HAProxy known bugs for maintenance branch 1.5

This is maintenance branch 1.5 whose latest version is 1.5.19. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 1.5 version other than 1.5.19, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

DateVersionComment
2016-12-251.5.19 ⇐ last
2016-05-101.5.18 
2016-04-131.5.17 
2016-03-141.5.16 
2015-11-011.5.15 
2015-07-031.5.14 
2015-06-261.5.13 
2015-05-021.5.12 
2015-02-011.5.11 
2014-12-311.5.10 
2014-11-261.5.9 
2014-10-311.5.8 
2014-10-301.5.7 
2014-10-181.5.6 
2014-10-081.5.5 
2014-09-021.5.4 
2014-07-251.5.3 
2014-07-121.5.2 
2014-06-241.5.1 
2014-06-191.5.0 

Fixes for known bugs pending in this branch since the last release (1.5.19)

These fixes have already been queued for the next 1.5 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

TotalCRITICALMAJORMEDIUMMINOR
0 0 0 0 0

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

DateSubject
2017-12-14BUG: MAJOR: lb_map: server map calculation broken
2017-12-14BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
2017-12-14BUG/MEDIUM: h2: fix stream limit enforcement
2017-12-14BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
2017-12-14BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
2017-12-14BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
2017-12-14BUG/MEDIUM: h2: support uploading partial DATA frames
2017-12-14BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
2017-12-14BUG/MEDIUM: h2: work around a connection API limitation
2017-12-10BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
2017-12-10BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
2017-12-10BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
2017-12-10BUG/MEDIUM: lua/notification: memory leak
2017-12-08BUG/MEDIUM: threads/vars: Fix deadlock in register_name
2017-12-08BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
2017-12-07BUG/MEDIUM: h2: fix handling of end of stream again
2017-12-06BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
2017-12-06BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
2017-12-06BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
2017-12-06BUG/MEDIUM: mworker: also close peers sockets in the master
2017-12-04BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
2017-12-04BUG/MAJOR: hpack: don't pretend large headers fit in empty table
2017-12-04BUG/MINOR: action: Don't check http capture rules when no id is defined
2017-12-03BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
2017-12-03BUG/MEDIUM: h2: do not accept upper case letters in request header names
2017-12-03BUG/MEDIUM: h2: remove connection-specific headers from request
2017-12-03BUG/MINOR: h2: reject response pseudo-headers from requests
2017-12-03BUG/MINOR: h2: properly check PRIORITY frames
2017-12-03BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
2017-12-03BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
2017-12-03BUG/MEDIUM: h2: enforce the per-connection stream limit
2017-12-03BUG/MINOR: h2: the TE header if present may only contain trailers
2017-12-03BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
2017-12-03BUG/MINOR: h2: ":path" must not be empty
2017-12-03BUG/MINOR: h2: try to abort closed streams as soon as possible
2017-12-03BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
2017-12-03BUG/MAJOR: h2: correctly check the request length when building an H1 request
2017-12-03BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
2017-12-03BUG/MINOR: hpack: reject invalid header index
2017-12-03BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
2017-12-03BUG/MINOR: hpack: fix debugging output of pseudo header names
2017-12-03BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
2017-12-02BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
2017-12-02BUG/MINOR: mworker: detach from tty when in daemon mode
2017-12-02BUG/MINOR: mworker: fix validity check for the pipe FDs
2017-12-01BUG/MAJOR: thread/peers: fix deadlock on peers sync.
2017-11-29BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
2017-11-29BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
2017-11-29BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
2017-11-29BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
2017-11-29BUG/MEDIUM: stream: fix session leak on applet-initiated connections
2017-11-28BUG/MEDIUM: cache: bad computation of the remaining size
2017-11-28BUG/MEDIUM: ssl: don't allocate shctx several time
2017-11-28BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
2017-11-26BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
2017-11-26BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
2017-11-26BUG/MINOR: threads: don't drop "extern" on the lock in include files
2017-11-24CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
2017-11-24BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
2017-11-24BUG/MEDIUM: cache: free ressources in chn_end_analyze
2017-11-24BUG/MEDIUM: stream: always release the stream-interface on abort
2017-11-23BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
2017-11-23BUG/MAJOR: h2: always remove a stream from the send list before freeing it
2017-11-23BUG/MINOR: stream: fix tv_request calculation for applets
2017-11-23BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
2017-11-23BUG/MEDIUM: threads/time: maintain a common time reference between all threads
2017-11-23BUG/MEDIUM: threads/time: fix time drift correction
2017-11-22MINOR: pools: implement DEBUG_UAF to detect use after free
2017-11-22BUG/MINOR: ssl: Always start the handshake if we can't send early data.
2017-11-22BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
2017-11-22BUG/MEDIUM: cache fix cli_kws structure
2017-11-22BUG/MEDIUM: cache: refcount forbids to free the objects
2017-11-22BUG/MEDIUM: cache: use key=0 as a condition for freeing
2017-11-21BUG/MINOR: systemd: ignore daemon mode
2017-11-21BUG/MEDIUM: h2: always reassemble the Cookie request header field
2017-11-21BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
2017-11-20BUG/MEDIUM: cache: free callback to remove from tree
2017-11-20BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
2017-11-20BUG/MAJOR: stream: ensure analysers are always called upon close
2017-11-20BUG/MEDIUM: stream: don't automatically forward connect nor close
2017-11-17BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data
2017-11-16BUG/MINOR: Allocate the log buffers before the proxies startup
2017-11-15BUG/MEDIUM: mworker: does not close inherited FD
2017-11-15BUG/MEDIUM: mworker: does not deinit anymore
2017-11-15BUG/MEDIUM: mworker: wait again for signals when execvp fail
2017-11-15BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
2017-11-14BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
2017-11-14BUG/MINOR: threads: tid_bit must be a unsigned long
2017-11-14BUG/MEDIUM: cache: use msg->sov to forward header
2017-11-14BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
2017-11-13BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
2017-11-13BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
2017-11-13BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
2017-11-13BUG/MINOR: spoe: check buffer size before acquiring or releasing it
2017-11-11BUG/MEDIUM: cache: does not cache if no Content-Length
2017-11-10BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
2017-11-10BUG/MEDIUM: threads/cli: fix "show sess" locking on release
2017-11-10BUG/MEDIUM: h2: support orphaned streams
2017-11-10BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
2017-11-10BUG/MEDIUM: h2: split the function to send RST_STREAM
2017-11-09BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
2017-11-09BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
2017-11-09BUG/MEDIUM: h2: reject non-3-digit status codes
2017-11-09BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
2017-11-08BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
2017-11-08BUG/MAJOR: threads/tasks: fix the scheduler again
2017-11-07BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
2017-11-07BUG/MINOR: comp: fix compilation warning compiling without compression.
2017-11-07BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
2017-11-07BUG/MINOR: h2: don't send GOAWAY on failed response
2017-11-07BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
2017-11-07BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
2017-11-07BUG/MEDIUM: h2: don't close the connection is there are data left
2017-11-07BUG/MEDIUM: h2: fix some wrong error codes on connections
2017-11-07BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
2017-11-07BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
2017-11-07BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
2017-11-06BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
2017-11-06BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
2017-11-06BUG/MINOR: dns: Don't try to get the server lock if it's already held.
2017-11-05BUG/MEDIUM: threads: don't try to free build option message on exit
2017-11-05BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
2017-11-05BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
2017-11-05BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
2017-11-05BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
2017-11-05BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
2017-11-05BUG/MINOR: cli: add severity in "set server addr" parser
2017-11-05BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
2017-11-05BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
2017-11-05BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
2017-11-05BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
2017-11-03BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
2017-11-03BUG/MINOR: lua: fix missing lock protection on server.
2017-11-03BUG/MINOR: dns: fix missing lock protection on server.
2017-11-03BUG/MINOR: stdarg.h inclusion
2017-11-02BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
2017-11-02BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
2017-11-02BUG/MEDIUM: cache: don't try to resolve wrong filters
2017-11-02BUG/MINOR: thread: fix a typo in the debug code
2017-11-02BUG/MAJOR: fix deadlock on healthchecks.
2017-11-02BUG/MEDIUM: checks/mux: always enable send-polling after connecting
2017-11-02BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
2017-11-01BUG/MINOR: send-proxy-v2: string size must include ('\0')
2017-11-01BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
2017-10-31BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
2017-10-31BUG/MEDIUM: threads: Initialize the sync-point
2017-10-31BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
2017-10-31BUG/MINOR: dns: Fix SRV records with the new thread code.
2017-10-31BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
2017-10-31BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
2017-10-31BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
2017-10-31BUG/MEDIUM: threads: Run the poll loop on the main thread too
2017-10-31BUG/MINOR: mailers: Fix a memory leak when email alerts are released
2017-10-31BUG/MINOR: dns: Fix CLI keyword declaration
2017-10-31BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
2017-10-31BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
2017-10-27BUG/MINOR: lua: const attribute of a string is overridden
2017-10-27BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
2017-10-25BUG/MINOR: checks: Don't forget to release the connection on error case.
2017-10-25BUG/MINOR: cli: restore "set ssl tls-key" command
2017-10-24BUG/MINOR: ssl: OCSP_single_get0_status can return -1
2017-10-24BUG/MEDIUM: server: Allocate tmptrash before using it.
2017-10-22BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
2017-10-19BUG/MEDIUM: log: check result details truncated.
2017-10-18BUG/MAJOR: lua: scheduled task is freezing.
2017-10-18BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
2017-10-18BUG/MINOR: tools: fix my_htonll() on x86_64
2017-10-17BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
2017-10-16BUG/MEDIUM: ssl: fix OCSP expiry calculation
2017-10-05BUG/MAJOR: stream-int: don't re-arm recv if send fails
2017-10-05BUG/MEDIUM: http: Return an error when url_dec sample converter failed
2017-10-04BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
2017-10-04BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
2017-10-04BUG/MINOR: unix: properly check for octal digits in the "mode" argument
2017-10-04BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
2017-10-04BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
2017-10-04BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
2017-10-04BUG/MEDIUM: tcp/http: set-dst-port action broken
2017-10-03BUG/MINOR: contrib/halog: fixing small memory leak
2017-09-21BUG/MINOR: log: fixing small memory leak in error code path.
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
2017-09-18BUG/MINOR: contrib/modsecurity: close the va_list ap before return
2017-09-18BUG/MINOR: contrib/mod_defender: close the va_list argp before return
2017-09-15BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
2017-09-15BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
2017-09-15BUG/MINOR: compression: Check response headers before http-response rules eval
2017-09-15BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
2017-09-11BUG/MINOR: Lua: The socket may be destroyed when we try to access.
2017-09-11BUG/MEDIUM: http: Close streams for connections closed before a redirect
2017-09-06Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
2017-09-05BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
2017-09-05BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
2017-09-05BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
2017-08-30BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
2017-08-23BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
2017-08-23BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
2017-08-23BUG/MAJOR: lua: fix the impact of the scheduler changes again
2017-08-22BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
2017-08-22BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
2017-08-22BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
2017-08-22BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
2017-08-17BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
2017-07-28BUG/MEDIUM: ssl: Fix regression about certificates generation
2017-07-28BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
2017-07-28BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
2017-07-28BUG/MINOR: ssl: make use of the name in SNI before verifyhost
2017-07-26BUG/MINOR: ssl: Fix check against SNI during server certificate verification
2017-07-24BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
2017-07-24BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
2017-07-24BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
2017-07-24BUG/MINOR: lua: Fix Server.get_addr() port values
2017-07-20BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state
2017-07-19BUG/MINOR: ssl: remove haproxy SSLv3 support when ssl lib have no SSLv3
2017-07-19BUG/MINOR: contrib/mod_defender: build fix
2017-07-19BUG/MINOR: contrib/modsecurity: BSD build fix
2017-07-19BUG/MINOR: http: Fix bug introduced in previous patch in http_resync_states
2017-07-18BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined
2017-07-18BUG/MINOR: http: Set the response error state in http_sync_res_state
2017-07-18BUG/MINOR: Lua: variable already initialized
2017-07-18BUG/MEDIUM: lua: bad memory access
2017-07-18BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
2017-07-18BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
2017-07-18BUG/MINOR: lua: In error case, the safe mode is not removed
2017-07-18BUG/MINOR: Prevent a use-after-free on error scenario on option "-x".
2017-07-13BUG/MINOR: peers: peer synchronization issue (with several peers sections).
2017-07-07BUG/MINOR: http: properly handle all 1xx informational responses
2017-07-06BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels
2017-07-06BUG/MINOR: http: Don't reset the transaction if there are still data to send
2017-07-06BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
2017-07-05BUG/MAJOR: http: fix buffer overflow on loguri buffer.
2017-07-04BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
2017-06-30BUG/MAJOR: applet: fix a freeze if data is immedately forwarded.
2017-06-30BUG/MAJOR: compression: Be sure to release the compression state in all cases
2017-06-30BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
2017-06-30BUG/MAJOR: cli: fix custom io_release was crushed by NULL.
2017-06-27BUG/MAJOR: frontend: don't dereference a null conn on outgoing connections
2017-06-27BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
2017-06-23BUG/MINOR: log: pin the front connection when front ip/ports are logged
2017-06-21BUG/MINOR: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
2017-06-21BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
2017-06-20BUG/MEDIUM: mworker: don't reuse PIDs passed to the master
2017-06-20BUG/MEDIUM: fix segfault when no argument to -x option
2017-06-16BUG/MEDIUM: unix: never unlink a unix socket from the file system
2017-06-15BUG/MAJOR: server: Segfault after parsing server state file.
2017-06-15BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
2017-06-14BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING
2017-06-14BUG/MINOR: ssl: Be sure that SSLv3 connection methods exist for openssl < 1.1.0
2017-06-14BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
2017-06-14BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
2017-06-11BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
2017-06-09BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
2017-06-08BUG/MEDIUM: misplaced exit and wrong exit code
2017-06-08BUG/MINOR: warning: ‘need_resend’ may be used uninitialized
2017-06-08BUG/MEDIUM: build without openssl broken
2017-06-08BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
2017-06-08BUG/MINOR: ssl: do not call directly the conn_fd_handler from async_fd_handler
2017-06-08BUG/MAJOR: ssl: buffer overflow using offloaded ciphering on async engine
2017-06-08BUG/MAJOR: ssl: fix segfault on connection close using async engines.
2017-05-12BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
2017-05-12BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
2017-05-06BUG/MINOR: checks: don't send proxy protocol with agent checks
2017-05-04BUG/MINOR: contrib/mod_security: fix build on FreeBSD
2017-04-28BUG/MINOR: ssl: fix warnings about methods for opensslv1.1.
2017-04-27BUG/MINOR: change header-declared function to static inline
2017-04-26BUG/MINOR: hash-balance-factor isn't effective in certain circumstances
2017-04-26BUG/MEDIUM: lua: memory leak
2017-04-21BUG/MINOR: server: missing default server 'resolvers' setting duplication.
2017-04-21BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
2017-04-20BUG/MINOR: server: don't use "proxy" when px is really meant.
2017-04-19BUG/MAJOR: Use -fwrapv.
2017-04-19BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
2017-04-16BUG/MAJOR: Broken parsing for valid keywords provided after 'source' setting.
2017-04-15BUG/MINOR: server: Fix a wrong error message during 'usesrc' keyword parsing.
2017-04-13BUG/MEDIUM: servers: unbreak server weight propagation
2017-04-13BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
2017-04-13BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
2017-04-12BUG/MINOR: arg: don't try to add an argument on failed memory allocation
2017-04-12BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
2017-04-11BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
2017-04-10BUG/MINOR: server : no transparent proxy for DragonflyBSD
2017-03-31BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze
2017-03-31BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled
2017-03-31BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
2017-03-31BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
2017-03-30BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
2017-03-29BUG/MEDIUM: server: Wrong server default CRT filenames initialization.
2017-03-27BUG/MEDIUM: tcp: don't require privileges to bind to device
2017-03-27BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
2017-03-21BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
2017-03-21BUG/MEDIUM: stream: fix client-fin/server-fin handling
2017-03-21BUG/MAJOR: http: fix typo in http_apply_redirect_rule
2017-03-20BUG: payload: fix payload not retrieving arbitrary lengths
2017-03-19BUG/MEDIUM: connection: ensure to always report the end of handshakes
2017-03-19BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
2017-03-15BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze
2017-03-15BUG/MEDIUM server: Fix crash when dynamic is defined, but not key is provided.
2017-03-15BUG/MEDIUM: listener: do not try to rebind another process' socket
2017-03-15BUG/MINOR: checks: attempt clean shutw for SSL check
2017-03-14BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
2017-03-13BUG/MINOR: Fix "get map " CLI command
2017-03-13BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup
2017-03-10BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file
2017-03-09BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section
2017-03-09BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters
2017-03-08BUG/MINOR: ssl: fix cipherlist captures with sustainable SSL calls
2017-03-07BUG/MEDIUM: ssl: in bind line, ssl-options after 'crt' are ignored.
2017-03-06BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING
2017-03-02BUG/MEDIUM: ssl: fix verify/ca-file per certificate
2017-02-28BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
2017-02-23BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
2017-02-13BUG/MAJOR: ssl: fix a regression in ssl_sock_shutw()
2017-02-10BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
2017-02-08BUG/MINOR: http: Return an error when a replace-header rule failed on the response
2017-02-08BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
2017-02-08BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
2017-02-08BUG/MEDIUM: http: prevent redirect from overwriting a buffer
2017-02-03BUG/MAJOR: dns: restart sockets after fork()
2017-01-30BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
2017-01-25BUG/MINOR: unix: fix connect's polling in case no data are scheduled
2017-01-25BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
2017-01-13BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
2017-01-11BUG/MINOR: Reset errno variable before calling strtol(3)
2017-01-11BUG/MINOR: ssl: assert on SSL_set_shutdown with BoringSSL
2017-01-11BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
2017-01-11BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
2017-01-06BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
2017-01-06BUG/MINOR: tools: fix off-by-one in port size check
2017-01-06BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
2017-01-05BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
2017-01-05BUG/MINOR: http: report real parser state in error captures
2017-01-05BUG/MAJOR: channel: Fix the definition order of channel analyzers
2017-01-05BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
2017-01-02BUG/MINOR: option prefer-last-server must be ignored in some case

Back to the list of branches and versions
Back to the HAProxy page