Hey, indeed. Luckily we are not users of this SSL bump nightmare. Best, -Michael > On 4 Jan 2019, at 18:02, Matthias Fischer wrote: > > Hi, > > On 02.01.2019 20:11, Michael Tremer wrote: >>> ... >>>> >>>> Why do they compare everything to squid 3.5 then? >>> >>> No idea. Perhaps to make upgrading easier for people running >>> (huge/complex) 3.x-installations? They even still list "missing >>> squid.conf options available in Squid-2.7"! ;-) >>> >>> ...3.x will not be continued, see: >>> >>> https://wiki.squid-cache.org/RoadMap/Squid3 >>> >>> "We are no longer releasing new Squid series with 3.x numbers.” >> >> No, it is indeed time to migrate! >> ... > Just for completeness - excerpts from the official announcement which > came today: ;-) > > ***SNIP*** > The Squid HTTP Proxy team is very pleased to announce the availability > of the Squid-4.5 release! > > This release is a security and bug fix release resolving several issues > found in the prior Squid releases. > > The major changes to be aware of: > > * Bug 4253: ssl_bump prevents access to some web contents > > ... > > * Redesign forward_max_tries to count TCP connection attempts > > ... > > * Fix client_connection_mark ACL handling of clientless transactions > > ... > > * Multiple NetDB behaviour updates > > ... > > * The logformat code %>handshake is added > > ... > > * Use pkg-config for detecting libxml2 > > ... > > All users of Squid-4 with SSL-Bump functionality are urged to upgrade > as soon as possible. > > All other users of Squid-4 are encouraged to upgrade as time permits. > > All users of Squid-3 are encouraged to upgrade where possible. > ***SNAP*** > > The last sentence says it all... > > Best, > Matthias