HAProxy known bugs for maintenance branch 1.4

This is maintenance branch 1.4 whose latest version is 1.4.27. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 1.4 version other than 1.4.27, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

DateVersionComment
2016-03-141.4.27 ⇐ last
2015-02-011.4.26 
2014-03-271.4.25 
2013-06-171.4.24 
2013-04-031.4.23 
2012-08-141.4.22 
2012-05-211.4.21 
2012-03-101.4.20 
2012-01-081.4.19 
2011-09-161.4.18 
2011-09-051.4.17 
2011-08-041.4.16 
2011-04-081.4.15 
2011-03-291.4.14 
2011-03-091.4.13 
2011-03-081.4.12 
2011-02-101.4.11 
2010-11-291.4.10 
2010-10-291.4.9 
2010-06-161.4.8 
2010-06-071.4.7 
2010-05-161.4.6 
2010-05-131.4.5 
2010-04-071.4.4 
2010-03-301.4.3 
2010-03-171.4.2 
2010-03-041.4.1 
2010-02-261.4.0 

Fixes for known bugs pending in this branch since the last release (1.4.27)

These fixes have already been queued for the next 1.4 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

TotalCRITICALMAJORMEDIUMMINOR
0 0 0 0 0

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

DateSubject
2017-12-10BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
2017-12-10BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
2017-12-10BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
2017-12-10BUG/MEDIUM: lua/notification: memory leak
2017-12-08BUG/MEDIUM: threads/vars: Fix deadlock in register_name
2017-12-08BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
2017-12-07BUG/MEDIUM: h2: fix handling of end of stream again
2017-12-06BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
2017-12-06BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
2017-12-06BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
2017-12-06BUG/MEDIUM: mworker: also close peers sockets in the master
2017-12-04BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
2017-12-04BUG/MAJOR: hpack: don't pretend large headers fit in empty table
2017-12-04BUG/MINOR: action: Don't check http capture rules when no id is defined
2017-12-03BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
2017-12-03BUG/MEDIUM: h2: do not accept upper case letters in request header names
2017-12-03BUG/MEDIUM: h2: remove connection-specific headers from request
2017-12-03BUG/MINOR: h2: reject response pseudo-headers from requests
2017-12-03BUG/MINOR: h2: properly check PRIORITY frames
2017-12-03BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
2017-12-03BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
2017-12-03BUG/MEDIUM: h2: enforce the per-connection stream limit
2017-12-03BUG/MINOR: h2: the TE header if present may only contain trailers
2017-12-03BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
2017-12-03BUG/MINOR: h2: ":path" must not be empty
2017-12-03BUG/MINOR: h2: try to abort closed streams as soon as possible
2017-12-03BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
2017-12-03BUG/MAJOR: h2: correctly check the request length when building an H1 request
2017-12-03BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
2017-12-03BUG/MINOR: hpack: reject invalid header index
2017-12-03BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
2017-12-03BUG/MINOR: hpack: fix debugging output of pseudo header names
2017-12-03BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
2017-12-02BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
2017-12-02BUG/MINOR: mworker: detach from tty when in daemon mode
2017-12-02BUG/MINOR: mworker: fix validity check for the pipe FDs
2017-12-01BUG/MAJOR: thread/peers: fix deadlock on peers sync.
2017-11-29BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
2017-11-29BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
2017-11-29BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
2017-11-29BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
2017-11-29BUG/MEDIUM: stream: fix session leak on applet-initiated connections
2017-11-28BUG/MEDIUM: cache: bad computation of the remaining size
2017-11-28BUG/MEDIUM: ssl: don't allocate shctx several time
2017-11-28BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
2017-11-26BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
2017-11-26BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
2017-11-26BUG/MINOR: threads: don't drop "extern" on the lock in include files
2017-11-24CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
2017-11-24BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
2017-11-24BUG/MEDIUM: cache: free ressources in chn_end_analyze
2017-11-24BUG/MEDIUM: stream: always release the stream-interface on abort
2017-11-23BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
2017-11-23BUG/MAJOR: h2: always remove a stream from the send list before freeing it
2017-11-23BUG/MINOR: stream: fix tv_request calculation for applets
2017-11-23BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
2017-11-23BUG/MEDIUM: threads/time: maintain a common time reference between all threads
2017-11-23BUG/MEDIUM: threads/time: fix time drift correction
2017-11-22MINOR: pools: implement DEBUG_UAF to detect use after free
2017-11-22BUG/MINOR: ssl: Always start the handshake if we can't send early data.
2017-11-22BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
2017-11-22BUG/MEDIUM: cache fix cli_kws structure
2017-11-22BUG/MEDIUM: cache: refcount forbids to free the objects
2017-11-22BUG/MEDIUM: cache: use key=0 as a condition for freeing
2017-11-21BUG/MINOR: systemd: ignore daemon mode
2017-11-21BUG/MEDIUM: h2: always reassemble the Cookie request header field
2017-11-21BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
2017-11-20BUG/MEDIUM: cache: free callback to remove from tree
2017-11-20BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
2017-11-20BUG/MAJOR: stream: ensure analysers are always called upon close
2017-11-20BUG/MEDIUM: stream: don't automatically forward connect nor close
2017-11-17BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data
2017-11-16BUG/MINOR: Allocate the log buffers before the proxies startup
2017-11-15BUG/MEDIUM: mworker: does not close inherited FD
2017-11-15BUG/MEDIUM: mworker: does not deinit anymore
2017-11-15BUG/MEDIUM: mworker: wait again for signals when execvp fail
2017-11-15BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
2017-11-14BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
2017-11-14BUG/MINOR: threads: tid_bit must be a unsigned long
2017-11-14BUG/MEDIUM: cache: use msg->sov to forward header
2017-11-14BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
2017-11-13BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
2017-11-13BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
2017-11-13BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
2017-11-13BUG/MINOR: spoe: check buffer size before acquiring or releasing it
2017-11-11BUG/MEDIUM: cache: does not cache if no Content-Length
2017-11-10BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
2017-11-10BUG/MEDIUM: threads/cli: fix "show sess" locking on release
2017-11-10BUG/MEDIUM: h2: support orphaned streams
2017-11-10BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
2017-11-10BUG/MEDIUM: h2: split the function to send RST_STREAM
2017-11-09BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
2017-11-09BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
2017-11-09BUG/MEDIUM: h2: reject non-3-digit status codes
2017-11-09BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
2017-11-08BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
2017-11-08BUG/MAJOR: threads/tasks: fix the scheduler again
2017-11-07BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
2017-11-07BUG/MINOR: comp: fix compilation warning compiling without compression.
2017-11-07BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
2017-11-07BUG/MINOR: h2: don't send GOAWAY on failed response
2017-11-07BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
2017-11-07BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
2017-11-07BUG/MEDIUM: h2: don't close the connection is there are data left
2017-11-07BUG/MEDIUM: h2: fix some wrong error codes on connections
2017-11-07BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
2017-11-07BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
2017-11-07BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
2017-11-06BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
2017-11-06BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
2017-11-06BUG/MINOR: dns: Don't try to get the server lock if it's already held.
2017-11-05BUG/MEDIUM: threads: don't try to free build option message on exit
2017-11-05BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
2017-11-05BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
2017-11-05BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
2017-11-05BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
2017-11-05BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
2017-11-05BUG/MINOR: cli: add severity in "set server addr" parser
2017-11-05BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
2017-11-05BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
2017-11-05BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
2017-11-05BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
2017-11-03BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
2017-11-03BUG/MINOR: lua: fix missing lock protection on server.
2017-11-03BUG/MINOR: dns: fix missing lock protection on server.
2017-11-03BUG/MINOR: stdarg.h inclusion
2017-11-02BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
2017-11-02BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
2017-11-02BUG/MEDIUM: cache: don't try to resolve wrong filters
2017-11-02BUG/MINOR: thread: fix a typo in the debug code
2017-11-02BUG/MAJOR: fix deadlock on healthchecks.
2017-11-02BUG/MEDIUM: checks/mux: always enable send-polling after connecting
2017-11-02BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
2017-11-01BUG/MINOR: send-proxy-v2: string size must include ('\0')
2017-11-01BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
2017-10-31BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
2017-10-31BUG/MEDIUM: threads: Initialize the sync-point
2017-10-31BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
2017-10-31BUG/MINOR: dns: Fix SRV records with the new thread code.
2017-10-31BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
2017-10-31BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
2017-10-31BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
2017-10-31BUG/MEDIUM: threads: Run the poll loop on the main thread too
2017-10-31BUG/MINOR: mailers: Fix a memory leak when email alerts are released
2017-10-31BUG/MINOR: dns: Fix CLI keyword declaration
2017-10-31BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
2017-10-31BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
2017-10-27BUG/MINOR: lua: const attribute of a string is overridden
2017-10-27BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
2017-10-25BUG/MINOR: checks: Don't forget to release the connection on error case.
2017-10-25BUG/MINOR: cli: restore "set ssl tls-key" command
2017-10-24BUG/MINOR: ssl: OCSP_single_get0_status can return -1
2017-10-24BUG/MEDIUM: server: Allocate tmptrash before using it.
2017-10-22BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
2017-10-19BUG/MEDIUM: log: check result details truncated.
2017-10-18BUG/MAJOR: lua: scheduled task is freezing.
2017-10-18BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
2017-10-18BUG/MINOR: tools: fix my_htonll() on x86_64
2017-10-17BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
2017-10-16BUG/MEDIUM: ssl: fix OCSP expiry calculation
2017-10-05BUG/MAJOR: stream-int: don't re-arm recv if send fails
2017-10-05BUG/MEDIUM: http: Return an error when url_dec sample converter failed
2017-10-04BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
2017-10-04BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
2017-10-04BUG/MINOR: unix: properly check for octal digits in the "mode" argument
2017-10-04BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
2017-10-04BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
2017-10-04BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
2017-10-04BUG/MEDIUM: tcp/http: set-dst-port action broken
2017-10-03BUG/MINOR: contrib/halog: fixing small memory leak
2017-09-21BUG/MINOR: log: fixing small memory leak in error code path.
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
2017-09-18BUG/MINOR: contrib/modsecurity: close the va_list ap before return
2017-09-18BUG/MINOR: contrib/mod_defender: close the va_list argp before return
2017-09-15BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
2017-09-15BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
2017-09-15BUG/MINOR: compression: Check response headers before http-response rules eval
2017-09-15BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
2017-09-11BUG/MINOR: Lua: The socket may be destroyed when we try to access.
2017-09-11BUG/MEDIUM: http: Close streams for connections closed before a redirect
2017-09-06Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
2017-09-05BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
2017-09-05BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
2017-09-05BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
2017-08-30BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
2017-08-23BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
2017-08-23BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
2017-08-23BUG/MAJOR: lua: fix the impact of the scheduler changes again
2017-08-22BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
2017-08-22BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
2017-08-22BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
2017-08-22BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
2017-08-17BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
2017-07-28BUG/MEDIUM: ssl: Fix regression about certificates generation
2017-07-28BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
2017-07-28BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
2017-07-28BUG/MINOR: ssl: make use of the name in SNI before verifyhost
2017-07-26BUG/MINOR: ssl: Fix check against SNI during server certificate verification
2017-07-24BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
2017-07-24BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
2017-07-24BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
2017-07-24BUG/MINOR: lua: Fix Server.get_addr() port values
2017-07-20BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
2017-07-19BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3
2017-07-19BUG/MINOR: contrib/mod_defender: build fix
2017-07-19BUG/MINOR: contrib/modsecurity: BSD build fix
2017-07-19BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states
2017-07-18BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
2017-07-18BUG/MINOR: http: Set the response error state in http_sync_res_state
2017-07-18BUG/MINOR: Lua: variable already initialized
2017-07-18BUG/MEDIUM: lua: bad memory access
2017-07-18BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
2017-07-18BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
2017-07-18BUG/MINOR: lua: In error case, the safe mode is not removed
2017-07-18BUG/MINOR: Prevent a use-after-free on error scenario on option "-x".
2017-07-13BUG/MINOR: peers: peer synchronization issue (with several peers sections).
2017-07-07BUG/MINOR: http: properly handle all 1xx informational responses
2017-07-06BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
2017-07-06BUG/MINOR: http: Don't reset the transaction if there are still data to send
2017-07-06BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
2017-07-05BUG/MAJOR: http: fix buffer overflow on loguri buffer.
2017-07-04BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
2017-06-30BUG/MAJOR: applet: fix a freeze if data is immedately forwarded.
2017-06-30BUG/MAJOR: compression: Be sure to release the compression state in all cases
2017-06-30BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
2017-06-30BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
2017-06-27BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections
2017-06-27BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
2017-06-23BUG/MINOR: log: pin the front connection when front ip/ports are logged
2017-06-21BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
2017-06-21BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
2017-06-20BUG/MEDIUM: mworker: don't reuse PIDs passed to the master
2017-06-20BUG/MEDIUM: fix segfault when no argument to -x option
2017-06-16BUG/MEDIUM: unix: never unlink a unix socket from the file system
2017-06-15BUG/MAJOR: server: Segfault after parsing server state file.
2017-06-15BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
2017-06-14BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
2017-06-14BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0
2017-06-14BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
2017-06-14BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
2017-06-11BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
2017-06-09BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
2017-06-08BUG/MEDIUM: misplaced exit and wrong exit code
2017-06-08BUG/MINOR: warning: ‘need_resend’ may be used uninitialized
2017-06-08BUG/MEDIUM: build without openssl broken
2017-06-08BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
2017-06-08BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler
2017-06-08BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine
2017-06-08BUG/MAJOR: ssl: fix segfault on connection close using async engines.
2017-05-12BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
2017-05-12BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
2017-05-06BUG/MINOR: checks: don't send proxy protocol with agent checks
2017-05-04BUG/MINOR: contrib/mod_security: fix build on FreeBSD
2017-04-28BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
2017-04-27BUG/MINOR: change header-declared function to static inline
2017-04-26BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
2017-04-26BUG/MEDIUM: lua: memory leak
2017-04-21BUG/MINOR: server: missing default server 'resolvers' setting duplication.
2017-04-21BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
2017-04-20BUG/MINOR: server: don't use "proxy" when px is really meant.
2017-04-19BUG/MAJOR: Use -fwrapv.
2017-04-19BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
2017-04-16BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting.
2017-04-15BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing.
2017-04-13BUG/MEDIUM: servers: unbreak server weight propagation
2017-04-13BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
2017-04-13BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
2017-04-12BUG/MINOR: arg: don't try to add an argument on failed memory allocation
2017-04-12BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
2017-04-11BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
2017-04-10BUG/MINOR: server : no transparent proxy for DragonflyBSD
2017-03-31BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
2017-03-31BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
2017-03-31BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
2017-03-31BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
2017-03-30BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
2017-03-29BUG/MEDIUM: server: Wrong server default CRT filenames initialization.
2017-03-27BUG/MEDIUM: tcp: don't require privileges to bind to device
2017-03-27BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
2017-03-21BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
2017-03-21BUG/MEDIUM: stream: fix client-fin/server-fin handling
2017-03-21BUG/MAJOR: http: fix typo in http_apply_redirect_rule
2017-03-20BUG: payload: fix payload not retrieving arbitrary lengths
2017-03-19BUG/MEDIUM: connection: ensure to always report the end of handshakes
2017-03-19BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
2017-03-15BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
2017-03-15BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided.
2017-03-15BUG/MEDIUM: listener: do not try to rebind another process' socket
2017-03-15BUG/MINOR: checks: attempt clean shutw for SSL check
2017-03-14BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
2017-03-13BUG/MINOR: Fix "get map " CLI command
2017-03-13BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
2017-03-10BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
2017-03-09BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
2017-03-09BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
2017-03-08BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
2017-03-07BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
2017-03-06BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
2017-03-02BUG/MEDIUM: ssl: fix verify/ca-file per certificate
2017-02-28BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
2017-02-23BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
2017-02-13BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
2017-02-10BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
2017-02-08BUG/MINOR: http: Return an error when a replace-header rule failed on the response
2017-02-08BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
2017-02-08BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
2017-02-08BUG/MEDIUM: http: prevent redirect from overwriting a buffer
2017-02-03BUG/MAJOR: dns: restart sockets after fork()
2017-01-30BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
2017-01-25BUG/MINOR: unix: fix connect's polling in case no data are scheduled
2017-01-25BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
2017-01-13BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
2017-01-11BUG/MINOR: Reset errno variable before calling strtol(3)
2017-01-11BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
2017-01-11BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
2017-01-11BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
2017-01-06BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
2017-01-06BUG/MINOR: tools: fix off-by-one in port size check
2017-01-06BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
2017-01-05BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
2017-01-05BUG/MINOR: http: report real parser state in error captures
2017-01-05BUG/MAJOR: channel: Fix the definition order of channel analyzers
2017-01-05BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
2017-01-02BUG/MINOR: option prefer-last-server must be ignored in some case
2016-12-23BUG/MINOR: systemd: potential zombie processes
2016-12-23BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
2016-12-23BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
2016-12-22BUG/MINOR: stats: fix be/sessions/current out in typed stats
2016-12-22BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
2016-12-22BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
2016-12-21BUG/MINOR: lua: memleak when Lua/cli fails
2016-12-21BUG/MINOR: lua: bad return code
2016-12-21BUG/MINOR: lua: memory leak executing tasks
2016-12-21BUG/MINOR: Fix the sending function in Lua's cosocket
2016-12-16BUG/MINOR: lua/cli: bad error message
2016-12-16BUG/MINOR: cli: "show cli sockets" would always report process 64
2016-12-16BUG/MINOR: cli: "show cli sockets" wouldn't list all processes
2016-12-14BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
2016-12-14BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
2016-12-12BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
2016-12-12BUG/MEDIUM: stream: Save unprocessed events for a stream
2016-12-12BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
2016-12-12BUG/MINOR: stats: fix be/sessions/max output in html stats
2016-12-12BUG/MEDIUM: variables: some variable name can hide another ones
2016-12-05BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
2016-12-05BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys"
2016-12-05BUG/MINOR: cli: allow the backslash to be escaped on the CLI
2016-12-04BUG/MAJOR: stream: fix session abort on resource shortage
2016-11-29BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
2016-11-29BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
2016-11-29BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
2016-11-29BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
2016-11-29BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
2016-11-26BUG/MINOR: stats: make field_str() return an empty string on NULL
2016-11-26BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
2016-11-25BUG/MINOR: freq-ctr: make swrate_add() support larger values
2016-11-25BUG: spoe: Fix parsing of SPOE actions in ACK frames
2016-11-25BUG/MINOR: conf: calloc untested
2016-11-24BUG/MINOR: log-format: uncatched memory allocation functions
2016-11-24BUG/MINOR: cli: wake up the CLI's task after a timeout update
2016-11-24BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
2016-11-24BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
2016-11-19BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
2016-11-18BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
2016-11-18BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
2016-11-18DEBUG: connection: mark the closed FDs with a value that is easier to detect
2016-11-18BUG/MEDIUM: connection: check the control layer before stopping polling
2016-11-17BUG/MINOR: stick-table: handle out-of-memory condition gracefully
2016-11-14BUG/MINOR: ssl: Print correct filename when error occurs reading OCSP
2016-11-14BUG/MEDIUM: ssl: Store certificate filename in a variable
2016-11-14BUG/MEDIUM: channel: bad unlikely macro
2016-11-09BUG: vars: Fix 'set-var' converter because of a typo
2016-11-07BUG/MEDIUM: servers: properly propagate the maintenance states during startup
2016-11-07BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
2016-11-07BUG/MEDIUM: srv-state: properly restore the DRAIN state
2016-11-03BUG/MEDIUM: systemd-wrapper: return correct exit codes
2016-10-31BUG/MEDIUM: peers: fix use after free in peer_session_create()
2016-10-31BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
2016-10-25BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
2016-10-25BUG/MINOR: systemd: check return value of calloc()
2016-10-25BUG/MINOR: systemd: always restore signals before execve()
2016-10-25BUG/MINOR: systemd: make the wrapper return a non-null status code on error
2016-10-24BUG/MINOR: ssl: prevent multiple entries for the same certificate
2016-10-24BUG/MINOR: ssl: Check malloc return code
2016-10-21BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
2016-10-21BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
2016-10-21BUG/MINOR: vars: use sess and not s->sess in action_store()
2016-10-01BUG/MEDIUM: dns: don't randomly crash on out-of-memory
2016-10-01BUG/MINOR: stats: report the correct conn_time in backend's html output
2016-09-23BUG/MEDIUM: http/compression: Fix how chunked data are copied during the HTTP body parsing
2016-09-13BUG/MINOR: displayed PCRE version is running release
2016-09-11BUG/MINOR: Fix OSX compilation errors
2016-08-30BUG/MINOR: payload: fix SSLv2 version parser
2016-08-29BUG/MAJOR: stream: properly mark the server address as unset on connect retry
2016-08-14BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
2016-08-14BUG/MINOR: peers: empty chunks after a resync.
2016-08-10BUG/MINOR: peers: some updates are pushed twice after a resync.
2016-08-09BUG/MEDIUM: stick-table: properly convert binary samples to keys
2016-08-09BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
2016-08-09BUG/MAJOR: server: the "sni" directive could randomly cause trouble
2016-08-09BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
2016-08-08BUG/MAJOR: compression: initialize avail_in/next_in even during flush
2016-08-07BUG/MEDIUM: stream-int: completely detach connection on connect error
2016-08-03BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
2016-07-26BUG/MEDIUM: log: use function "escape_string" instead of "escape_chunk"
2016-07-26BUG/MINOR: peers: don't count track-sc multiple times on errors
2016-07-26BUG/MINOR: peers: Fix peers data decoding issue
2016-07-14BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
2016-07-14BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
2016-07-13BUG/MINOR: Fix endiness issue in DNS header creation code
2016-07-13BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
2016-07-12BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
2016-06-30Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
2016-06-28BUG/MINOR: Rework slightly commit 9962f8fc to clean code and avoid mistakes
2016-06-28BUG/MEDIUM: http: unbreak uri/header/url_param hashing
2016-06-24BUG/BUILD: don't automatically run "make" on "make install"
2016-06-24BUG/MINOR: http: fix misleading error message for response captures
2016-06-24BUG/MINOR: ssl: close ssl key file on error
2016-06-22BUG/MINOR: srv-state: fix incorrect output of state file
2016-06-21BUG/MINOR: filters: Fix HTTP parsing when a filter loops on data forwarding
2016-06-21BUG/MEDIUM: filters: Fix data filtering when data are modified
2016-06-21BUG/MINOR: external-checks: do not unblock undesired signals
2016-06-21BUG/MAJOR: external-checks: use asynchronous signal delivery
2016-06-21BUG/MEDIUM: external-checks: close all FDs right after the fork()
2016-06-21BUG/MINOR: init: ensure that FD limit is raised to the max allowed
2016-06-21BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
2016-06-17BUG/MINOR: fix http-response set-log-level parsing error
2016-06-16BUG/MINOR: http: url32+src should check cli_conn before using it
2016-06-16BUG/MINOR: http: url32+src should use the big endian version of url32
2016-06-14BUG/MEDIUM: dumpstats: undefined behavior in stats_tlskeys_list()
2016-06-12BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
2016-06-08BUG/MEDIUM: http: add-header: buffer overwritten
2016-06-08BUG/MINOR: http: add-header: header name copied twice
2016-06-08BUG/MEDIUM: lua: converters doesn't work
2016-06-07BUG/MEDIUM: sticktables: segfault in some configuration error cases
2016-05-31BUG/MEDIUM: fix risk of segfault with "show tls-keys"
2016-05-27BUG/MEDIUM: stats: show servers state may show an servers from another backend
2016-05-26BUG/MEDIUM: config: fix multiple declaration of section parsers
2016-05-25BUG/MEDIUM: dns: unbreak DNS resolver after header fix
2016-05-25BUG/MEDIUM: stick-tables: fix breakage in table converters
2016-05-25BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
2016-05-19BUG/MINOR: fix listening IP address storage for frontends (cont)
2016-05-19BUG/MAJOR: fix listening IP address storage for frontends
2016-05-19BUG/MEDIUM: init: don't use environment locale
2016-05-09BUG/MEDIUM: dns: fix alignment issue when building DNS queries
2016-05-09BUG/MINOR: dns: fix DNS header definition
2016-05-06BUG/MEDIUM: stats: show backend may show an empty or incomplete result
2016-05-06BUG/MEDIUM: stats: show servers state may show an empty or incomplete result
2016-05-04BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
2016-05-04BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
2016-05-03BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
2016-05-02BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
2016-05-02BUG/MEDIUM: http: fix incorrect reporting of server errors
2016-04-29BUG/MINOR: log: fix a typo that would cause %HP to log
2016-04-29BUG/MINOR: dumpstats: Fix the "Total bytes saved" counter in backends stats
2016-04-29BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches.
2016-04-25BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode
2016-04-21BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
2016-04-21BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
2016-04-21BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
2016-04-15BUG/MINOR: fix maxaccept computation according to the frontend process range
2016-04-14BUG/MINOR: listener: stop unbound listeners on startup
2016-04-14BUG/MEDIUM: fix maxaccept computation on per-process listeners
2016-04-12BUG/MEDIUM: sample: initialize the pointer before parse_binary call.
2016-04-12BUG/MINOR: cfgparse: couple of small memory leaks.
2016-04-12BUG/MINOR: server: risk of over reading the pref_net array.
2016-04-11BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try)
2016-04-09BUG/MEDIUM: trace.c: rdtsc() is defined in two files
2016-04-06BUG/MEDIUM: ssl: rewind the BIO when reading certificates
2016-04-06BUG/MINOR : allow to log cookie for tarpit and denied request
2016-04-05BUG/MINOR: DNS: resolution structure change
2016-04-05BUG/MINOR: dns: trigger a DNS query type change on resolution timeout
2016-04-05BUG/MINOR: dns: inapropriate way out after a resolution timeout
2016-04-05BUG/MINOR: dumpstats: fix write to global chunk
2016-03-30BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state.
2016-03-30BUG/MINOR: prevent the dump of uninitialized vars
2016-03-30BUG/MINOR: lua: can't load external libraries
2016-03-29BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
2016-03-29BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
2016-03-25BUG/MEDIUM: peers: fix incorrect age in frequency counters
2016-03-19BUG/MINOR: conf: "listener id" expects integer, but its not checked
2016-03-17BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted

Back to the list of branches and versions
Back to the HAProxy page