Release 1.6.0  (2019-02-02)

		Add support for IPv6 protocol (as in squid 3.x).
		Bugfix: Convert special characters to fix XSS security problem.
		Move text files to UTF-8 format.

		Add $DESTDIR in Makefile.in file (thanks to Adam Cécile).
		Move setuserinfo() into sg.y.in file.
		Fix for missing content after percent sign (thanks to A.R. Nicols).
		Fix time printing format in sgDiv.c.in file.
		Fix for working (only) with squid 3.4 and higher.

		Rename configure.in to configure.ac (for autoconf).
		Remove generated files (install-sh, mkinstalldirs).
		Remove obsolete content (ANNOUNCE, ISSUES.txt).
		Add autogen.sh script to generate configure file.
		Update and optimize configure.ac. Remove config.h.in.



Release 1.5.1  (2014-09-22)

		Updated links in documentation files.
		Updated sample files to use default UTF-8.
		Use newer OpenLDAP search (thanks to Denis Bonnenfant).
		Enable 'ldap deprecated' flag.



Release 1.5.0  (2011-05-31)

2011-05-30	Fixed typo in test/Makefile.in (thank you, Claudio Correa).
		Fixed a problem with compilation using Berkeley DB 5.x (thank you,
		Stephen Voels).

2010-09-09	Fixed inconsistent blocking (bug 59). Replaced defined routine
		in sgDB.c

2010-09-08	Added Russian translation to squidGuard.cgi.in (thanks to
		Vladimir Ipatov)

2009-09-30	Added patch by beber and gentoo (thank you!) to fix a problem
		when cross compiling (bug 56).

2009-09-27	Added patch by gentoo to fix aclocal warnings (bug 57).

2009-09-15	Added a feature to send log messages to syslog based on the
		patch from Jun Jiang (thank you). (bug 42)  In order to use
		syslog you have to run configure with the new option
		"--with-syslog". In the configuration file you need to add
		a line "syslog enable". If any other value but "enable" is
		used syslog is disabled and logging to squidGuard.log takes
		place as usual.
		The following log level are used: DEBUG, NOTICE, WARN, ERROR
		and EMERG. The local4 syslog facility is used by default.
		If you want to change this, use the configure option
		"--with-syslog-facility=<facility>".

2009-09-12	Anonymized passwords (for connecting to the ldap or mysql 
		server) written to logfiles when squidGuard is starting.
		Added two configure options for choosing different location
		for the LDAP include and library files.

2009-08-25	Added patch to check IP addresses against LDAP. Patch by
		Denis Bonnenfant (bug 41) - thank you.

2009-08-23	Added patch to allow quoted strings in the configuration
		file (bug 53). For more information see README.QuotedStrings.
		Thanks to Iain Fothergill for providing the patch.
		Removed the fix for usernames starting with a number because
		it breaks the time declarations.

2009-05-08	Fixed re-opened bug 12: a problem with regular expressions.
		An entry like "www\.google\.de" did not block www.google.de
		which it was supposed to do. Solving this issue solved
		bug 46 as well.

2009-05-08	Added patch by INL to enable blocking against DNS based
		blacklists (bug 55).

2009-05-03	Fixed bug 49: Using numeric username made squidGuard goes
		into emergency mode. This has been fixed. Usernames can
		now start with a number, be numeric and can additionally
		contain the following characters: @,à,é,è,ñ,á,ì,í,ò,ó,ù,ú.



Release 1.4.1  (2009-04-19)

2009-04-19	Fix of a bypass problem with URLs which length is close to
		the limit defined by MAX_BUF (default: 4096) in squidGuard and
		MAX_URL (default: 4096 in squid 2.x and 8192 in squid 3.x) in
		squid. Increasing the buffer limit to be higher than the one
		defined in MAX_URL solves the issue.

		Fix of another bypass problem, which is related to the definition
		of these buffer limits. Once squidGuard finds the parsed URL to
		be candidate for blocking it return the block URL defined in the
		squidGuard configuration. The bypass occurs when the redirect URL
		shall contain the information about the original URL.

2009-04-15	Fix of one buffer overflow problem in sgLog.c when overlong
		URLs are requested (bug 52 - error message for vsprintf).
		Thanks to Dirk Schoebel for suggesting the proper fix.

		ATTENTION:  While squidGuard will no longer go into emergeny mode
		when one overlong URL is passed to it, it is possible to use the
		overlong URL to bypass the filter. This vulnerability is not fixed
		by this patch!



Release 1.4.0  (2009-01-03)

2008-12-23	Included last fixes for 1.4 final.

2008-07-23	Some cleanup and fine work: added information about "-b"
		parameter to the help output. Added "!" to the list of
		allowed characters in urls.

2008-07-14	Fixed bug40: When an url ended in "://" squidGuard crashed.
		This has been fixed (the end of the url is now tested).

		Fixed bug39: squid was complaining about stdout messages from 
		squidGuard during the db update as a result of the progress
		bar output. The output has been moved to stderr.

2008-07-11	Added a switch to turn on the progress bar. The old default
		behaviour has been restored to not show anything. To see the
		progress of the compilation of the db files, use the command
			squidGuard -b
		(-b for "bar" - the progressbar).

2008-07-05	Fixed bug 37: The sample block script squidGuard.cgi has been
		rewritten to fix some bugs (basically warnings due to old perl
		syntax but problem with the language selection as well) and to
		enable an easier integration of additional languages. If a new
		language shall be supported create a babel file the same way
		the others are build and add the language to the supported hash
		in squidGuard.cgi. The location of the babel files is the same
		as for squidGuard.cgi. If you want to change the location change
		the path in squidGuard.cgi (line 298).

		The layout of the block page has been improved a bit as well.
		Fixed bug 23: Syntax error when using "~" in redirect statement.
		The "~" was not in the list of allowed characters for the
		redirect url.

		Fixed bug 34: On some system y.tab.c and y.tab.h were not properly
		created although bison was installed. This led to errors during
		compilation. If now no _executable_ bison is found, make copies
		the files over. The prepared files have been updated, too.

2008-06-13	Fixed bug 38: Bypass vulnerability using trailing dots. This 
		problem only occurs when squid 3.0 is used. Squid 2.6 removes
		trailing dots from domains before passing them to squidGuard.

2008-05-17	Removed the automatic download of the documentation when running
		"make install". From now on the documentation will be updated as
		part of the release.

2008-05-15	Corrected bugs 31 and 35: The "make install" command now tests
		if the directory of the configuration file exists. If it is not
		existing, the directory is created. 

		If flex/lex is not installed "make" gave errors instead of just
		copying the prepared flex file. If no flex/lex is found during
		the configure run, "make" checks again and copies the prepared
		file now fine.

2008-04-18	Added MySQL support for authentication based on a patch from
		Chris Fletcher (thank you). (bug 19.) Tested with MySQL 5.0.
		To use MySQL configure must be started with the new option
		"--with-mysql". If MySQL is not installed under   /usr   or 
		/usr/local   you can specify a directory with this option. The
		database is assumed to be configured on localhost.

		Four new statements are required for MySQL support in the 
		configuration file: 
		- mysqlusername (user to connect to the database)
		- mysqlpassword (password to authenticate 'mysqlusername')
		- mysqldb (database to use within mysql)
		- userquery (the sql query WITHOUT the trailing ';')

2008-04-16	Fixed configure.in to comply with the autoconf standard and
		produced an updated version of configure. As a result a couple
		of configure options changed their syntax:
		. to set the squid runtime user use --with-squiduser=<username>
		  (default is "squid")
		. to suppress log messages except for start and stop messages
		  use:  --with-nolog=yes  (default is "no").

2008-03-12	Fixed broken "make test" (bug 17).
		Adjusted version.h.

2008-03-12	Added new runtime parameter "-P". This parameter changes
		the default behaviour from stop (emergency mode) to pass
		when an error in building the database files occurs. So
		this parameter only works in connection with the runtime
		paramter "-C". Before using "-P" in your environment
		make sure that nothing breakes when the building of the
		db files fail.

2008-01-19	Included some changes of a set of patches collated or 
		developed by Chris Pates and Iain Fothegill of the CLEO 
		Systems at Lancaster University

2007-12-31	Added Spanish translation to squidGuard.cgi (thank you, Samuel
		García for the translation) (bug 26).



Release 1.3.1  (2008-07-14)

2007-11-17	Fix problem when running the blacklist update (squidGuard -C)
		from cron or some other batch system.

2008-06-13	Fix problem with trailing dots in domain names. If a domain
		is delivered to squidGuard with a trailing dot the blocking can
		be bypassed.

2008-07-14	Squid complaining about the output of the progress bar going
		to stdout but is no sent to stderr. Fixed sgDb.c.

		Fix crash when an URL was encountered ending with "://". Fixed
		sgDiv.c.



Release 1.3.0  (2017-11-03)

2007-09-19	Included configurable logging. New configure option --nolog
		suppress all runtime logmessages. Start and stop is still logged.
		Default behaviour is now to log the non debug messages except
		when the runtime option -d is supplied to squidGuard. May need
		some more finetuning in later versions. (bug 11)
		Made some slight changes to the outdated FAQ file.

2007-09-13	Modified auth code to work with and without ldap (choosing
		subroutine rfc1738_unescape or sgFindUser in sg.y.in)

2007-08-20	Corrected include statement in sg.h.in.

2007-07-16	Added patch by Marc Clayton to include a progressbar to the
	 	build of the database files (bug 6).

2007-07-01	Added patch by Eric Harrison to enable full sed compliance
		to rewrite statements (bug 7).

2007-06-02	Corrected missing evaluation of configure parameters for
		logdir, dbhome and config file (bug 11).

2007-05-25	Added patch from satish to block urls entries that include
		hostnames (bug 4).

2007-05-20	Fixed broken regex evaluation (bug 12)
		Fixed a compile problem on some systems (bug 10).

2007-05-10	Corrected an issue with the fix for the double
		slash vulnerability (incorrectly found double
		slashes) (bug 1). 



Release 1.2.5  (2007-05-20)

2007-05-13	Fixed double slash bug in the file sgDiv.c.

2007-05-20	Added more bug fixes to compile properly sgDiv.c.



Release 1.2.4  (2007-04-15)

2007-04-10	Fixed multiple slash bypass vulnerabilty.

2007-03-17	Fixed some bugs in squidGuard-simple.cgi and added a
		German version of it.

2007-03-16	Fixed encoding bypass vulnerabilty.

2007-03-16	Updated y.tab.c.bison and y.tab.h.bison to the recent
		version.

2007-02-02	Fixed bug in user authentication.

2007-01-20	Fixed some typos which broke compilation on Sun Solaris
		when using the Sun CC compiler.

2007-01-12	Corrected unproper evaluated if-clause, which broke the
		BerkeleyDB 2 compatibility.

		Fixed minor typo in samples/Makefile.in.

2006-12-29	Replaced the sleepycat links from the configure program with
		the Oracle links. Corrected typo in Makefile.in.

2006-12-16	Removed a stupid bug from the Makefile in the docs directory.

2006-12-10	Removed references to squidguard.org in Makefile.in in the
		Doc directory (squidguard.org is down).

		Added ISSUES.txt file about known problem with the current
		code (any information that is missing and should go in there
		is gladly welcomed).

2006-06-17	Release now supports LDAP queries for authentication:
		Added Chris Frey's ldap patches and fixes (03, 05, 06,
		07 and 10; Patches from:
		http://www.netdirect.ca/software/category.php?cat=SquidGuard).

		The LDAP feature can be included during the configure run
		by setting --with-ldap. Per default ldap support will not
		be compiled in.

		Added a fix provided by Francesco Ranieri to solve an issue
		with the (un)escaping of the authentication "domain%5cusername".



Release 1.2.3  (2006-01-20)

2005-12-09	Modfied configure Skript to allow to specify the name of 
		the useraccount the squid cache is using.

		Modified Makefile.in that during the installation the
		necessary squidGuard directories are created if they are
		not existing. Additionally a default configuration file
		will be copied to the default location for squidGuard unless
		an old one is found there. 



Release 1.2.2  (2005-10-13)

2005-10-13	Added Adam Gorski's bugfix to correct a a null pointer access
	 	bug in logging.

		Added Chris Freys bugfix a bug where it won't search the url
		db if the domain db is empty.

		Added Chris Frey's buffer overflow checks (except for commenting
		out the part from line 446 to 470 in sgDb.c). (Patches from:
		http://www.netdirect.ca/software/category.php?cat=SquidGuard)



Release 1.2.1  (2005-10-11)

2005-10-11	Added support for Berkeley DB 4.x



Release 1.2.0  (2001-12-18)

2001-06-01	The source block takes a new argument: continue. With this
		command an ipaddress or user can be configured in serval 
		sourceblocks. If a client is found but not blocked, squidGuard
		will continue to search in the next source block, if the 
		continue command is defined. Thanks to Valentin Chopov 
		<valentin@valcho.net> for the patch

2001-06-01	Fixed configure.in so that it detects the supported
		db lib.

2001-05-15 	Userquota: userqouta <seconds> <sporadic> <renew>
		<renew> can be hourly|dayly|weekly|seconds. <sporadic>
		if a request comes within the number of seconds given
		in the sporadic field the remaining time of the user will
		decrease. userquota 3600 60 14400, gives the user one hour
		surfing every 4th hour. If a user have a pause for more 
		than a minute, the used timed does not increase.

		userquota 3600 0 14400, gives the user one hour surfing
		every 4th hour. userquota 3600 0 daily gies the user
		one hour surfing a day.

2001-05-11	Userquota. In an source block you can now write 
		"userquota seconds hourly|daily|weekly". This meens that
		a timer starts ticking when a user access an url. The user
		is blocked when the time is used up. The user does not get
		access until the next hour,day or week. userquota 3600 daily,
		gives the user one hour surfing a day. 

2001-03-02	Support for 3.2.* version of BerkleyDB. Previous version of
		bdb 3.* is not suported. SquidGuard is still 2.7.7 compatible.
		configure will check for vallid versions of bdb. (leh)



Changes before 1.2.0 see file CHANGELOG.old