HAProxy known bugs for maintenance branch 1.6

This is maintenance branch 1.6 whose latest version is 1.6.13. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 1.6 version other than 1.6.13, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

2017-06-181.6.13 ⇐ last

Fixes for known bugs pending in this branch since the last release (1.6.13)

These fixes have already been queued for the next 1.6 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

16 0 2 4 10

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2017-07-20BUG/MEDIUM: lua: bad memory access
2017-07-20BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted
2017-07-20BUG/MINOR: lua: executes the function destroying the Lua session in safe mode
2017-07-20BUG/MINOR: lua: In error case, the safe mode is not removed
2017-07-20BUG/MINOR: Fix the sending function in Lua's cosocket
2017-07-20BUG/MINOR: peers: peer synchronization issue (with several peers sections).
2017-07-20BUG/MINOR: http: properly handle all 1xx informational responses
2017-07-20BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel
2017-07-20BUG/MEDIUM: map/acl: fix unwanted flags inheritance.
2017-07-20BUG/MAJOR: map: fix segfault during 'show map/acl' on cli.
2017-07-20BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue
2017-07-20BUG/MINOR: log: pin the front connection when front ip/ports are logged
2017-07-20BUG/MINOR: haproxy/cli : fix for solaris/illumos distros for CMSG* macros
2017-07-20BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767
2017-07-20BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed
2017-07-20BUG/MINOR: Wrong peer task expiration handling during synchronization processing.

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

2017-12-14BUG: MINOR: http: don't check http-request capture id when len is provided
2017-12-14BUG: MAJOR: lb_map: server map calculation broken
2017-12-14BUG/MINOR: stream-int: don't try to receive again after receiving an EOS
2017-12-14BUG/MEDIUM: h2: fix stream limit enforcement
2017-12-14BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses
2017-12-14BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses
2017-12-14BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame
2017-12-14BUG/MEDIUM: h2: support uploading partial DATA frames
2017-12-14BUG/MEDIUM: h2: debug incoming traffic in h2_wake()
2017-12-14BUG/MEDIUM: h2: work around a connection API limitation
2017-12-10BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible
2017-12-10BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full
2017-12-10BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE
2017-12-10BUG/MEDIUM: lua/notification: memory leak
2017-12-08BUG/MEDIUM: threads/vars: Fix deadlock in register_name
2017-12-08BUG/MEDIUM: email-alert: don't set server check status from a email-alert task
2017-12-07BUG/MEDIUM: h2: fix handling of end of stream again
2017-12-06BUG/MEDIUM: peers: set NOLINGER on the outgoing stream interface
2017-12-06BUG/MEDIUM: checks: a down server going to maint remains definitely stucked on down state.
2017-12-06BUG/MEDIUM: ssl engines: Fix async engines fds were not considered to fix fd limit automatically.
2017-12-06BUG/MEDIUM: mworker: also close peers sockets in the master
2017-12-04BUG/MINOR: ssl: support tune.ssl.cachesize 0 again
2017-12-04BUG/MAJOR: hpack: don't pretend large headers fit in empty table
2017-12-04BUG/MINOR: action: Don't check http capture rules when no id is defined
2017-12-03BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames
2017-12-03BUG/MEDIUM: h2: do not accept upper case letters in request header names
2017-12-03BUG/MEDIUM: h2: remove connection-specific headers from request
2017-12-03BUG/MINOR: h2: reject response pseudo-headers from requests
2017-12-03BUG/MINOR: h2: properly check PRIORITY frames
2017-12-03BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame
2017-12-03BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1
2017-12-03BUG/MEDIUM: h2: enforce the per-connection stream limit
2017-12-03BUG/MINOR: h2: the TE header if present may only contain trailers
2017-12-03BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to
2017-12-03BUG/MINOR: h2: ":path" must not be empty
2017-12-03BUG/MINOR: h2: try to abort closed streams as soon as possible
2017-12-03BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream
2017-12-03BUG/MAJOR: h2: correctly check the request length when building an H1 request
2017-12-03BUG/MINOR: hpack: dynamic table size updates are only allowed before headers
2017-12-03BUG/MINOR: hpack: reject invalid header index
2017-12-03BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits
2017-12-03BUG/MINOR: hpack: fix debugging output of pseudo header names
2017-12-03BUG/MEDIUM: checks: Be sure we have a mux if we created a cs.
2017-12-02BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time
2017-12-02BUG/MINOR: mworker: detach from tty when in daemon mode
2017-12-02BUG/MINOR: mworker: fix validity check for the pipe FDs
2017-12-01BUG/MAJOR: thread/peers: fix deadlock on peers sync.
2017-11-29BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync.
2017-11-29BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response
2017-11-29BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting
2017-11-29BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream
2017-11-29BUG/MEDIUM: stream: fix session leak on applet-initiated connections
2017-11-28BUG/MEDIUM: cache: bad computation of the remaining size
2017-11-28BUG/MEDIUM: ssl: don't allocate shctx several time
2017-11-28BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main
2017-11-26BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork.
2017-11-26BUG/MAJOR: threads/queue: avoid recursive locking in pendconn_get_next_strm()
2017-11-26BUG/MINOR: threads: don't drop "extern" on the lock in include files
2017-11-24CLEANUP: debug: Use DPRINTF instead of fprintf into #ifdef DEBUG_FULL/#endif
2017-11-24BUG/MINOR: listener: Allow multiple "process" options on "bind" lines
2017-11-24BUG/MEDIUM: cache: free ressources in chn_end_analyze
2017-11-24BUG/MEDIUM: stream: always release the stream-interface on abort
2017-11-23BUG/MAJOR: threads/task: dequeue expired tasks under the WQ lock
2017-11-23BUG/MAJOR: h2: always remove a stream from the send list before freeing it
2017-11-23BUG/MINOR: stream: fix tv_request calculation for applets
2017-11-23BUG/MINOR: Use crt_base instead of ca_base when crt is parsed on a server line
2017-11-23BUG/MEDIUM: threads/time: maintain a common time reference between all threads
2017-11-23BUG/MEDIUM: threads/time: fix time drift correction
2017-11-22MINOR: pools: implement DEBUG_UAF to detect use after free
2017-11-22BUG/MINOR: ssl: Always start the handshake if we can't send early data.
2017-11-22BUG/MEDIUM: deinit: correctly deinitialize the proxy and global listener tasks
2017-11-22BUG/MEDIUM: cache fix cli_kws structure
2017-11-22BUG/MEDIUM: cache: refcount forbids to free the objects
2017-11-22BUG/MEDIUM: cache: use key=0 as a condition for freeing
2017-11-21BUG/MINOR: systemd: ignore daemon mode
2017-11-21BUG/MEDIUM: h2: always reassemble the Cookie request header field
2017-11-21BUG/MEDIUM: h2: properly report connection errors in headers and data handlers
2017-11-20BUG/MEDIUM: cache: free callback to remove from tree
2017-11-20BUG/MINOR: stream-int: don't try to read again when CF_READ_DONTWAIT is set
2017-11-20BUG/MAJOR: stream: ensure analysers are always called upon close
2017-11-20BUG/MEDIUM: stream: don't automatically forward connect nor close
2017-11-17BUG/MEDIUM: deviceatlas: ignore not valuable HTTP request data
2017-11-16BUG/MINOR: Allocate the log buffers before the proxies startup
2017-11-15BUG/MEDIUM: mworker: does not close inherited FD
2017-11-15BUG/MEDIUM: mworker: does not deinit anymore
2017-11-15BUG/MEDIUM: mworker: wait again for signals when execvp fail
2017-11-15BUG/MAJOR: ebtree/scope: properly tag upper nodes during insertion
2017-11-14BUG/MEDIUM: standard: itao_str/idx and quote_str/idx must be thread-local
2017-11-14BUG/MINOR: threads: tid_bit must be a unsigned long
2017-11-14BUG/MEDIUM: cache: use msg->sov to forward header
2017-11-14BUG/MEDIUM: mworker: Fix re-exec when haproxy is started from PATH
2017-11-13BUG/MAJOR: ebtree/scope: fix lookup of next node in scope-aware trees
2017-11-13BUG/MAJOR: ebtree/scope: fix insertion and removal of duplicates in scope-aware trees
2017-11-13BUG/MINOR: buffers: Fix b_alloc_margin to be "fonctionnaly" thread-safe
2017-11-13BUG/MINOR: spoe: check buffer size before acquiring or releasing it
2017-11-11BUG/MEDIUM: cache: does not cache if no Content-Length
2017-11-10BUG/MEDIUM: stream: don't ignore res.analyse_exp anymore
2017-11-10BUG/MEDIUM: threads/cli: fix "show sess" locking on release
2017-11-10BUG/MEDIUM: h2: support orphaned streams
2017-11-10BUG/MEDIUM: h1: ensure the chunk size parser can deal with full buffers
2017-11-10BUG/MEDIUM: h2: split the function to send RST_STREAM
2017-11-09BUG/MINOR: pattern: Rely on the sample type to copy it in pattern_exec_match
2017-11-09BUG/MEDIUM: stream-int: Don't loss write's notifs when a stream is woken up
2017-11-09BUG/MEDIUM: h2: reject non-3-digit status codes
2017-11-09BUG/MINOR: h1: the HTTP/1 make status code parser check for digits
2017-11-08BUG/MINOR; ssl: Don't assume we have a ssl_bind_conf because a SNI is matched.
2017-11-08BUG/MAJOR: threads/tasks: fix the scheduler again
2017-11-07BUG/MINOR: stream-int: don't set MSG_MORE on closed request path
2017-11-07BUG/MINOR: comp: fix compilation warning compiling without compression.
2017-11-07BUG/MEDIUM: splice/threads: pipe reuse list was not protected.
2017-11-07BUG/MINOR: h2: don't send GOAWAY on failed response
2017-11-07BUG/MINOR: h2: correctly check for H2_SF_ES_SENT before closing
2017-11-07BUG/MEDIUM: h2: properly set H2_SF_ES_SENT when sending the final frame
2017-11-07BUG/MEDIUM: h2: don't close the connection is there are data left
2017-11-07BUG/MEDIUM: h2: fix some wrong error codes on connections
2017-11-07BUG/MEDIUM: h2: don't try (and fail) to send non-existing data in the mux
2017-11-07BUG/MEDIUM: h2: properly send the GOAWAY frame in the mux
2017-11-07BUG/MEDIUM: h2: properly send an RST_STREAM on mux stream error
2017-11-06BUG/MINOR: h2: set the "HEADERS_SENT" flag on stream, not connection
2017-11-06BUG/MINOR: dns: Don't lock the server lock in snr_check_ip_callback().
2017-11-06BUG/MINOR: dns: Don't try to get the server lock if it's already held.
2017-11-05BUG/MEDIUM: threads: don't try to free build option message on exit
2017-11-05BUG/MAJOR: thread/listeners: enable_listener must not call unbind_listener()
2017-11-05BUG/MAJOR: h2: set the connection's task to NULL when no client timeout is set
2017-11-05BUG/MEDIUM: threads/stick-tables: close a race condition on stktable_trash_expired()
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on map-based hash LB
2017-11-05BUG/MAJOR: threads/lb: fix missing unlock on consistent hash LB
2017-11-05BUG/MAJOR: threads/dns: add missing unlock on allocation failure path
2017-11-05BUG/MAJOR: cli/streams: missing unlock on exit "show sess"
2017-11-05BUG/MINOR: cli: add severity in "set server addr" parser
2017-11-05BUG/MAJOR: threads/checks: wrong use of SPIN_LOCK instead of SPIN_UNLOCK
2017-11-05BUG/MINOR: cli: do not perform an invalid action on "set server check-port"
2017-11-05BUG/MAJOR: threads/server: missing unlock in CLI fqdn parser
2017-11-05BUG/MAJOR: threads/checks: add 4 missing spin_unlock() in various functions
2017-11-03BUG/MAJOR: mux_pt: don't dereference a connstream after ->wake()
2017-11-03BUG/MINOR: lua: fix missing lock protection on server.
2017-11-03BUG/MINOR: dns: fix missing lock protection on server.
2017-11-03BUG/MINOR: stdarg.h inclusion
2017-11-02BUG/MINOR: freq: fix infinite loop on freq_ctr_period.
2017-11-02BUG/MAJOR: buffers: fix get_buffer_nc() for data at end of buffer
2017-11-02BUG/MEDIUM: cache: don't try to resolve wrong filters
2017-11-02BUG/MINOR: thread: fix a typo in the debug code
2017-11-02BUG/MAJOR: fix deadlock on healthchecks.
2017-11-02BUG/MEDIUM: checks/mux: always enable send-polling after connecting
2017-11-02BUG/MEDIUM: h2: don't try to parse incomplete H1 responses
2017-11-01BUG/MINOR: send-proxy-v2: string size must include ('\0')
2017-11-01BUG/MINOR: send-proxy-v2: fix dest_len in make_tlv call
2017-10-31BUG/MEDIUM: h2: fix incorrect timeout handling on the connection
2017-10-31BUG/MEDIUM: threads: Initialize the sync-point
2017-10-31BUG/MAJOR: threads/freq_ctr: use a memory barrier to detect changes
2017-10-31BUG/MINOR: dns: Fix SRV records with the new thread code.
2017-10-31BUG/MAJOR: threads/time: Store the time deviation in an 64-bits integer
2017-10-31BUG/MAJOR: threads/freq_ctr: fix lock on freq counters.
2017-10-31BUG/MINOR: threads: Add missing THREAD_LOCAL on static here and there
2017-10-31BUG/MEDIUM: threads: Run the poll loop on the main thread too
2017-10-31BUG/MINOR: mailers: Fix a memory leak when email alerts are released
2017-10-31BUG/MINOR: dns: Fix CLI keyword declaration
2017-10-31BUG/MINOR: spoa: Update pointer on the end of the frame when a reply is encoded
2017-10-31BUG/MINOR: spoe: Don't compare engine name and SPOE scope when both are NULL
2017-10-27BUG/MINOR: lua: const attribute of a string is overridden
2017-10-27BUG/MEDIUM: prevent buffers being overwritten during build_logline() execution
2017-10-25BUG/MINOR: checks: Don't forget to release the connection on error case.
2017-10-25BUG/MINOR: cli: restore "set ssl tls-key" command
2017-10-24BUG/MINOR: ssl: OCSP_single_get0_status can return -1
2017-10-24BUG/MEDIUM: server: Allocate tmptrash before using it.
2017-10-22BUG/MINOR: ssl: ocsp response with 'revoked' status is correct
2017-10-19BUG/MEDIUM: log: check result details truncated.
2017-10-18BUG/MAJOR: lua: scheduled task is freezing.
2017-10-18BUG/MINOR: stats: Clear a bit more counters with in cli_parse_clear_counters().
2017-10-18BUG/MINOR: tools: fix my_htonll() on x86_64
2017-10-17BUG/MINOR: stream-int: don't set MSG_MORE on SHUTW_NOW without AUTO_CLOSE
2017-10-16BUG/MEDIUM: ssl: fix OCSP expiry calculation
2017-10-05BUG/MAJOR: stream-int: don't re-arm recv if send fails
2017-10-05BUG/MEDIUM: http: Return an error when url_dec sample converter failed
2017-10-04BUG/MEDIUM: cli: fix "show fd" crash when dumping closed FDs
2017-10-04BUG/MINOR: tcp-check: don't initialize then break a connection starting with a comment
2017-10-04BUG/MINOR: unix: properly check for octal digits in the "mode" argument
2017-10-04BUG/MEDIUM: tcp-check: don't call tcpcheck_main() from the I/O handlers!
2017-10-04BUG/MINOR: tcp-check: don't quit with pending data in the send buffer
2017-10-04BUG/MEDIUM: tcp-check: properly indicate polling state before performing I/O
2017-10-04BUG/MEDIUM: tcp/http: set-dst-port action broken
2017-10-03BUG/MINOR: contrib/halog: fixing small memory leak
2017-09-21BUG/MINOR: log: fixing small memory leak in error code path.
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server (take2)
2017-09-21BUG/MEDIUM: server: unwanted behavior leaving maintenance mode on tracked stopping server
2017-09-18BUG/MINOR: contrib/modsecurity: close the va_list ap before return
2017-09-18BUG/MINOR: contrib/mod_defender: close the va_list argp before return
2017-09-15BUG/MINOR: dns: Fix check on nameserver in snr_resolution_cb
2017-09-15BUG/MINOR: spoe: Don't rely on SPOE ctx in debug message when its creation failed
2017-09-15BUG/MINOR: compression: Check response headers before http-response rules eval
2017-09-15BUG/MEDIUM: compression: Fix check on txn in smp_fetch_res_comp_algo
2017-09-11BUG/MINOR: Lua: The socket may be destroyed when we try to access.
2017-09-11BUG/MEDIUM: http: Close streams for connections closed before a redirect
2017-09-06Revert "BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file"
2017-09-05BUG/MINOR: server: Remove FQDN requirement for using init-addr and state file
2017-09-05BUG/MEDIUM: epoll: ensure we always consider HUP and ERR
2017-09-05BUG/MEDIUM: http: Fix a regression bug when a HTTP response is in TUNNEL mode
2017-08-30BUG/MINOR: stream-int: don't check the CO_FL_CURR_WR_ENA flag
2017-08-23BUG/MEDIUM: stream: properly set the required HTTP analysers on use-service
2017-08-23BUG/MEDIUM: lua: HTTP services must take care of body-less status codes
2017-08-23BUG/MAJOR: lua: fix the impact of the scheduler changes again
2017-08-22BUG/MEDIUM: dns: fix accepted_payload_size parser to avoid integer overflow
2017-08-22BUG/MINOR: dns: wrong resolution interval lead to 100% CPU
2017-08-22BUG/MINOR: dns: server set by SRV records stay in "no resolution" status
2017-08-22BUG/MINOR: Wrong type used as argument for spoe_decode_buffer().
2017-08-17BUG/MAJOR: stream: in stream_free(), close the front endpoint and not the origin
2017-07-28BUG/MEDIUM: ssl: Fix regression about certificates generation
2017-07-28BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions.
2017-07-28BUG/MEDIUM: stream: don't retry SSL connections which fail the SNI name check
2017-07-28BUG/MINOR: ssl: make use of the name in SNI before verifyhost
2017-07-26BUG/MINOR: ssl: Fix check against SNI during server certificate verification
2017-07-24BUG/MAJOR: lua: properly dequeue hlua_applet_wakeup() for new scheduler
2017-07-24BUG/MINOR: lua: always detach the tcp/http tasks before freeing them
2017-07-24BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr()
2017-07-24BUG/MINOR: lua: Fix Server.get_addr() port values

Back to the list of branches and versions
Back to the HAProxy page