HAProxy known bugs for version v1.5.5 (maintenance branch 1.5)

This version (1.5.5) is a release belonging to maintenance branch 1.5 whose latest version is 1.5.19. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2016-12-251.5.19 ⇐ last
2016-05-101.5.18 
2016-04-131.5.17 
2016-03-141.5.16 
2015-11-011.5.15 
2015-07-031.5.14 
2015-06-261.5.13 
2015-05-021.5.12 
2015-02-011.5.11 
2014-12-311.5.10 
2014-11-261.5.9 
2014-10-311.5.8 
2014-10-301.5.7 
2014-10-181.5.6 
2014-10-081.5.5 ⇐ yours
2014-09-021.5.4 
2014-07-251.5.3 
2014-07-121.5.2 
2014-06-241.5.1 
2014-06-191.5.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 1.5 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
176 0 18 84 74

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2016-12-24BUG/MINOR: systemd: potential zombie processes
2016-12-24BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
2016-12-24BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
2016-12-24BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
2016-12-24BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
2016-12-24BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
2016-12-24BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
2016-12-24BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
2016-12-24BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
2016-12-24BUG/MEDIUM: connection: check the control layer before stopping polling
2016-12-24BUG/MINOR: stick-table: handle out-of-memory condition gracefully
2016-12-24BUG/MEDIUM: systemd-wrapper: return correct exit codes
2016-12-24BUG/MEDIUM: peers: fix use after free in peer_session_create()
2016-12-24BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
2016-12-24BUG/MINOR: systemd: check return value of calloc()
2016-12-24BUG/MINOR: systemd: always restore signals before execve()
2016-12-24BUG/MINOR: systemd: make the wrapper return a non-null status code on error
2016-12-24BUG/MINOR: ssl: prevent multiple entries for the same certificate
2016-12-24BUG/MINOR: ssl: Check malloc return code
2016-10-06BUG/MINOR: displayed PCRE version is running release
2016-10-06BUG/MINOR: payload: fix SSLv2 version parser
2016-10-06BUG/MAJOR: stream: properly mark the server address as unset on connect retry
2016-10-06BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
2016-08-09BUG/MAJOR: compression: initialize avail_in/next_in even during flush
2016-08-09BUG/MEDIUM: stream-int: completely detach connection on connect error
2016-06-30Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
2016-06-30BUG/MINOR: init: ensure that FD limit is raised to the max allowed
2016-06-30BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
2016-06-30BUG/MINOR: http: url32+src should check cli_conn before using it
2016-06-30BUG/MINOR: http: url32+src should use the big endian version of url32
2016-06-30BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
2016-06-08BUG/MINOR: http: add-header: header name copied twice
2016-06-07BUG/MEDIUM: sticktables: segfault in some configuration error cases
2016-05-19BUG/MAJOR: fix listening IP address storage for frontends
2016-05-04BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
2016-05-04BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
2016-05-04BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
2016-05-02BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
2016-04-25BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
2016-04-25BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
2016-04-25BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
2016-04-21BUG/MINOR: fix maxaccept computation according to the frontend process range
2016-04-21BUG/MINOR: listener: stop unbound listeners on startup
2016-04-21BUG/MEDIUM: fix maxaccept computation on per-process listeners
2016-04-11BUG/MAJOR: channel: fix miscalculation of available buffer space (2nd try)
2016-04-11BUG/MINOR : allow to log cookie for tarpit and denied request
2016-03-29BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
2016-03-29BUG/MINOR: conf: "listener id" expects integer, but its not checked
2016-03-29BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted
2016-03-14BUG/MINOR: log: GMT offset not updated when entering/leaving DST
2016-03-13BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
2016-03-13BUG/MINOR: standard: Avoid free of non-allocated pointer
2016-03-08BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
2016-03-08BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
2016-03-08BUG/MINOR: systemd: propagate the correct signal to haproxy
2016-03-08BUG/MINOR: systemd: report the correct signal in debug message output
2016-03-08BUG/MINOR: systemd: ensure we don't miss signals
2016-02-25BUG/MEDIUM: chunks: always reject negative-length chunks
2016-02-25BUG/MINOR: http: Be sure to process all the data received from a server
2016-02-25BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
2016-02-25BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
2016-02-25BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
2016-02-25BUG: stream_interface: Reuse connection even if the output channel is empty
2016-02-25BUG/CLEANUP: CLI: report the proper field states in "show sess"
2016-02-25BUG/MINOR: stream: don't force retries if the server is DOWN
2016-02-25BUG/MEDIUM: channel: fix miscalculation of available buffer space.
2016-02-25BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
2016-02-25BUG/MEDIUM: config: Adding validation to stick-table expire value.
2016-02-25BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
2015-12-16BUG/MEDIUM: peers: old stick table updates could be repushed.
2015-12-16BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
2015-11-26BUG/MEDIUM: sample: urlp can't match an empty value
2015-11-26BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
2015-11-26BUG/MEDIUM: stream: fix half-closed timeout handling
2015-11-26BUG/MEDIUM: http: don't enable auto-close on the response side
2015-11-18BUG/MEDIUM: http: switch the request channel to no-delay once done.
2015-11-13BUG: http: do not abort keep-alive connections on server timeout
2015-11-05BUG/MINOR: acl: don't use record layer in req_ssl_ver
2015-11-02BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
2015-10-29BUG/MEDIUM: config: count memory limits on 64 bits, not 32
2015-10-14BUG/MEDIUM: pattern: fixup use_after_free in the pat_ref_delete_by_id
2015-10-14BUG/MINOR: config: make the stats socket pass the correct proxy to the parsers
2015-10-14BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
2015-09-28BUG/MEDIUM: proxy: do not wake stopped proxies' tasks during soft_stop()
2015-09-28BUG/MEDIUM: proxy: ignore stopped peers
2015-09-28BUG/MINOR: config: check that tune.bufsize is always positive
2015-09-28BUG/MEDIUM: acl: always accept match "found"
2015-09-08BUG/MINOR: tools: make str2sa_range() report unresolvable addresses
2015-09-07BUG/MAJOR: http: don't call http_send_name_header() after an error
2015-09-07BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
2015-08-24BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry
2015-08-24BUG/MINOR: http/sample: gmtime/localtime can fail
2015-07-26BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
2015-07-02BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
2015-06-23BUG/MEDIUM: config: properly compute the default number of processes for a proxy
2015-06-18BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
2015-06-18BUG/MINOR: debug: display (null) in place of "meth"
2015-05-28BUG/MEDIUM: cfgparse: segfault when userlist is misused
2015-05-28BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
2015-05-28BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
2015-05-20BUG/MEDIUM: peers: apply a random reconnection timeout
2015-05-13BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
2015-05-13BUG/MAJOR: checks: always check for end of list before proceeding
2015-05-13BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
2015-05-12BUG/MINOR: check: fix tcpcheck error message
2015-05-11BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
2015-05-04BUG/MEDIUM: stats: properly initialize the scope before dumping stats
2015-05-02BUG/MAJOR: http: prevent risk of reading past end with balance url_param
2015-05-02BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body
2015-05-01BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies
2015-05-01BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding
2015-05-01BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request
2015-05-01BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1
2015-05-01BUG/MEDIUM: http: remove content-length from chunked messages
2015-05-01BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified
2015-04-20BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
2015-04-14BUG/MEDIUM: listener: don't report an error when resuming unbound listeners
2015-04-14BUG/MINOR: ssl: Display correct filename in error message
2015-04-01BUG/MEDIUM: http: hdr_cnt would not count any header when called without name
2015-04-01BUG/MINOR: compression: consider the expansion factor in init
2015-03-17BUG/MEDIUM: http: the function "(req|res)-replace-value" doesn't respect the HTTP syntax
2015-03-16BUG/MAJOR: http: don't read past buffer's end in http_replace_value
2015-03-16BUG/MEDIUM: buffer: one byte miss in buffer free space check
2015-03-16BUG/MEDIUM: peers: correctly configure the client timeout
2015-02-26BUG/MEDIUM: Do not consider an agent check as failed on L7 error
2015-02-06BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match
2015-02-06BUG/MINOR: pattern: error message missing
2015-01-31BUG/MINOR: stats:Fix incorrect printf type.
2015-01-30BUG/MINOR: http: abort request processing on filter failure
2015-01-30BUG/MINOR: checks: prevent http keep-alive with http-check expect
2015-01-30BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value
2015-01-23MEDIUM/BUG: Only explicitly report "DOWN (agent)" if the agent health is zero
2015-01-23BUG/MEDIUM: Do not set agent health to zero if server is disabled in config
2015-01-21BUG/MEDIUM: http: make http-request set-header compute the string before removal
2015-01-21BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
2015-01-15BUG/MAJOR: log: don't try to emit a log if no logger is set
2015-01-14BUG/MEDIUM: channel: don't schedule data in transit for leaving until connected
2015-01-14BUG/MINOR: channel: compare to_forward with buf->i, not buf->size
2015-01-14BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation
2015-01-07BUG/MEDIUM: http: fix header removal when previous header ends with pure LF
2015-01-04BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
2014-12-24BUG/MEDIUM: compression: correctly report zlib_mem
2014-12-24BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
2014-12-24BUG/MAJOR: stream-int: properly check the memory allocation return
2014-12-18BUG/MEDIUM: config: do not propagate processes between stopped processes
2014-12-18BUG/MINOR: config: fix typo in condition when propagating process binding
2014-12-18BUG/MINOR: parse: refer curproxy instead of proxy
2014-12-18BUG/MINOR: http: fix typo: "401 Unauthorized" => "407 Unauthorized"
2014-12-10BUG/MEDIUM: sample: fix random number upper-bound
2014-12-08BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
2014-12-08BUG/MEDIUM: tcp-check: don't rely on random memory contents
2014-12-08BUG/MINOR: tcp-check: don't condition data polling on check type
2014-11-26BUG/MEDIUM: payload: ensure that a request channel is available
2014-11-26BUG/MEDIUM: patterns: previous fix was incomplete
2014-11-25BUG/MAJOR: sessions: unlink session from list on out of memory
2014-11-24BUG/MINOR: samples: fix unnecessary memcopy converting binary to string.
2014-11-24BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size
2014-11-24BUG/MEDIUM: pattern: don't load more than once a pattern list.
2014-11-21BUG/MINOR: stats: correctly set the request/response analysers
2014-11-21BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information
2014-11-18BUG/MAJOR: frontend: initialize capture pointers earlier
2014-11-18BUG/MINOR: config: don't inherit the default balance algorithm in frontends
2014-11-16BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
2014-11-14BUG/MEDIUM: ssl: force a full GC in case of memory shortage
2014-11-14BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
2014-10-31BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped
2014-10-31BUG/BUILD: revert accidental change in the makefile from latest SSL fix
2014-10-30BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
2014-10-29BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
2014-10-29BUG/MEDIUM: regex: fix pcre_study error handling
2014-10-24BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
2014-10-22BUG/MINOR: log: fix request flags when keep-alive is enabled
2014-10-22BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
2014-10-22BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
2014-10-17BUG/MEDIUM: backend: fix URI hash when a query string is present
2014-10-17BUG/MINOR: config: do not accept more track-sc than configured
2014-10-10BUG/MEDIUM: config: avoid skipping disabled proxies
2014-10-09BUG/MEDIUM: systemd: set KillMode to 'mixed'

Back to the list of branches and versions
Back to the HAProxy page