HAProxy known bugs for version v1.4.3 (maintenance branch 1.4)

This version (1.4.3) is a release belonging to maintenance branch 1.4 whose latest version is 1.4.27. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2016-03-141.4.27 ⇐ last
2015-02-011.4.26 
2014-03-271.4.25 
2013-06-171.4.24 
2013-04-031.4.23 
2012-08-141.4.22 
2012-05-211.4.21 
2012-03-101.4.20 
2012-01-081.4.19 
2011-09-161.4.18 
2011-09-051.4.17 
2011-08-041.4.16 
2011-04-081.4.15 
2011-03-291.4.14 
2011-03-091.4.13 
2011-03-081.4.12 
2011-02-101.4.11 
2010-11-291.4.10 
2010-10-291.4.9 
2010-06-161.4.8 
2010-06-071.4.7 
2010-05-161.4.6 
2010-05-131.4.5 
2010-04-071.4.4 
2010-03-301.4.3 ⇐ yours
2010-03-171.4.2 
2010-03-041.4.1 
2010-02-261.4.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 1.4 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
171 2 13 38 118

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2016-03-14BUG/MEDIUM: config: Adding validation to stick-table expire value.
2016-03-14BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
2015-11-18BUG/MEDIUM: http: switch the request channel to no-delay once done.
2015-11-05BUG/MINOR: acl: don't use record layer in req_ssl_ver
2015-11-05BUG/MEDIUM: config: count memory limits on 64 bits, not 32
2015-10-27BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
2015-10-27BUG/MINOR: config: check that tune.bufsize is always positive
2015-09-07BUG/MAJOR: http: don't call http_send_name_header() after an error
2015-09-07BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
2015-09-07BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
2015-05-01BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
2015-05-01BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
2015-05-01BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
2015-05-01BUG/MEDIUM: http: remove content-length from chunked messages
2015-01-30BUG/MINOR: http: abort request processing on filter failure
2015-01-30BUG/MINOR: checks: prevent http keep-alive with http-check expect
2015-01-30BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
2015-01-30BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
2015-01-30BUG/MINOR: config: don't inherit the default balance algorithm in frontends
2015-01-30BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
2015-01-30BUG/MINOR: log: fix request flags when keep-alive is enabled
2015-01-30BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
2015-01-30BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
2015-01-30BUG/MEDIUM: config: userlists should ensure that encrypted passwords are supported
2015-01-30BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm
2015-01-30BUG/MEDIUM: backend: Update hash to use unsigned int throughout
2015-01-30BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()
2015-01-30BUG/MINOR: stats: fix a typo on a closing tag for a server tracking another one
2015-01-30BUG/MINOR: http: don't report server aborts as client aborts
2015-01-30BUG/MINOR: build: handle whitespaces in wc -l output
2015-01-14BUG/MAJOR: buffer: don't schedule data in transit for leaving until connected
2015-01-14BUG/MAJOR: buffer: fix possible integer overflow on reserved size computation
2015-01-07BUG/MAJOR: http: fix again http-send-name-header
2014-03-27BUG/MEDIUM: http: don't start to forward request data before the connect
2014-03-27BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN for recv()
2014-03-27BUG/MINOR: stream-int: also consider ENOTCONN in addition to EAGAIN
2014-03-27BUG/MINOR: channel: initialize xfer_small/xfer_large on new buffers
2014-03-27BUG/MEDIUM: http/auth: Sometimes the authentication credentials can be mix between two requests
2014-03-27BUG/MEDIUM: stats: the web interface must check the tracked servers before enabling
2014-03-27BUG/MINOR: checks: successful check completion must not re-enable MAINT servers
2014-03-27BUG/MINOR: stats: correctly report throttle rate of low weight servers
2014-03-27BUG/MINOR: stats: report correct throttling percentage for servers in slowstart
2014-03-27BUG/MEDIUM: checks: tracking servers must not inherit the MAINT flag
2014-03-27BUG/MEDIUM: stick-tables: complete the latest fix about store-responses
2014-03-27BUG/MEDIUM: stick: completely remove the unused flag from the store entries
2014-03-27BUG/MINOR: backend: fix target address retrieval in transparent mode
2014-03-27BUG/MAJOR: server: weight calculation fails for map-based algorithms
2014-03-27BUG/MEDIUM: checks: fix slow start regression after fix attempt
2014-03-27BUG/MINOR: acl: remove patterns from the tree before freeing them
2014-03-27BUG/MINOR: fix forcing fastinter in "on-error"
2013-09-01BUG/MINOR: use the same check condition for server as other algorithms
2013-09-01BUG/MEDIUM: server: set the macro for server's max weight SRV_UWGHT_MAX to SRV_UWGHT_RANGE
2013-09-01BUG/MINOR: deinit: free fdinfo while doing cleanup
2013-07-04BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
2013-07-04BUG/MAJOR: http: don't emit the send-name-header when no server is available
2013-06-17BUG/CRITICAL: fix a possible crash when using negative header occurrences
2013-04-26BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks are used
2013-04-18BUG/MAJOR: backend: consistent hash can loop forever in certain circumstances
2013-04-03BUG/CRITICAL: using HTTP information in tcp-request content may crash the process
2013-03-31BUG/MAJOR: ev_select: disable the select() poller if maxsock > FD_SETSIZE
2013-03-19BUG/MINOR: checks: fix an warning introduced by commit 2f61455a
2013-03-19BUG/MINOR: Correct logic in cut_crlf()
2013-03-19BUG/MEDIUM: uri_auth: missing NULL check and memory leak on memory shortage
2013-03-19BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
2013-03-19BUG/MEDIUM: checks: ensure the health_status is always within bounds
2013-03-19BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
2013-03-19BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
2013-03-19BUG/MEDIUM: remove supplementary groups when changing gid
2012-12-30BUG/MINOR: http: don't process abortonclose when request was sent
2012-12-30BUG/MINOR: time: frequency counters are not totally accurate
2012-12-30BUG/MINOR: http: don't abort client connection on premature responses
2012-12-30BUG/MEDIUM: tcp: process could theorically crash on lack of source ports
2012-12-30BUG/MINOR: http: don't log a 503 on client errors while waiting for requests
2012-12-30BUG/MINOR: http: don't report client aborts as server errors
2012-12-29BUG/MAJOR: cli: show sess may randomly corrupt the back-ref list
2012-12-29BUG: halog: fix broken output limitation
2012-11-01BUG: fix garbage data when http-send-name-header replaces an existing header
2012-11-01BUG/MEDIUM: command-line option -D must have precedence over "debug"
2012-11-01BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel mode
2012-11-01BUG/MINOR: halog: fix help message for -ut/-uto
2012-11-01BUG/MINOR: halog: -ad/-ac report the correct number of output lines
2012-10-09BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
2012-10-09BUG/MINOR: config: use a copy of the file name in proxy configurations
2012-08-09BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
2012-06-09BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on full-length matches
2012-06-06BUG/MINOR: config: do not report twice the incompatibility between cookie and non-http
2012-06-02BUG/MEDIUM: option forwardfor if-none doesn't work with some configurations
2012-05-25BUG/MINOR: checks: expire on timeout.check if smaller than timeout.connect
2012-05-20BUG/MINOR: stop connect timeout when connect succeeds
2012-05-19BUG/MAJOR: checks: don't call set_server_status_* when no LB algo is set
2012-05-19BUG/MAJOR: trash must always be the size of a buffer
2012-05-16BUG/MINOR: http: error snapshots are wrong if buffer wraps
2012-04-23BUG/MEDIUM: balance source did not properly hash IPv6 addresses
2012-03-24BUG/MAJOR: possible crash when using capture headers on TCP frontends
2012-03-09BUG/MINOR: stream_sock: don't remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on partial writes
2012-03-09BUG: checks: fix server maintenance exit sequence
2012-03-05BUG: http: disable TCP delayed ACKs when forwarding content-length data
2012-03-01BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
2012-01-20BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
2012-01-20BUG/MEDIUM: correctly disable servers tracking another disabled servers.
2012-01-09BUG/MINOR: fix typo in processing of http-send-name-header
2012-01-07BUG: http: tighten the list of allowed characters in a URI
2011-12-22BUG: proto_tcp: set AF_INET on tproxy for use with recent kernels
2011-12-17BUG: http: re-enable TCP quick-ack upon incomplete HTTP requests
2011-12-17BUG: ebtree: ebst_lookup() could return the wrong entry
2011-12-17BUG: tcp: option nolinger does not work on backends
2011-10-31BUG/MEDIUM: checks: fix slowstart behaviour when server tracking is in use
2011-10-09BUG/MINOR: fix options forwardfor if-none when an alternative header name is specified
2011-09-16BUG/MEDIUM: don't trim last spaces from headers consisting only of spaces
2011-09-05[BUG] http: trailing white spaces must also be trimmed after headers
2011-09-05[BUG] check: http-check expect + regex would crash in defaults section
2011-07-09[BUG] halog: correctly handle truncated last line
2011-06-17[BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
2011-05-31[BUG] stats: support url-encoded forms
2011-04-13[BUG] checks: http-check expect could fail a check on multi-packet responses
2011-03-28[BUG] http: fix content-length handling on 32-bit platforms
2011-03-27[BUG] http: fix possible incorrect forwarded wrapping chunk size (take 2)
2011-03-09[BUG] config: don't crash on empty pattern files.
2011-03-04[BUG] stats: admin web interface must check the proxy state
2011-03-04[BUG] stats: admin commands must check the proxy state
2011-03-01[BUG] http: balance url_param did not work with first parameters on POST
2011-03-01[BUG] http: fix computation of message body length after forwarding has started
2011-03-01[BUG] http: fix possible incorrect forwarded wrapping chunk size
2011-03-01[BUG] acl: fd leak when reading patterns from file
2011-03-01[BUG] acl: srv_id must return no match when the server is NULL
2011-02-16[BUG] startup: set the rlimits before binding ports, not after.
2011-02-16[BUG] cfgparse: correctly count one socket per port in ranges
2011-02-13[BUG] http: use correct ACL pointer when evaluating authentication
2011-02-12[BUG] http: update the header list's tail when removing the last header
2011-01-04[BUG] ebtree: fix ebmb_lookup() with len smaller than the tree's keys
2011-01-03[BUG] acl: fix handling of empty lines in pattern files
2010-12-29[BUG] session: release slot before processing pending connections
2010-12-29[BUG] http: fix incorrect error reporting during data transfers
2010-12-29[BUG] stream_interface: truncate buffers when sending error messages
2010-12-29[BUG] http chunking: don't report a parsing error on connection errors
2010-12-29[BUG] http: fix http-pretend-keepalive and httpclose/tunnel mode
2010-11-28[BUG] http: correctly update the header list when removing two consecutive headers
2010-11-19[BUG] appsession: fix possible double free in case of out of memory
2010-11-19[BUG] capture: do not capture a cookie if there is no memory left
2010-11-19[BUG] debug: report the correct poller list in verbose mode
2010-10-28[BUG] config: report the correct proxy type in tcp-request errors
2010-10-28[BUG] http: denied requests must not be counted as denied resps in listeners
2010-10-28[BUG] ebtree: fix duplicate strings insertion
2010-10-23[BUG] cookie: correctly unset default cookie parameters
2010-10-22[BUG] proto_tcp: potential bug on pattern fetch dst and dport
2010-10-22[BUG] config: report correct keywords for "observe"
2010-10-17[BUG] checks: don't log backend down for all zero-weight servers
2010-10-06[BUG] deinit: unbind listeners before freeing them
2010-10-06[BUG] http: don't consider commas as a header delimitor within quotes
2010-09-28[BUG] Restore info about available active/backup servers
2010-09-28[BUG] stream_sock: try to flush any extra pending request data after a POST
2010-09-28[BUG] ebtree: string_equal_bits() could return garbage on identical strings
2010-09-21[BUG] stream_sock: cleanly disable the listener in case of resource shortage
2010-08-08[BUG] stats: global stats timeout may be specified before stats socket.
2010-08-08[BUG] queue: don't dequeue proxy-global requests on disabled servers
2010-08-08[BUG] stats: session rate limit gets garbaged in the stats
2010-06-16[BUG] client: don't add a new session to the list too early
2010-06-16[BUG] stick_table: the fix for the memory leak caused a regression
2010-06-07[BUG] debug: correctly report truncated messages
2010-06-07[BUG] debug: wrong pointer was used to report a status line
2010-06-07[BUG] http: report correct flags in case of client aborts during body
2010-06-07[BUG] frontend: always ensure to zero rep->analysers
2010-06-07[BUG] proxy: connection rate limiting was eating lots of CPU
2010-06-06[BUG] stick_table: fix possible memory leak in case of connection error
2010-05-31[BUG] http: the transaction must be initialized even in TCP mode (part 2)
2010-05-25[BUG] consistent hash: balance on all servers, not only 2 !
2010-05-25[BUG] tcp: dropped connections must be counted as "denied" not "failed"
2010-05-20[BUG] http: the transaction must be initialized even in TCP mode
2010-05-20[BUG] http: dispatch and http_proxy modes were broken for a long time
2010-05-09[BUG] cttproxy: socket fd leakage in check_cttproxy_version
2010-04-07[BUG] appsession should match the whole cookie name

Back to the list of branches and versions
Back to the HAProxy page