HAProxy known bugs for version v1.6.2 (maintenance branch 1.6)

This version (1.6.2) is a release belonging to maintenance branch 1.6 whose latest version is 1.6.13. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2017-06-181.6.13 ⇐ last
2017-04-041.6.12 
2016-12-251.6.11 
2016-11-201.6.10 
2016-08-301.6.9 
2016-08-141.6.8 
2016-07-131.6.7 
2016-06-261.6.6 
2016-05-101.6.5 
2016-03-141.6.4 
2015-12-271.6.3 
2015-11-031.6.2 ⇐ yours
2015-10-201.6.1 
2015-10-131.6.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 1.6 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
249 0 28 99 122

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2017-07-20BUG/MEDIUM: lua: bad memory access
2017-07-20BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
2017-07-20BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
2017-07-20BUG/MINOR: lua: In error case, the safe mode is not removed
2017-07-20BUG/MINOR: Fix the sending function in Lua's cosocket
2017-07-20BUG/MINOR: peers: peer synchronization issue (with several peers sections).
2017-07-20BUG/MINOR: http: properly handle all 1xx informational responses
2017-07-20BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
2017-07-20BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
2017-07-20BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
2017-07-20BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
2017-07-20BUG/MINOR: log: pin the front connection when front ip/ports are logged
2017-07-20BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
2017-07-20BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
2017-07-20BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
2017-07-20BUG/MINOR: Wrong peer task expiration handling during synchronization processing.
2017-06-18BUG/MEDIUM: unix: never unlink a unix socket from the file system
2017-06-18BUG/MAJOR: server: Segfault after parsing server state file.
2017-06-18BUG/MEDIUM: peers: Peers CLOSE_WAIT issue.
2017-06-18BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map
2017-06-18BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers
2017-06-18BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer
2017-06-18BUG/MINOR: Makefile: fix compile error with USE_LUA=1 in ubuntu16.04
2017-06-18BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything
2017-06-18BUG/MAJOR: dns: Broken kqueue events handling (BSD systems).
2017-06-18BUG/MINOR: checks: don't send proxy protocol with agent checks
2017-06-18BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request
2017-04-26BUG/MEDIUM: lua: memory leak
2017-04-26BUG/MINOR: server: missing default server 'resolvers' setting duplication.
2017-04-26BUG/MINOR: server: don't use "proxy" when px is really meant.
2017-04-26BUG/MAJOR: Use -fwrapv.
2017-04-26BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr()
2017-04-26BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr()
2017-04-26BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error
2017-04-26BUG/MINOR: arg: don't try to add an argument on failed memory allocation
2017-04-26BUG/MINOR: config: missing goto out after parsing an incorrect ACL character
2017-04-26BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets.
2017-03-31BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers
2017-03-31BUG/MEDIUM: peers: fix buffer overflow control in intdecode.
2017-03-30BUG/MAJOR: dns: restart sockets after fork()
2017-03-27BUG: payload: fix payload not retrieving arbitrary lengths
2017-03-27BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity().
2017-03-27BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available
2017-03-27BUG/MINOR: checks: attempt clean shutw for SSL check
2017-03-27BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule
2017-03-27BUG/MEDIUM: tcp: don't require privileges to bind to device
2017-03-27BUG/MEDIUM: stream: fix client-fin/server-fin handling
2017-03-27BUG/MEDIUM: listener: do not try to rebind another process' socket
2017-03-27BUG/MEDIUM: connection: ensure to always report the end of handshakes
2017-03-27BUG/MAJOR: stream-int: do not depend on connection flags to detect connection
2017-03-27BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer
2017-02-23BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
2017-02-10BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
2017-02-10BUG/MINOR: http: Return an error when a replace-header rule failed on the response
2017-02-10BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
2017-02-10BUG/MEDIUM: http: prevent redirect from overwriting a buffer
2017-01-31BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword
2017-01-31BUG/MINOR: unix: fix connect's polling in case no data are scheduled
2017-01-31BUG/MEDIUM: tcp: don't poll for write when connect() succeeds
2017-01-31BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
2017-01-31BUG/MINOR: tools: fix off-by-one in port size check
2017-01-31BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
2017-01-31BUG/MAJOR: channel: Fix the definition order of channel analyzers
2017-01-31BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0
2017-01-31BUG/MINOR: option prefer-last-server must be ignored in some case
2016-12-24BUG/MINOR: systemd: potential zombie processes
2016-12-24BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
2016-12-24BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
2016-12-24BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
2016-12-24BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
2016-12-24BUG/MINOR: lua: memory leak executing tasks
2016-12-24BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
2016-12-24BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
2016-12-24BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
2016-12-24BUG/MEDIUM: stream: Save unprocessed events for a stream
2016-12-24BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
2016-12-24BUG/MEDIUM: variables: some variable name can hide another ones
2016-12-08BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect
2016-12-08BUG/MAJOR: stream: fix session abort on resource shortage
2016-12-08BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
2016-12-08BUG/MINOR: freq-ctr: make swrate_add() support larger values
2016-12-08BUG/MINOR: cli: wake up the CLI's task after a timeout update
2016-12-08BUG/MINOR: cli: dequeue from the proxy when changing a maxconn
2016-12-08BUG/MINOR: cli: fix pointer size when reporting data/transport layer name
2016-11-20BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
2016-11-20BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
2016-11-18BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
2016-11-18BUG/MEDIUM: connection: check the control layer before stopping polling
2016-11-18BUG/MINOR: stick-table: handle out-of-memory condition gracefully
2016-11-18BUG/MEDIUM: channel: bad unlikely macro
2016-11-10BUG: vars: Fix 'set-var' converter because of a typo
2016-11-10BUG/MEDIUM: servers: properly propagate the maintenance states during startup
2016-11-10BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
2016-11-10BUG/MEDIUM: srv-state: properly restore the DRAIN state
2016-11-10BUG/MEDIUM: systemd-wrapper: return correct exit codes
2016-10-31BUG/MEDIUM: peers: fix use after free in peer_session_create()
2016-10-31BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
2016-10-25BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
2016-10-25BUG/MINOR: systemd: check return value of calloc()
2016-10-25BUG/MINOR: systemd: always restore signals before execve()
2016-10-25BUG/MINOR: systemd: make the wrapper return a non-null status code on error
2016-10-25BUG/MINOR: ssl: prevent multiple entries for the same certificate
2016-10-25BUG/MINOR: ssl: Check malloc return code
2016-10-25BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session
2016-10-25BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
2016-10-25BUG/MINOR: vars: use sess and not s->sess in action_store()
2016-10-04BUG/MINOR: displayed PCRE version is running release
2016-10-04BUG/MINOR: Fix OSX compilation errors
2016-08-30BUG/MINOR: payload: fix SSLv2 version parser
2016-08-30BUG/MAJOR: stream: properly mark the server address as unset on connect retry
2016-08-14BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table
2016-08-14BUG/MINOR: peers: empty chunks after a resync.
2016-08-10BUG/MINOR: peers: some updates are pushed twice after a resync.
2016-08-09BUG/MEDIUM: stick-table: properly convert binary samples to keys
2016-08-09BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size
2016-08-09BUG/MAJOR: server: the "sni" directive could randomly cause trouble
2016-08-09BUG/MEDIUM: samples: make smp_dup() always duplicate the sample
2016-08-09BUG/MAJOR: compression: initialize avail_in/next_in even during flush
2016-08-09BUG/MEDIUM: stream-int: completely detach connection on connect error
2016-08-03BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests
2016-08-03BUG/MINOR: peers: Fix peers data decoding issue
2016-07-14BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash
2016-07-14BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
2016-07-13BUG/MINOR: Fix endiness issue in DNS header creation code
2016-07-13BUG/MEDIUM: dns: fix alignment issues in the DNS response parser
2016-06-30Revert "BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()"
2016-06-24BUG/BUILD: don't automatically run "make" on "make install"
2016-06-24BUG/MINOR: http: fix misleading error message for response captures
2016-06-24BUG/MINOR: ssl: close ssl key file on error
2016-06-22BUG/MINOR: srv-state: fix incorrect output of state file
2016-06-21BUG/MINOR: external-checks: do not unblock undesired signals
2016-06-21BUG/MAJOR: external-checks: use asynchronous signal delivery
2016-06-21BUG/MEDIUM: external-checks: close all FDs right after the fork()
2016-06-21BUG/MINOR: init: ensure that FD limit is raised to the max allowed
2016-06-21BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits
2016-06-21BUG/MINOR: fix http-response set-log-level parsing error
2016-06-21BUG/MINOR: http: url32+src should check cli_conn before using it
2016-06-21BUG/MINOR: http: url32+src should use the big endian version of url32
2016-06-21BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()
2016-06-08BUG/MEDIUM: http: add-header: buffer overwritten
2016-06-08BUG/MINOR: http: add-header: header name copied twice
2016-06-08BUG/MEDIUM: lua: converters doesn't work
2016-06-07BUG/MEDIUM: sticktables: segfault in some configuration error cases
2016-06-07BUG/MEDIUM: fix risk of segfault with "show tls-keys"
2016-05-27BUG/MEDIUM: stats: show servers state may show an servers from another backend
2016-05-25BUG/MEDIUM: dns: unbreak DNS resolver after header fix
2016-05-25BUG/MEDIUM: stick-tables: fix breakage in table converters
2016-05-25BUG/MAJOR: http: fix breakage of "reqdeny" causing random crashes
2016-05-19BUG/MINOR: fix listening IP address storage for frontends (cont)
2016-05-19BUG/MAJOR: fix listening IP address storage for frontends
2016-05-09BUG/MEDIUM: dns: fix alignment issue when building DNS queries
2016-05-09BUG/MINOR: dns: fix DNS header definition
2016-05-09BUG/MEDIUM: stats: show backend may show an empty or incomplete result
2016-05-09BUG/MEDIUM: stats: show servers state may show an empty or incomplete result
2016-05-04BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers
2016-05-04BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared
2016-05-04BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try)
2016-05-02BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client
2016-05-02BUG/MINOR: log: fix a typo that would cause %HP to log
2016-05-02BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches.
2016-04-25BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode
2016-04-25BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try)
2016-04-25BUG/MEDIUM: channel: incorrect polling condition may delay event delivery
2016-04-25BUG/MEDIUM: channel: don't allow to overwrite the reserve until connected
2016-04-21BUG/MINOR: fix maxaccept computation according to the frontend process range
2016-04-14BUG/MINOR: listener: stop unbound listeners on startup
2016-04-14BUG/MEDIUM: fix maxaccept computation on per-process listeners
2016-04-12BUG/MEDIUM: sample: initialize the pointer before parse_binary call.
2016-04-12BUG/MINOR: cfgparse: couple of small memory leaks.
2016-04-11BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try)
2016-04-11BUG/MEDIUM: trace.c: rdtsc() is defined in two files
2016-04-07BUG/MINOR : allow to log cookie for tarpit and denied request
2016-04-07BUG/MINOR: dns: trigger a DNS query type change on resolution timeout
2016-04-07BUG/MINOR: dns: inapropriate way out after a resolution timeout
2016-04-04BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the connection state.
2016-04-04BUG/MINOR: lua: can't load external libraries
2016-03-29BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers
2016-03-29BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present
2016-03-25BUG/MEDIUM: peers: fix incorrect age in frequency counters
2016-03-25BUG/MINOR: conf: "listener id" expects integer, but its not checked
2016-03-22BUG/MINOR: log: Don't use strftime() which can clobber timezone if chrooted
2016-03-13BUG/MINOR: log: GMT offset not updated when entering/leaving DST
2016-03-13BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
2016-03-13BUG/MINOR: standard: Avoid free of non-allocated pointer
2016-03-10BUG/MINOR: ssl: fix usage of the various sample fetch functions
2016-03-10BUG/MAJOR: vars: always retrieve the stream and session from the sample
2016-03-10BUG/MAJOR: samples: check smp->strm before using it
2016-03-08BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
2016-03-08BUG/MEDIUM: cfgparse: wrong argument offset after parsing server "sni" keyword
2016-03-08BUG/MINOR: systemd: propagate the correct signal to haproxy
2016-03-08BUG/MINOR: systemd: report the correct signal in debug message output
2016-03-08BUG/MINOR: systemd: ensure we don't miss signals
2016-02-25BUG/MEDIUM: chunks: always reject negative-length chunks
2016-02-25BUG/MINOR: server: fix the format of the warning on address change
2016-02-25BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
2016-02-25BUG/MINOR: lua: Useless copy
2016-02-25BUG/MINOR: server: some prototypes are renamed
2016-02-25BUG/MAJOR: lua: applets can't sleep.
2016-02-16BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
2016-02-16BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
2016-02-16BUG/MINOR: lua: unsafe initialization
2016-02-16BUG/MINOR: stats: fix missing comma in stats on agent drain
2016-02-16BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates
2016-02-16BUG/MEDIUM: http-reuse: do not share private connections across backends
2016-02-16BUG/MAJOR: http-reuse: fix risk of orphaned connections
2016-02-16BUG: stream_interface: Reuse connection even if the output channel is empty
2016-02-16BUG/CLEANUP: CLI: report the proper field states in "show sess"
2016-01-25BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table
2016-01-25BUG/MINOR: stream: don't force retries if the server is DOWN
2016-01-25BUG/MEDIUM: buffers: do not round up buffer size during allocation
2016-01-25BUG/MEDIUM: channel: fix miscalculation of available buffer space.
2016-01-25BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
2016-01-25BUG/MEDIUM: config: Adding validation to stick-table expire value.
2016-01-25BUG/MEDIUM: servers state: server port is used uninitialized
2016-01-25BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server
2016-01-25BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver
2016-01-25BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files
2016-01-25BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees.
2016-01-25BUG/MINOR: 51d: Releases workset back to pool.
2016-01-25BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices.
2016-01-25BUG/MINOR: 51d: Ensures a unique domain for each configuration
2016-01-25BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
2016-01-25BUG/MINOR: http: Be sure to process all the data received from a server
2016-01-25BUG/MINOR: http: fix several off-by-one errors in the url_param parser
2015-12-24BUG/MINOR: stream: bad return code
2015-12-24BUG/MAJOR: lua: Do not force the HTTP analysers in use-services
2015-12-24BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets
2015-12-24BUG/MINOR: lua: Lua applets must not use http_txn
2015-12-24BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn
2015-12-16BUG/MEDIUM: peers: old stick table updates could be repushed.
2015-12-16BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
2015-12-16BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced
2015-12-08BUG/MEDIUM: http: fix http-reuse when frontend and backend differ
2015-12-04BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and first rule(s) is (are) COMMENT
2015-12-04BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
2015-12-04BUG/MINOR: checks: typo in an email-alert error message
2015-12-04BUG/MINOR: checks: email-alert causes a segfault when an unknown mailers section is configured
2015-12-04BUG/MEDIUM: checks: email-alert not working when declared in defaults
2015-12-03BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input.
2015-11-26BUG/MEDIUM: sample: urlp can't match an empty value
2015-11-26BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
2015-11-26BUG/MEDIUM: stream: fix half-closed timeout handling
2015-11-26BUG/MEDIUM: http: don't enable auto-close on the response side
2015-11-26BUG/MINOR: lua: don't force-sslv3 LUA's SSL socket
2015-11-18BUG/MEDIUM: http: switch the request channel to no-delay once done.
2015-11-13BUG: http: do not abort keep-alive connections on server timeout
2015-11-06BUG/MEDIUM: lua: clean output buffer
2015-11-05BUG/MINOR: acl: don't use record layer in req_ssl_ver
2015-11-05BUG/MINOR: server: check return value of fgets() in apply_server_state()
2015-11-04BUG/MINOR: http rule: http capture 'id' rule points to a non existing id

Back to the list of branches and versions
Back to the HAProxy page