19970405

Patch for version 1.1.9.

19970505

Patch updated for 1.1.10.

19970803

Patch updated for 1.1.11 including fixes.

Fixes:

- Fixed a bug in acl.c where every proxy-authentication request whould
  set p->last_time to squid_curtime. This should only happen when the passwd
  files has been reread (Chris Pascoe).

- Replaced

	if (buf.st_mtime > p->change_time)

  with

	if (buf.st_mtime != p->change_time)

  so that we reload on changed timestamp instead of newer timestamp.
  Suggested by Chris Pascoe.

The fix from Chris Pascoe to not send the Proxy-Authorization: line to
other caches/servers has already been included in 1.1.11.

19970803

Patch updated for 1.1.12/13/14 including importing fixes to the original
proxy_auth code in 1.1.12:

- coredump fix for empty password fields in password file ()

- Not imported: Proxy-authorization: stripping in http.c only when
  Config.proxAuth.File exists.

  In the ACL proxy_auth patch Config.proxyAuth does not exist anymore.
  Should we implement something similar?

NOTE: 1.1.12/13 are considered broken, I just used it to import some fixes.

19971115

Patch updated for 1.1.15-1.1.18. The security fix from David Luyer which
appeared in 1.1.16 has also been applied to the ACL proxy_auth code.

19971223

Patch updated for 1.1.19.

19980207

Patch updated for 1.1.20.

Thanks to the following people for suggestions, patches and/or remarks:

Chris Pascoe
David Richards
Chris Tilbury
David Luyer