Package: src:squid3 Severity: wishlist Tags: patch Hi,
please take the attached patch as a suggestion for the upgrade of the squid3 package to version 3.3.1. Thanks. Carsten -- /\-ยด-/\ ( @ @ ) ________o0O___^___O0o________
diff -urN squid3-3.1.20/debian/changelog squid3-3.3.1/debian/changelog --- squid3-3.1.20/debian/changelog 2013-02-05 23:16:28.000000000 +0100 +++ squid3-3.3.1/debian/changelog 2013-02-27 11:30:03.000000000 +0100 @@ -1,3 +1,11 @@ +squid3 (3.3.1-1) unstable; urgency=low + + * New upstream release + * ported debian patches to new upstream version + * removed obsolete CVE patches + + -- Carsten Wolff <cars...@wolffcarsten.de> Fri, 22 Feb 2013 16:21:41 +0100 + squid3 (3.1.20-2.1) unstable; urgency=high * Non-maintainer upload diff -urN squid3-3.1.20/debian/patches/01-cf.data.debian.patch squid3-3.3.1/debian/patches/01-cf.data.debian.patch --- squid3-3.1.20/debian/patches/01-cf.data.debian.patch 2012-06-18 15:00:56.000000000 +0200 +++ squid3-3.3.1/debian/patches/01-cf.data.debian.patch 2013-02-27 11:15:12.000000000 +0100 @@ -2,7 +2,7 @@ Description: Default configuration file for debian --- a/src/cf.data.pre +++ b/src/cf.data.pre -@@ -178,7 +178,7 @@ +@@ -327,7 +327,7 @@ If you want to use the traditional NCSA proxy authentication, set this line to something like @@ -10,8 +10,8 @@ + auth_param basic program @DEFAULT_PREFIX@/lib/squid3/ncsa_auth @DEFAULT_PREFIX@/etc/passwd "utf8" on|off - HTTP uses iso-latin-1 as characterset, while some authentication -@@ -246,7 +246,7 @@ + HTTP uses iso-latin-1 as character set, while some authentication +@@ -400,7 +400,7 @@ If you want to use a digest authenticator, set this line to something like @@ -19,26 +19,26 @@ + auth_param digest program @DEFAULT_PREFIX@/lib/squid3/digest_pw_auth @DEFAULT_PREFIX@/etc/digpass "utf8" on|off - HTTP uses iso-latin-1 as characterset, while some authentication -@@ -308,7 +308,7 @@ + HTTP uses iso-latin-1 as character set, while some authentication +@@ -477,7 +477,7 @@ of type proxy_auth. By default, the NTLM authenticator_program is not used. - auth_param ntlm program @DEFAULT_PREFIX@/bin/ntlm_auth + auth_param ntlm program @DEFAULT_PREFIX@/lib/squid3/ntlm_auth - "children" numberofchildren - The number of authenticator processes to spawn (no default). -@@ -343,7 +343,7 @@ + "children" numberofchildren [startup=N] [idle=N] + The maximum number of authenticator processes to spawn (default 5). +@@ -518,7 +518,7 @@ The only supported program for this role is the ntlm_auth program distributed as part of Samba, version 4 or later. - auth_param negotiate program @DEFAULT_PREFIX@/bin/ntlm_auth --helper-protocol=gss-spnego + auth_param negotiate program @DEFAULT_PREFIX@/lib/squid3/ntlm_auth --helper-protocol=gss-spnego - "children" numberofchildren - The number of authenticator processes to spawn (no default). -@@ -760,11 +760,11 @@ + "children" numberofchildren [startup=N] [idle=N] + The maximum number of authenticator processes to spawn (default 5). +@@ -1002,11 +1002,11 @@ # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed @@ -55,7 +55,7 @@ acl SSL_ports port 443 acl Safe_ports port 80 # http -@@ -923,7 +923,7 @@ +@@ -1185,7 +1185,7 @@ # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed @@ -64,25 +64,7 @@ http_access allow localhost # And finally deny all other access to this proxy -@@ -1424,7 +1424,7 @@ - - Note: The use of this directive using client dependent ACLs is - incompatible with the use of server side persistent connections. To -- ensure correct results it is best to set server_persisten_connections -+ ensure correct results it is best to set server_persistent_connections - to off when using this directive in such configurations. - DOC_END - -@@ -1527,7 +1527,7 @@ - an additional ACL needs to be used which ensures the IPv6-bound traffic - is never forced or permitted out the IPv4 interface. - -- # IPv6 destination test along with a dummy access control to perofrm the required DNS -+ # IPv6 destination test along with a dummy access control to perform the required DNS - # This MUST be place before any ALLOW rules. - acl to_ipv6 dst ipv6 - http_access deny ipv6 !all -@@ -2844,7 +2844,7 @@ +@@ -3765,7 +3765,7 @@ NAME: logfile_rotate TYPE: int @@ -91,7 +73,7 @@ LOC: Config.Log.rotateNumber DOC_START Specifies the number of logfile rotations to make when you -@@ -2863,6 +2863,9 @@ +@@ -3784,6 +3784,9 @@ Note, from Squid-3.1 this option has no effect on the cache.log, that log can be rotated separately by using debug_options @@ -101,7 +83,7 @@ DOC_END NAME: emulate_httpd_log -@@ -4284,7 +4287,7 @@ +@@ -5258,7 +5261,7 @@ NAME: visible_hostname TYPE: string LOC: Config.visibleHostname @@ -110,7 +92,7 @@ DOC_START If you want to present a special hostname in error messages, etc, define this. Otherwise, the return value of gethostname() -@@ -6482,8 +6485,8 @@ +@@ -7761,8 +7764,8 @@ WARNING: This option will restrict the situations under which IPv6 diff -urN squid3-3.1.20/debian/patches/02-makefile-defaults.patch squid3-3.3.1/debian/patches/02-makefile-defaults.patch --- squid3-3.1.20/debian/patches/02-makefile-defaults.patch 2012-06-18 14:59:26.000000000 +0200 +++ squid3-3.3.1/debian/patches/02-makefile-defaults.patch 2013-02-27 11:17:32.000000000 +0100 @@ -2,7 +2,7 @@ Description: Change default file locations for debian --- a/src/Makefile.in +++ b/src/Makefile.in -@@ -2048,7 +2048,7 @@ +@@ -2799,7 +2799,7 @@ DEFAULT_PREFIX = $(prefix) DEFAULT_CONFIG_DIR = $(sysconfdir) DEFAULT_CONFIG_FILE = $(DEFAULT_CONFIG_DIR)/squid.conf @@ -11,12 +11,3 @@ DEFAULT_DNSSERVER = $(libexecdir)/`echo dnsserver | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_SSL_CRTD = $(libexecdir)/`echo ssl_crtd | sed '$(transform);s/$$/$(EXEEXT)/'` DEFAULT_LOG_PREFIX = $(DEFAULT_LOG_DIR) -@@ -2057,7 +2057,7 @@ - DEFAULT_STORE_LOG = $(DEFAULT_LOG_PREFIX)/store.log - DEFAULT_PID_FILE = $(DEFAULT_PIDFILE) - DEFAULT_NETDB_FILE = $(DEFAULT_LOG_PREFIX)/netdb.state --DEFAULT_SWAP_DIR = $(localstatedir)/cache -+DEFAULT_SWAP_DIR = $(localstatedir)/spool/squid3 - DEFAULT_SSL_DB_DIR = $(localstatedir)/lib/ssl_db - DEFAULT_PINGER = $(libexecdir)/`echo pinger | sed '$(transform);s/$$/$(EXEEXT)/'` - DEFAULT_UNLINKD = $(libexecdir)/`echo unlinkd | sed '$(transform);s/$$/$(EXEEXT)/'` diff -urN squid3-3.1.20/debian/patches/15-cachemgr-default-config.patch squid3-3.3.1/debian/patches/15-cachemgr-default-config.patch --- squid3-3.1.20/debian/patches/15-cachemgr-default-config.patch 2012-06-18 14:59:50.000000000 +0200 +++ squid3-3.3.1/debian/patches/15-cachemgr-default-config.patch 2013-02-27 11:18:52.000000000 +0100 @@ -2,36 +2,37 @@ Description: Fix path for cachemgr.cgi default configuration file --- a/tools/Makefile.am +++ b/tools/Makefile.am -@@ -34,7 +34,7 @@ - man_MANS = \ - squidclient.1 +@@ -68,7 +68,7 @@ + + ## ##### cachemgr.cgi ##### -DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf - squidclient_SOURCES = squidclient.cc - nodist_squidclient_SOURCES=time.cc stub_debug.cc -@@ -56,6 +56,7 @@ - $(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h + libexec_PROGRAMS = cachemgr$(CGIEXT) + +@@ -91,6 +91,7 @@ + ## Shared install-data-local: + test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid" $(INSTALL_DATA) $(srcdir)/cachemgr.conf $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG).default @if test -f $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG) ; then \ echo "$@ will not overwrite existing $(DESTDIR)$(DEFAULT_CACHEMGR_CONFIG)" ; \ +diff -urN a/tools/Makefile.in b/tools/Makefile.in --- a/tools/Makefile.in +++ b/tools/Makefile.in -@@ -375,7 +375,7 @@ - man_MANS = \ - squidclient.1 +@@ -434,7 +434,7 @@ + test_tools.cc \ + time.cc -DEFAULT_CACHEMGR_CONFIG = $(sysconfdir)/cachemgr.conf +DEFAULT_CACHEMGR_CONFIG = /etc/squid/cachemgr.conf - squidclient_SOURCES = squidclient.cc - nodist_squidclient_SOURCES = time.cc stub_debug.cc - cachemgr__CGIEXT__SOURCES = cachemgr.cc -@@ -1094,6 +1094,7 @@ - $(OBJS): $(top_srcdir)/include/version.h ../include/autoconf.h + cachemgr__CGIEXT__SOURCES = cachemgr.cc \ + stub_debug.cc \ + test_tools.cc \ +@@ -1237,6 +1237,7 @@ + $(SUBSTITUTE) < $(srcdir)/cachemgr.cgi.8.in > $@ install-data-local: + test -z "/etc/squid" || $(MKDIR_P) "$(DESTDIR)/etc/squid" diff -urN squid3-3.1.20/debian/patches/20-ipv6-fix squid3-3.3.1/debian/patches/20-ipv6-fix --- squid3-3.1.20/debian/patches/20-ipv6-fix 2012-12-06 20:20:58.000000000 +0100 +++ squid3-3.3.1/debian/patches/20-ipv6-fix 1970-01-01 01:00:00.000000000 +0100 @@ -1,11 +0,0 @@ ---- a/src/ip/IpAddress.cc -+++ b/src/ip/IpAddress.cc -@@ -605,7 +605,7 @@ - && dst->ai_protocol == 0) - dst->ai_protocol = IPPROTO_UDP; - -- if (force == AF_INET6 || (force == AF_UNSPEC && IsIPv6()) ) { -+ if (force == AF_INET6 || (force == AF_UNSPEC && Ip::EnableIpv6 && IsIPv6()) ) { - dst->ai_addr = (struct sockaddr*)new sockaddr_in6; - - memset(dst->ai_addr,0,sizeof(struct sockaddr_in6)); diff -urN squid3-3.1.20/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch squid3-3.3.1/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch --- squid3-3.1.20/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch 2013-02-05 22:55:45.000000000 +0100 +++ squid3-3.3.1/debian/patches/30-CVE-2012-5643-CVE-2013-0189.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,186 +0,0 @@ -Description: cachemgr.cgi: Memory Leaks and DoS Vulnerability - * Ignore invalid Content-Length headers. - * Limit received POST requests to 4KB and discard the rest. - * Authentication credentials parser also leaks badly. -Author: Amos Jeffries <squ...@treenet.co.nz> -Origin: vendor -Last-Update: 2013-02-05 -Forwarded: not-needed - ---- - -diff --git i/tools/cachemgr.cc w/tools/cachemgr.cc -index 1af18d1..83d532c 100644 ---- i/tools/cachemgr.cc -+++ w/tools/cachemgr.cc -@@ -586,12 +586,15 @@ munge_action_line(const char *_buf, cachemgr_request * req) - if ((p = strchr(x, '\n'))) - *p = '\0'; - action = xstrtok(&x, '\t'); -+ if (!action) { -+ xfree(buf); -+ return ""; -+ } - description = xstrtok(&x, '\t'); - if (!description) - description = action; -- if (!action) -- return ""; - snprintf(html, sizeof(html), " <a href=\"%s\">%s</a>", menu_url(req, action), description); -+ xfree(buf); - return html; - } - -@@ -820,7 +823,7 @@ process_request(cachemgr_request * req) - } - - if (!check_target_acl(req->hostname, req->port)) { -- snprintf(buf, 1024, "target %s:%d not allowed in cachemgr.conf\n", req->hostname, req->port); -+ snprintf(buf, sizeof(buf), "target %s:%d not allowed in cachemgr.conf\n", req->hostname, req->port); - error_html(buf); - return 1; - } -@@ -832,7 +835,7 @@ process_request(cachemgr_request * req) - } else if ((S = req->hostname)) - (void) 0; - else { -- snprintf(buf, 1024, "Unknown host: %s\n", req->hostname); -+ snprintf(buf, sizeof(buf), "Unknown host: %s\n", req->hostname); - error_html(buf); - return 1; - } -@@ -846,17 +849,19 @@ process_request(cachemgr_request * req) - #else - if ((s = socket(PF_INET, SOCK_STREAM, 0)) < 0) { - #endif -- snprintf(buf, 1024, "socket: %s\n", xstrerror()); -+ snprintf(buf, sizeof(buf), "socket: %s\n", xstrerror()); - error_html(buf); -+ S.FreeAddrInfo(AI); - return 1; - } - - if (connect(s, AI->ai_addr, AI->ai_addrlen) < 0) { -- snprintf(buf, 1024, "connect %s: %s\n", -+ snprintf(buf, sizeof(buf), "connect %s: %s\n", - S.ToURL(ipbuf,MAX_IPSTRLEN), - xstrerror()); - error_html(buf); - S.FreeAddrInfo(AI); -+ close(s); - return 1; - } - -@@ -917,8 +922,6 @@ static char * - read_post_request(void) - { - char *s; -- char *buf; -- int len; - - if ((s = getenv("REQUEST_METHOD")) == NULL) - return NULL; -@@ -929,15 +932,34 @@ read_post_request(void) - if ((s = getenv("CONTENT_LENGTH")) == NULL) - return NULL; - -- if ((len = atoi(s)) <= 0) -+ if (*s == '-') // negative length content huh? - return NULL; - -- buf = (char *)xmalloc(len + 1); -+ uint64_t len; - -- if (fread(buf, len, 1, stdin) == 0) -+ char *endptr = s+ strlen(s); -+ if ((len = strtoll(s, &endptr, 10)) <= 0) - return NULL; - -- buf[len] = '\0'; -+ // limit the input to something reasonable. -+ // 4KB should be enough for the GET/POST data length, but may be extended. -+ size_t bufLen = (len < 4096 ? len : 4095); -+ char *buf = (char *)xmalloc(bufLen + 1); -+ -+ size_t readLen = fread(buf, 1, bufLen, stdin); -+ if (readLen == 0) { -+ xfree(buf); -+ return NULL; -+ } -+ buf[readLen] = '\0'; -+ len -= readLen; -+ -+ // purge the remainder of the request entity -+ while (len > 0 && readLen) { -+ char temp[65535]; -+ readLen = fread(temp, 1, 65535, stdin); -+ len -= readLen; -+ } - - return buf; - } -@@ -1077,37 +1099,49 @@ decode_pub_auth(cachemgr_request * req) - debug(3) fprintf(stderr, "cmgr: length ok\n"); - - /* parse ( a lot of memory leaks, but that is cachemgr style :) */ -- if ((host_name = strtok(buf, "|")) == NULL) -+ if ((host_name = strtok(buf, "|")) == NULL) { -+ xfree(buf); - return; -+ } - - debug(3) fprintf(stderr, "cmgr: decoded host: '%s'\n", host_name); - -- if ((time_str = strtok(NULL, "|")) == NULL) -+ if ((time_str = strtok(NULL, "|")) == NULL) { -+ xfree(buf); - return; -+ } - - debug(3) fprintf(stderr, "cmgr: decoded time: '%s' (now: %d)\n", time_str, (int) now); - -- if ((user_name = strtok(NULL, "|")) == NULL) -+ if ((user_name = strtok(NULL, "|")) == NULL) { -+ xfree(buf); - return; -+ } - - debug(3) fprintf(stderr, "cmgr: decoded uname: '%s'\n", user_name); - -- if ((passwd = strtok(NULL, "|")) == NULL) -+ if ((passwd = strtok(NULL, "|")) == NULL) { -+ xfree(buf); - return; -+ } - - debug(2) fprintf(stderr, "cmgr: decoded passwd: '%s'\n", passwd); - - /* verify freshness and validity */ -- if (atoi(time_str) + passwd_ttl < now) -+ if (atoi(time_str) + passwd_ttl < now) { -+ xfree(buf); - return; -+ } - -- if (strcasecmp(host_name, req->hostname)) -+ if (strcasecmp(host_name, req->hostname)) { -+ xfree(buf); - return; -+ } - - debug(1) fprintf(stderr, "cmgr: verified auth. info.\n"); - - /* ok, accept */ -- xfree(req->user_name); -+ safe_free(req->user_name); - - req->user_name = xstrdup(user_name); - -@@ -1145,6 +1179,7 @@ make_auth_header(const cachemgr_request * req) - - snprintf(&buf[stringLength], sizeof(buf) - stringLength, "Proxy-Authorization: Basic %s\r\n", str64); - -+ xxfree(str64); - return buf; - } - diff -urN squid3-3.1.20/debian/patches/series squid3-3.3.1/debian/patches/series --- squid3-3.1.20/debian/patches/series 2013-02-05 22:53:05.000000000 +0100 +++ squid3-3.3.1/debian/patches/series 2013-02-27 11:29:02.000000000 +0100 @@ -1,5 +1,3 @@ 01-cf.data.debian.patch 02-makefile-defaults.patch 15-cachemgr-default-config.patch -20-ipv6-fix -30-CVE-2012-5643-CVE-2013-0189.patch diff -urN squid3-3.1.20/debian/rules squid3-3.3.1/debian/rules --- squid3-3.1.20/debian/rules 2012-06-18 15:23:48.000000000 +0200 +++ squid3-3.3.1/debian/rules 2013-02-27 11:23:53.000000000 +0100 @@ -27,7 +27,7 @@ --enable-underscores \ --enable-icap-client \ --enable-follow-x-forwarded-for \ - --enable-auth="basic,digest,ntlm,negotiate" \ + --enable-auth \ --enable-basic-auth-helpers="LDAP,MSNT,NCSA,PAM,SASL,SMB,YP,DB,POP3,getpwnam,squid_radius_auth,multi-domain-NTLM" \ --enable-ntlm-auth-helpers="smb_lm," \ --enable-digest-auth-helpers="ldap,password" \ @@ -39,6 +39,7 @@ --enable-wccpv2 \ --disable-translation \ --with-logdir=/var/log/squid3 \ + --with-swapdir=/var/spool/squid3 \ --with-pidfile=/var/run/squid3.pid \ --with-filedescriptors=65536 \ --with-large-files \ @@ -61,14 +62,20 @@ mv $(INSTALLDIR)/usr/lib/squid3/cachemgr.cgi $(INSTALLDIR)/usr/lib/cgi-bin/cachemgr.cgi mv $(INSTALLDIR)/usr/sbin/squid $(INSTALLDIR)/usr/sbin/squid3 mv $(INSTALLDIR)/usr/share/man/man8/squid.8 $(INSTALLDIR)/usr/share/man/man8/squid3.8 - mv $(INSTALLDIR)/usr/share/man/man8/pam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_pam_auth.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_ldap_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ldap_auth.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_ldap_group.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ldap_group.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_session.8 $(INSTALLDIR)/usr/share/man/man8/squid3_session.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_unix_group.8 $(INSTALLDIR)/usr/share/man/man8/squid3_unix_group.8 - mv $(INSTALLDIR)/usr/share/man/man8/ncsa_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ncsa_auth.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_db_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_db_auth.8 - mv $(INSTALLDIR)/usr/share/man/man8/squid_radius_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_radius_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_db_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_db_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_ldap_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_ldap_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_pam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_pam_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_sasl_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_sasl_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/digest_file_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_digest_file_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/ext_unix_group_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_unix_group_acl.8 + mv $(INSTALLDIR)/usr/share/man/man8/log_db_daemon.8 $(INSTALLDIR)/usr/share/man/man8/squid3_log_db_daemon.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_getpwnam_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_getpwnam_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_ncsa_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_ncsa_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/basic_radius_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_basic_radius_auth.8 + mv $(INSTALLDIR)/usr/share/man/man8/cachemgr.cgi.8 $(INSTALLDIR)/usr/share/man/man8/squid3_cachemgr.cgi.8 + mv $(INSTALLDIR)/usr/share/man/man8/ext_session_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_session_acl.8 + mv $(INSTALLDIR)/usr/share/man/man8/ext_wbinfo_group_acl.8 $(INSTALLDIR)/usr/share/man/man8/squid3_ext_wbinfo_group_acl.8 + mv $(INSTALLDIR)/usr/share/man/man8/negotiate_kerberos_auth.8 $(INSTALLDIR)/usr/share/man/man8/squid3_negotiate_kerberos_auth.8 install -m 755 -g root -d $(INSTALLDIR)/etc/init.d install -m 755 -g root -d $(INSTALLDIR)/etc/logrotate.d install -m 755 -g root -d $(INSTALLDIR)/etc/resolvconf diff -urN squid3-3.1.20/debian/squid3.install squid3-3.3.1/debian/squid3.install --- squid3-3.1.20/debian/squid3.install 2011-02-15 01:01:24.000000000 +0100 +++ squid3-3.3.1/debian/squid3.install 2013-02-26 14:05:08.000000000 +0100 @@ -8,11 +8,16 @@ usr/lib/squid3 usr/sbin/squid3 usr/share/man/man8/squid3.8 -usr/share/man/man8/squid3_db_auth.8 -usr/share/man/man8/squid3_ldap_auth.8 -usr/share/man/man8/squid3_ldap_group.8 -usr/share/man/man8/squid3_ncsa_auth.8 -usr/share/man/man8/squid3_pam_auth.8 -usr/share/man/man8/squid3_radius_auth.8 -usr/share/man/man8/squid3_session.8 -usr/share/man/man8/squid3_unix_group.8 +usr/share/man/man8/squid3_basic_db_auth.8 +usr/share/man/man8/squid3_basic_ldap_auth.8 +usr/share/man/man8/squid3_basic_pam_auth.8 +usr/share/man/man8/squid3_basic_sasl_auth.8 +usr/share/man/man8/squid3_digest_file_auth.8 +usr/share/man/man8/squid3_ext_unix_group_acl.8 +usr/share/man/man8/squid3_log_db_daemon.8 +usr/share/man/man8/squid3_basic_getpwnam_auth.8 +usr/share/man/man8/squid3_basic_ncsa_auth.8 +usr/share/man/man8/squid3_basic_radius_auth.8 +usr/share/man/man8/squid3_ext_session_acl.8 +usr/share/man/man8/squid3_ext_wbinfo_group_acl.8 +usr/share/man/man8/squid3_negotiate_kerberos_auth.8 diff -urN squid3-3.1.20/debian/squid-cgi.install squid3-3.3.1/debian/squid-cgi.install --- squid3-3.1.20/debian/squid-cgi.install 2010-05-02 19:28:26.000000000 +0200 +++ squid3-3.3.1/debian/squid-cgi.install 2013-02-26 14:05:21.000000000 +0100 @@ -1,3 +1,3 @@ usr/lib/cgi-bin/cachemgr.cgi -usr/share/man/man8/cachemgr.cgi.8 +usr/share/man/man8/squid3_cachemgr.cgi.8 etc/squid/cachemgr.conf