Squid 3.4

Jan 2015

Squid-3.4 series became DEPRECATED with the release of Squid-3.5 series

Sep 2014

Squid-3.4.7 and older are CONSIDERED DANGEROUS as the security people say. Due to unfixed vulnerabilities CVE-2014-7141, CVE-2014-7142, and CVE-2014-6270

Dec 2013

Released for production use.

The features have been set and code changes are reserved for later versions.

Additions are limited to Security and Bug fixes

Features ported from 2.7 in this release:

  • Store ID - a redesign of the store-URL rewrite feature from 2.7.

Basic new features in 3.4:

  • SSL server certificate validator

  • note directive for annotating transactions

  • TPROXY Support for BSD systems

  • spoof_client_ip directive for managing TPROXY spoofing

  • Various Access Control updates:
    • server_ssl_cert_fingerprint type to match certificate fingerprints

    • note type to match annotations for a transaction.

    • all-of and any-of types for complex configurations.

    • No-lookup DNS for certain acl types.

  • Support OK/ERR/BH response codes and kv-pair options from any helper
  • Improved pipeline queue configuration.
  • Multicast DNS

The intention with this series is to improve portability and stability. Some remaining Squid-2.7 missing features are listed as regressions in http://www.squid-cache.org/Versions/v3/3.4/RELEASENOTES.html#ss5.1

Packages of squid 3.4 source code are available at http://www.squid-cache.org/Versions/v3/3.4/

Security Advisories

See our Advisories list.

Open Bugs

Squid-3.4 (last edited 2018-02-27 03:19:33 by AmosJeffries)