes: #497283)
    - Added a notice in NEWS.Debian on customized error_directory settings

  * debian/patches/01-cf.data.debian
    - Adapted to new upstream version

  * debian/control
    - Added debug package to help bug reports
    - Added dependency on libkrb5-dev and comerr-dev

  * debian/squid3.resolvconf
    - Use invoke-rc.d instead of directly calling init script

  * debian/rules
    - Added missing --with-large-files configure option (Closes: #534888)
    - Enabled Kerberos Negotiate Auth support (Closes: #532064)

  * debian/copyright
    - Fixed copyright to reflect current sources, thanks to Amos Jeffries
      (Closes: #524601)

  * debian/squid3.rc
    - Added reference to config file at startup (Closes: #517529)

  * debian/squid3.postinst
    - Removed path from command invocation and make lintian happy

 -- Luigi Gangitano <luigi@debian.org>  Mon,  6 May 2009 13:29:10 +0200

squid3 (3.0.STABLE13-1) unstable; urgency=low

  * New upstream release
    - Removed patches integrated upstream
      + 10-mgr_active_requests
      + 11-SQUID-2009-1

  * debian/patches/02-makefile-defaults
    - Removed cachemgr configuration file fix integrated upstream

  * debian/rules
    - Disable support for coss witch is marked as unstable upstream

 -- Luigi Gangitano <luigi@debian.org>  Mon, 16 Feb 2009 16:18:30 +0100

squid3 (3.0.STABLE8-3) unstable; urgency=high

  * Urgency high due to security fixes

  * debian/patches/11-SQUID-2009-1
    - Added upstream patch fixing Denial of Service in request processing
      (Ref: SQUID-2009-1, CVE: TBA)

 -- Luigi Gangitano <luigi@debian.org>  Fri, 06 Feb 2009 20:23:57 +0100

squid3 (3.0.STABLE8-2) unstable; urgency=low

  * debian/squid3.postinst
    - Fixed non-POSIX option to chown (Closes: #491701)

  * debian/rules
    - Removed obsoleted configure options (Closes: 511272)
    - Added --enable-follow-x-forwarded-for configure option

  * debian/control
    - Added dependency on ${misc:Depends} to make lintian happy

  * debian/squid3.postinst
    - Removed path from squid3 invocation to make lintian happy

  * debian/control
    - Bumped Standard-Version to 3.8.0, no change needed

 -- Luigi Gangitano <luigi@debian.org>  Fri,  9 Jan 2009 00:02:48 +0200

squid3 (3.0.STABLE8-1) unstable; urgency=high

  * Urgency high to meet freeze deadline

  * New upstream release

  * debian/patches/10-mgr_active_requests
    - Added upstream patch fixing delay_pool reporting in cachemgr.cgi

 -- Luigi Gangitano <luigi@debian.org>  Mon, 21 Jul 2008 09:20:31 +0200

squid3 (3.0.STABLE7-1) unstable; urgency=low

  * New upstream release

 -- Luigi Gangitano <luigi@debian.org>  Sat, 05 Jul 2008 21:24:36 +0200

squid3 (3.0.STABLE6-2) unstable; urgency=low

  * debian/control
    - Fixed suggestion on squidclient package

 -- Luigi Gangitano <luigi@debian.org>  Sun, 01 Jun 2008 05:48:22 +0200

squid3 (3.0.STABLE6-1) unstable; urgency=low

  * New upstream release (Closes: #478695)

  * debian/squid3.rc
    - Added automatic coss file creation (Closes: #478108)
    - Removed default blocking logging to syslog
    - Added parsing of /etc/default/squid3 for SQUID_ARGS override

  * debian/{rules,control,squidclient.install,squidclient.1}
    - Rename squid3-client package to squidclient (Closes: #473876)
    - Added squidclient man page from old squid package

 -- Luigi Gangitano <luigi@debian.org>  Sun, 01 Jun 2008 02:43:42 +0200

squid3 (3.0.STABLE5-1) UNRELEASED; urgency=low

  * New upstream release (Closes: #478695)

 -- Luigi Gangitano <luigi@debian.org>  Sat, 03 May 2008 18:39:36 +0200

squid3 (3.0.STABLE4-1) unstable; urgency=low
  
  * New upstream release

 -- Luigi Gangitano <luigi@debian.org>  Thu, 03 Apr 2008 01:34:07 +0200

squid3 (3.0.STABLE2-1) unstable; urgency=low

  * New upstream release (Closes: #470641)

  * debian/rules
    - Fixed bashism (Closes: #468567)

  * debian/control
    - Fixed description, remove instability notice (Closes: #463347)

  * debian/squid.rc
    - Raise max open filedescriptor limit to match build time limit at
      65535 (Closes: #470605, #470607)

 -- Luigi Gangitano <luigi@debian.org>  Wed, 12 Mar 2008 13:52:21 +0100

squid3 (3.0.STABLE1-2) unstable; urgency=low

  * debian/rules
    - Fixed --with-large-files option to ./configure (Closes: #459306)
    - Added null storio option (Closes: #456889)

 -- Luigi Gangitano <luigi@debian.org>  Tue, 11 Jan 2008 14:09:45 +0100

squid3 (3.0.STABLE1-1) unstable; urgency=low

  * New upstream release
    - Updated debian/watch (Closes: #456470)
    - Removed patches integrated upstream
      + 08-resume-http
      + 09-dos-cache-update

  * debian/control
    - Bumped Standard-Version to 3.7.3 (no change needed)
    - Added Homepage field

  * debian/patches/01-cf.data.debian
    - Adapted to new upstream version (remove default accesso to
      RFC1918 addresses)

  * debian/squid3.{preinst,postinst,prerm,postrm}
    - Added debhelper token

 -- Luigi Gangitano <luigi@debian.org>  Mon, 17 Dec 2007 11:36:57 +0100

squid3 (3.0.RC1-3) unstable; urgency=high

  * Urgency high due to security fixes

  * debian/patches/09-dos-cache-update
    - Added upstream patch fixing DoS in cache update reply processing
      (Ref: CVE-2007-6239, SQUID-2007:2)

 -- Luigi Gangitano <luigi@debian.org>  Fri,  7 Dec 2007 16:30:39 +0100

squid3 (3.0.RC1-2) unstable; urgency=low

  * debian/patches/08-resume-http.dpatch
    - Added upstream patch fixing failure to resume downloads

 -- Luigi Gangitano <luigi@debian.org>  Mon, 15 Oct 2007 02:43:44 +0200

squid3 (3.0.RC1-1) unstable; urgency=low

  * New upstream release
    - Updated debian watch

  * debian/patches/01-cf.data.debian
    - Updated to match upstream changes

  * debian/control
    - Updated Build-Depends to libdb 4.6
    - Removed dependency on essential package coreutils
    - Fixed dependency on virtual package httpd

 -- Luigi Gangitano <luigi@debian.org>  Sun, 14 Oct 2007 16:07:28 +0200

squid3 (3.0.PRE7-1) unstable; urgency=low

  * New upstream release
    - Fixed assertion failure when receiving TCP_RESET (Closes: #435887)
    - Removed patches integrated upstream:
      + debian/patches/05-helpers-typo
      + debian/patches/06-mem-obj-reference
      + debian/patches/07-close-icap-connections

  * debian/patches/01-cf.data.debian
    - Removed upstream-integrated patches

  * debian/rules
    - Enabled build time default user configuration

 -- Luigi Gangitano <luigi@debian.org>  Fri, 31 Aug 2007 18:05:13 +0200

squid3 (3.0.PRE6-2) unstable; urgency=low

  * debian/control
    - Make package binNMU safe (Closes: #432981)

  * debian/rules
    - Enabled diskd (Closes: #434621)
    - Removed --enable-diskio option (Closes: #435230)

 -- Luigi Gangitano <luigi@debian.org>  Sun, 13 May 2007 19:13:03 +0200

squid3 (3.0.PRE6-1) unstable; urgency=low

  * New upstream release
    - Removed patches integrated upsteam:
      + 04-m68k-ftbfs

  * debian/rules
    - Enable delay pools (Closes: #410785)
    - Enable cache digests (Closes: #416631)
    - Enable ICAP client
    - Raised Max Filedescriptor limit to 65536

  * debian/control
    - Added real package dependency for httpd in squid3-cgi

  * debian/patches/02-makefile-defaults
    - Fix default configuration file for cachemgr.cgi (Closes: #416630)

  * debian/squid3.postinst
    - Fixed bashish in postinst (Closes: #411797)

  * debian/patches/05-helpers-typo
    - Added upstream patch fixing compilation error in src/helpers.cc

  * debian/patches/06-mem-obj-reference
    - Added upstream patch fixing a mem_obj reference in src/store.cc

  * debian/patches/07-close-icap-connections
    - Added upstream patch fixing icap connection starvation

  * debian/squid3.rc
    - Added LSB-compliant description to rc script

 -- Luigi Gangitano <luigi@debian.org>  Sun, 13 May 2007 16:03:16 +0200

squid3 (3.0.PRE5-5) unstable; urgency=low

  * debian/control
    - Revert dependency on libsasl2-2-dev to libsasl2-dev (Closes: #401292)

 -- Luigi Gangitano <luigi@debian.org>  Thu, 30 Nov 2006 16:27:26 +0100

squid3 (3.0.PRE5-4) unstable; urgency=low

  * debian/{rules,squid3-client.install}
    - Fix path for squid3client (Closes: #400893)

 -- Luigi Gangitano <luigi@debian.org>  Thu, 30 Nov 2006 15:32:53 +0100

squid3 (3.0.PRE5-3) unstable; urgency=low

  * debian/rules
    - Use the right patch for specific options on GNU/kFreeBSD (Closes: #397829)

 -- Luigi Gangitano <luigi@debian.org>  Sat, 11 Nov 2006 10:32:06 +0100

squid3 (3.0.PRE5-2) unstable; urgency=low

  * debian/rules
    - Added architecture specific configure options to fix 
      FTBFS on GNU/KFreeBSD (Closes: #397829)

  * debian/control
    - Updated Build-Depend to libsasl2-2-dev

 -- Luigi Gangitano <luigi@debian.org>  Sat, 11 Nov 2006 00:33:31 +0100

squid3 (3.0.PRE5-1) unstable; urgency=low

  * New upstream release
    - Includes fix for FTBFS with GCC 4.2 (Closes: #379969)
    - Removed upstream-integrated patches:
      + 03-upstream-md5-byteswap

  * debian/patches/04-m68k-ftbfs.dpathc
    - Added patch to fix FTBFS on m68k due to missing parenthesis 
      (Closes: #394220)

  * debian/control
    - Added Build-Dep on libcppunit-dev
    - Updated Build-Dep to libdb4.4-dev

  * debian/rules
    - Added usage of already compiled libcppunit, reducing build time

 -- Luigi Gangitano <luigi@debian.org>  Thu,  9 Nov 2006 15:42:43 +0100

squid3 (3.0.PRE4-5) unstable; urgency=low

  * debian/rules
    - Fixed typo in configure options (--with-filedescriptors)
    - Added missing transparent proxy options

 -- Luigi Gangitano <luigi@debian.org>  Thu, 20 Jul 2006 15:03:07 +0200

squid3 (3.0.PRE4-4) unstable; urgency=low

  * debian/control
    - Removed dependency on webmin-squid for squid-cgi

  * debian/rules
    - Removed bashism (Closes: #377952)

 -- Luigi Gangitano <luigi@debian.org>  Wed, 12 Jul 2006 15:56:01 +0200

squid3 (3.0.PRE4-3) unstable; urgency=low

  * debian/patches/03-upstream-md5-byteswap.dpatch
    - Added upstream patch to fix FTBFS on BIGENDIAN architectures
      (Closes: #377596)

 -- Luigi Gangitano <luigi@debian.org>  Mon, 10 Jul 2006 18:06:06 +0200

squid3 (3.0.PRE4-2) unstable; urgency=low

  * debian/copyright
    - Added text from CREDITS with copyright and licences for all the
      components included in squid

 -- Luigi Gangitano <luigi@debian.org>  Mon, 10 Jul 2006 00:46:10 +0200

squid3 (3.0.PRE4-1) unstable; urgency=low

  * New upstream release

  * debian/rules
    - Revorked to build packages that can be installed side-by-side with
      the squid 2.x packages.
  
  * debian/control
    - Added dependency on dpatch
  
 -- Luigi Gangitano <luigi@debian.org>  Mon,  3 Jul 2006 16:47:43 +0200


squid3 (3.0.PRE3.20060422-2) unstable; urgency=low

  * debian/control
    - Added missing Build-Depends on libsasl2-dev

 -- Luigi Gangitano <luigi@debian.org>  Wed, 14 Jun 2006 15:31:34 +0200

squid3 (3.0.PRE3.20060422-1) unstable; urgency=low

  * First package attempt

 -- Luigi Gangitano <luigi@debian.org>  Sat, 22 Apr 2006 01:19:36 +0200
