Squid 2.6.18?



  • There have been a couple Squid security advisories (and corresponding fixes) in the last year, and Squid 2.6 itself is now at release 18; however, the available pfSense package is still at release 5. My question: can I compile this new build on a standard FreeBSD machine (for which release 18 is already available), and then copy the resulting binaries to pfSense? Has anyone actually tried this, and if so, any caveats we should be aware of?

    TIA

    Marcello
    Sao Paulo - SP - Brazil



  • What functional different 2.6 and 2.5 ? Really need to change known BUG-set to unknown?  ;D



  • There are two security advisories which seem to apply to the version now on the package repository for pfSense:

    SQUID-2007:2, Dec 4, 2007
        Denial of service in cache updates
    SQUID-2007:1, Mar 20, 2007
        Denial of service in TRACE method processing

    Apart from these security fixes, there have been a number of bug fixes, as detailed in:

    http://www.squid-cache.org/Versions/v2/2.6/squid-2.6.STABLE18-RELEASENOTES.html

    I'm not a Squid expert by any means, but I'd like to run a more current version, if possible…

    Addendum: I'm assuming that 2.6.5_1-p15 means 2.6.STABLE5 - is that correct?

    Regards,

    Marcello
    Sao Paulo - SP - Brazil



  • The first one has been updated January 18th  and is a high risk one
    –> http://www.securityfocus.com/bid/26687/solution

    Some exploits are showing up....mostly simple DoS tools.



  • I'd like to give this a try myself - if anyone has the command line entries I would need to upgrade from the current pfsense package I would gladly test.  I'm willing to do anything to get squid back up to speed.



  • Does this new squid version give some speed boosting cause with the version i have now the speed is too low.I have it in transparent mode and when i disable it i can achieve the maximum speed of the line



  • The slowness has been brought up in other threads, nobody seems to know what is causing the issue.  It did not exist in earlier versions…



  • i see..so there is not any workaround on this right? i don't need squid for caching just for squidguard and lightsquid.
    When i use a download manager i can achieve full speed though…I haven't got traffic shapper enabled..If i upgrade to RC4 will be any change?


Locked