Package: squid3 Version: 3.1.6-1.2+squeeze2 Severity: normal Today I visited
http://bugs.debian.oooooorg/systemd by accident since the "o" key in my keyboard got stuck. I noticed that the error page | ERROR | The requested URL could not be retrieved | | The following error was encountered while trying to retrieve the URL: http://bugs.debian.oooooorg/systemd | | Unable to determine IP address from host name "bugs.debian.oooooorg" | | The DNS server returned: | | Name Error: The domain name does not exist. | | This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct. | | Your cache administrator is webmaster. uses an external image file http://www.squid-cache.org/Artwork/SN.png. Shouldn't this be included in /usr/share/squid3/icons? Using external files has at least the following problems: 1) If squid-cache.org goes down the error pages won't be as pretty :) 2) Fetching external files adds extra latency :) 3) Thanks to the Referer header squid-cache.org can collect list of typos that people make. This can be an mild privacy issue: GET /Artwork/SN.png HTTP/1.1 Host: www.squid-cache.org User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.16) Gecko/20120511 Iceweasel/3.5.16 (like Firefox/3.5.16) Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Referer: http://bugs.debian.oooooorg/systemd Pragma: no-cache Via: 1.1 localhost (squid/3.1.6) X-Forwarded-For: 10.7.6.28 Cache-Control: no-cache Connection: keep-alive 4) According to http://www.squid-cache.org/Artwork/ the image that is used is non-free (CC BY-NC-SA 3.0). More info: 1) This change has been made in the following upstream bzr commit: revno: 9327 committer: Amos Jeffries <squ...@treenet.co.nz> branch nick: trunk timestamp: Mon 2008-10-27 19:53:22 +1300 message: Polish Error Page CSS Update errorpage.css content to display error pages matched to squid-cache.org website color scheme and styles including logo. Add Creative Commons Licence to the CSS file distributed. Also fix paths for out-of-tree translation. 2) It seems the problem has been noticed elsewhere in the internet but I couldn't find any reports in bugs.debian.org yet: http://www.sput.nl/software/squid31.html http://www.hutsby.net/2011_01_01_archive.html http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-3-1-6-tracking-image-td2327795.html http://www.squid-cache.org/mail-archive/squid-users/201102/0013.html http://www.squid-cache.org/mail-archive/squid-users/201103/0125.html 3) It seems that SN.png was included to upstream bzr last year: revno: 11209 committer: Amos Jeffries <squ...@treenet.co.nz> branch nick: trunk timestamp: Mon 2011-02-07 02:46:38 +1300 message: Icons Upgrade This updates the icons from the current anthony-* GIF series to the completely free PNG silk icons by Mark James. Why? * Avoiding GIF format makes Squid just a little bit more FOSS than before. * These icons are also just a little bit smaller and slicker. * Distros which package the silk icons separately for other apps can leverage those packages and share the icons. Also moves the icons to /var/www/squid/icons in accordance with the Unix filesystem specs for static web content. This suggests that SN.png could be free after all? Or maybe upstream thinks that CC BY-NC-SA 3.0 is free? In any case this needs to be verified before uploading a new version. -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-0.bpo.2-amd64 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages squid3 depends on: ii adduser 3.112+nmu2 add and remove users and groups ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib ii libcap2 1:2.19-3 support for getting/setting POSIX. ii libcomerr2 1.41.12-4stable1 common error description library ii libdb4.8 4.8.30-2 Berkeley v4.8 Database Libraries [ ii libexpat1 2.0.1-7 XML parsing C library - runtime li ii libgcc1 1:4.4.5-8 GCC support library ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - k ii libk5crypto3 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries - C ii libkrb5-3 1.8.3+dfsg-4squeeze5 MIT Kerberos runtime libraries ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries ii libltdl7 2.2.6b-2 A system independent dlopen wrappe ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l ii libsasl2-2 2.1.23.dfsg1-7 Cyrus SASL - authentication abstra ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3 ii libxml2 2.7.8.dfsg-2+squeeze4 GNOME XML library ii logrotate 3.7.8-6 Log rotation utility ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip ii netbase 4.45 Basic TCP/IP networking system ii squid3-common 3.1.6-1.2+squeeze2 A full featured Web Proxy cache (H squid3 recommends no packages. Versions of packages squid3 suggests: pn resolvconf <none> (no description available) ii smbclient 2:3.5.6~dfsg-3squeeze8 command-line SMB/CIFS clients for pn squid-cgi <none> (no description available) pn squidclient <none> (no description available) -- Configuration Files: /etc/squid3/squid.conf changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
