- Due to a bug in the ConnStateData::noteMoreBodySpaceAvailable() function, child processes of squid aborted upon encountering a failed assertion. An upstream patch has been provided to address this issue and squid child processes no longer abort in the described scenario.
- Due to an upstream patch, which renamed the HTTP header controlling persistent connections from "Proxy-Connection" to "Connection", the NTLM pass-through authentication does not work, thus preventing login. This update introduces the new "http10" option to the squid.conf file, which can be used to enable the change in the patch. This option is set to "off" by default. When set to "on", the NTLM pass-through authentication works properly, thus allowing login attempts to succeed.
- When the IPv6 protocol was disabled and squid tried to handle an HTTP GET request containing an IPv6 address, the squid child process terminated due to signal 6. This bug has been fixed and such requests are now handled as expected.
- The old "stale if hit" logic did not account for cases where the stored stale response became fresh due to a successful re-validation with the origin server. Consequently, incorrect warning messages were returned. With this update, squid no longer marks elements as stale in the described scenario, thus fixing this bug.