HAProxy known bugs for version v1.8.11 (maintenance branch 1.8) :  509 

This version (1.8.11) is a release belonging to maintenance branch 1.8 whose latest version is 1.8.31. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2022-12-091.8.31 ⇐ last
2021-04-121.8.30 
2021-03-191.8.29 
2021-01-131.8.28 
2020-11-061.8.27 
2020-08-031.8.26 
2020-04-021.8.25 
2020-02-151.8.24 
2019-11-251.8.23 
2019-10-251.8.22 
2019-08-161.8.21 
2019-04-251.8.20 
2019-02-111.8.19 
2019-02-061.8.18 
2019-01-081.8.17 
2018-12-211.8.16 
2018-12-131.8.15 
2018-09-201.8.14 
2018-07-301.8.13 
2018-06-271.8.12 
2018-06-261.8.11 ⇐ yours
2018-06-221.8.10 
2018-05-181.8.9 
2018-04-191.8.8 
2018-04-071.8.7 
2018-04-051.8.6 
2018-03-231.8.5 
2018-02-081.8.4 
2017-12-301.8.3 
2017-12-231.8.2 
2017-12-031.8.1 
2017-11-261.8.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 1.8 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
509 3 33 215 258

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2022-12-09BUG/MINOR: http_ana/txn: don't re-initialize txn and req var lists
2022-12-09BUG/MEDIUM: listener: Fix race condition when updating the global mngmt task
2022-12-09BUG/MEDIUM: stick-table: fix a race condition when updating the expiration task
2022-12-09BUG/MAJOR: stick-table: don't process store-response rules for applets
2022-12-09BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
2022-08-30BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
2022-08-30BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
2022-08-30BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
2022-08-25BUG/MEDIUM: shctx: leave the block allocator when enough blocks are found
2022-08-25BUG/MINOR: hlua: Don't rely on top of the stack when using Lua buffers
2022-08-25BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent
2022-08-25BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
2022-08-25BUG/MINOR: server: do not enable DNS resolution on disabled proxies
2022-08-25BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
2022-08-25BUG/MINOR: map/cli: make sure patterns don't vanish under "show map"'s init
2022-08-25BUG/MINOR: map/cli: protect the backref list during "show map" errors
2022-08-25BUG/MEDIUM: cli: make "show cli sockets" really yield
2022-08-25BUG/MINOR: cache: Disable cache if applet creation fails
2022-08-25BUG/MINOR: cache: do not display expired entries in "show cache"
2022-08-25BUG/MINOR: cli: shows correct mode in "show sess"
2022-08-25BUG/MEDIUM: mworker: close unused transferred FDs on load failure
2022-08-25BUG/MAJOR: spoe: properly detach all agents when releasing the applet
2022-08-25BUG/MEDIUM: mworker: don't lose the stats socket on failed reload
2022-08-25BUG/MINOR: cli: fix _getsocks with musl libc
2022-08-25BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
2022-08-25BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
2022-08-25BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
2022-08-25BUG/MAJOR: lua: use task_wakeup() to properly run a task once
2022-08-25BUG/MEDIUM: lua: fix wakeup condition from sleep()
2022-08-25BUG/MINOR: server: allow 'enable health' only if check configured
2022-08-25BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
2022-08-25BUG/MEDIUM: sock: really fix detection of early connection failures in for 2.3-
2022-08-25BUG/MINOR: compat: make sure __WORDSIZE is always defined
2022-08-25BUG/MINOR: tools: Fix loop condition in dump_text()
2022-08-25BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
2022-08-25BUG/MINOR: server: update last_change on maint->ready transitions too
2022-08-25BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs
2022-08-25BUG/MEDIUM: mworker: do not register an exit handler if exit is expected
2021-07-29BUG/MEDIUM: tcp-check: Do not dereference inexisting connection
2021-07-08BUG/MINOR: peers: fix data_type bit computation more than 32 data_types
2021-07-08BUG/MINOR: cli: fix server name output in "show fd"
2021-07-08BUG/MEDIUM: sock: make sure to never miss early connection failures
2021-07-08BUG/MINOR: server/cli: Fix locking in function processing "set server" command
2021-07-08BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
2021-07-08BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
2021-07-08BUG/MEDIUM: spoe: Register pre/post analyzers in start_analyze callback function
2021-07-08BUG/MEDIUM: dns: send messages on closed/reused fd if fd was detected broken
2021-07-08BUG/MINOR: ssl: use atomic ops to update global shctx stats
2021-07-08BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
2021-07-08BUG/MEDIUM: dns: reset file descriptor if send returns an error
2021-07-08BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future
2021-07-08BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
2021-07-08BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
2021-07-08BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
2021-07-08BUG/MEDIUM: peers: reset tables stage flags stages on new conns
2021-07-08BUG/MEDIUM: peers: re-work updates lookup during the sync on the fly
2021-07-08BUG/MEDIUM: peers: reset commitupdate value in new conns
2021-07-08BUG/MEDIUM: peers: reset starting point if peers appears longly disconnected
2021-07-08BUG/MEDIUM: peers: stop considering ack messages teaching a full resync
2021-07-08BUG/MEDIUM: peers: register last acked value as origin receiving a resync req
2021-07-08BUG/MEDIUM: peers: initialize resync timer to get an initial full resync
2021-07-08BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
2021-07-08BUG/MEDIUM: peers: re-work connection to new process during reload.
2021-07-08BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
2021-07-08BUG/MINOR: logs: Report the true number of retries if there was no connection
2021-07-08BUG/MEDIUM: sample: Fix adjusting size in field converter
2021-07-08BUG/MINOR: tools: fix parsing "us" unit for timers
2021-03-31BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
2021-03-31BUG/MINOR: tcp: fix silent-drop workaround for IPv6
2021-03-31BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters
2021-03-31BUG/MEDIUM: time: make sure to always initialize the global tick
2021-03-24BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable
2021-03-19BUG/MINOR: freq_ctr/threads: make use of the last updated global time
2021-03-18BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames
2021-03-18BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error
2021-03-18BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters
2021-03-18BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached
2021-03-18BUG/MEDIUM: session: NULL dereference possible when accessing the listener
2021-03-18BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode
2021-03-18BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring()
2021-03-03BUG/MEDIUM: dns: Consider the fact that dns answers are case-insensitive
2021-03-02BUG/MEDIUM: spoe: Explicitly wakeup SPOE stream if waiting for more data
2021-03-02BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
2021-03-02BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1
2021-03-02BUG/MINOR: connection: Use the client's dst family for adressless servers
2021-03-02BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule
2021-03-02BUG/MINOR: http-ana: Only consider dst address to process originalto option
2021-03-02BUG/MEDIUM: cli/shutdown sessions: make it thread-safe
2021-03-02BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop
2021-03-02BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line
2021-03-02BUG/MINOR: server: Init params before parsing a new server-state line
2021-03-02BUG/MINOR: sample: Always consider zero size string samples as unsafe
2021-03-02BUG/MINOR: checks: properly handle wrapping time in __health_adjust()
2021-03-02BUG/MINOR: session: atomically increment the tracked sessions counter
2021-03-02BUG/MINOR: server: Remove RMAINT from admin state when loading server state
2021-03-02BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL
2021-03-02BUG/MEDIUM: config: don't pick unset values from last defaults section
2021-03-02BUG/MINOR: server: Fix server-state-file-name directive
2021-03-02BUG/MINOR: server: re-align state file fields number
2021-02-05BUG/MINOR: xxhash: make sure armv6 uses memcpy()
2021-02-05BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
2021-02-05BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
2021-02-05BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
2021-01-12BUG/MINOR: srv: do not init address if backend is disabled
2021-01-12BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails
2020-12-17BUG/MEDIUM: mworker: fix again copy_argv()
2020-12-14BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight
2020-12-14BUG/MINOR: tools: Reject size format not starting by a digit
2020-12-14BUG/MINOR: tools: make parse_time_err() more strict on the timer validity
2020-12-14BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times
2020-12-14BUG/MINOR: lua: Some lua init operation are processed unsafe
2020-12-14BUG/MINOR: lua: Post init register function are not executed beyond the first one
2020-12-14BUG/MINOR: lua: lua-load doesn't check its parameters
2020-12-14BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
2020-12-14BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
2020-12-14BUG/MINOR: config: copy extra cookie attributes from dfl proxy
2020-11-04BUG/MINOR: filters: Skip disabled proxies during startup only
2020-11-04BUG/MINOR: server: Set server without addr but with dns in RMAINT on startup
2020-11-04BUG/MEDIUM: filters: Don't try to init filters for disabled proxies
2020-11-04BUG/MINOR: cache: Inverted variables in http_calc_maxage function
2020-11-04BUG/MINOR: lua: initialize sample before using it
2020-11-04BUG/MINOR: server: fix down_time report for stats
2020-11-04BUG/MINOR: server: fix srv downtime calcul on starting
2020-11-04BUG/MINOR: extcheck: add missing checks on extchk_setenv()
2020-11-04BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible
2020-11-04BUG/MEDIUM: server: support changing the slowstart value from state-file
2020-11-04BUG/MINOR: queue: properly report redistributed connections
2020-10-19BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn
2020-10-19BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided
2020-10-09BUG/MINOR: stats: fix validity of the json schema
2020-10-05BUG/MEDIUM: listeners: do not pause foreign listeners
2020-10-05BUG/MINOR: config: Fix memory leak on config parse listen
2020-10-05BUG/MEDIUM: h2: report frame bits only for handled types
2020-09-28BUG/MINOR: ssl: verifyhost is case sensitive
2020-09-28BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
2020-09-23BUG/MEDIUM: pattern: fix memory leak in regex pattern functions
2020-09-11BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned
2020-09-11BUG/MINOR: threads: work around a libgcc_s issue with chrooting
2020-09-11BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()
2020-09-07BUG/MINOR: startup: haproxy -s cause 100% cpu
2020-09-07BUG/MINOR: reload: do not fail when no socket is sent
2020-08-11BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
2020-08-11BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation
2020-08-11BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation
2020-08-11BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
2020-08-05BUG/MEDIUM: mux-h2: Don't fail if nothing is parsed for a legacy chunk response
2020-08-03BUG/MINOR: dns: ignore trailing dot
2020-08-03BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
2020-08-03BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
2020-08-03BUG/MEDIUM: checks: Always initialize checks before starting them
2020-08-03BUG/MEDIUM: server/checks: Init server check during config validity check
2020-08-03BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
2020-08-03BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
2020-08-03BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
2020-08-03BUG/MINOR: checks: Remove a warning about http health checks
2020-08-03BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks
2020-08-03BUG/MINOR: http: make url_decode() optionally convert '+' to SP
2020-07-31BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields
2020-07-31BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed
2020-07-31BUG/MEDIUM: mux-h2: Emit an error if the response chunk formatting is incomplete
2020-07-31BUG/MINOR: cfgparse: don't increment linenum on incomplete lines
2020-07-31BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked
2020-07-31BUG/MINOR: sample: Free str.area in smp_check_const_meth
2020-07-31BUG/MINOR: sample: Free str.area in smp_check_const_bool
2020-07-31BUG/MINOR: http_act: don't check capture id in backend (2)
2020-07-31BUG/MINOR: proxy: always initialize the trash in show servers state
2020-07-31BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash
2020-07-31BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible
2020-07-31BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL
2020-07-31BUG/MINOR: spoe: correction of setting bits for analyzer
2020-07-31BUG/MINOR: systemd: Wait for network to be online
2020-07-31BUG/MINOR: spoe: add missing key length check before checking key names
2020-07-31BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks
2020-07-31BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness
2020-07-31BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0
2020-07-31BUG/MEDIUM: pattern: fix thread safety of pattern matching
2020-07-31BUG/MINOR: mworker: fix a memleak when execvp() failed
2020-07-31BUG/MEDIUM: mworker: fix the reload with an -- option
2020-07-31BUG/MINOR: init: -x can have a parameter starting with a dash
2020-07-31BUG/MEDIUM: mworker: fix the copy of options in copy_argv()
2020-07-31BUG/MINOR: proto-http: Fix detection of NTLM for the legacy HTTP version
2020-07-31BUG/MEDIUM: logs: fix trailing zeros on log message.
2020-07-31BUG/MINOR: logs: prevent double line returns in some events.
2020-07-31BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations
2020-07-31BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action
2020-07-31BUG/MINOR: peers: fix internal/network key type mapping.
2020-07-31BUG/MINOR: pollers: remove uneeded free in global init
2020-07-31BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
2020-07-31BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
2020-07-31BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
2020-07-31BUG/MINOR: sample: Set the correct type when a binary is converted to a string
2020-07-31BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
2020-07-31BUG/MEDIUM: shctx: really check the lock's value while waiting
2020-07-31BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
2020-07-31BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
2020-07-31BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
2020-07-31BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
2020-07-31BUG/MINOR: checks: chained expect will not properly wait for enough data
2020-07-31BUG/MINOR: checks/server: use_ssl member must be signed
2020-07-31BUG/MINOR: checks: Respect the no-check-ssl option
2020-07-31BUG/MINOR: check: Update server address and port to execute an external check
2020-07-31BUG/MINOR: tools: fix the i386 version of the div64_32 function
2020-07-31BUG/MINOR: ssl: default settings for ssl server options are not used
2020-04-02BUG/CRITICAL: hpack: never index a header into the headroom after wrapping
2020-04-01BUG/MINOR: http-ana: Reset request analysers on error when waiting for response
2020-04-01BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits
2020-04-01BUG/MEDIUM: http: unbreak redirects in legacy mode
2020-04-01BUG/MINOR: stats: Fix color of draining servers on stats page
2020-04-01BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
2020-04-01BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
2020-04-01BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop
2020-04-01BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action
2020-04-01BUG/MINOR: http-rules: Fix a typo in the reject action function
2020-04-01BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action
2020-04-01BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not
2020-04-01BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
2020-04-01BUG/MAJOR: list: fix invalid element address calculation
2020-04-01BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch
2020-04-01BUG/MINOR: sample: fix the json converter's endian-sensitivity
2020-04-01BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support
2020-04-01BUG/MEDIUM: shctx: make sure to keep all blocks aligned
2020-04-01BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat
2020-02-12BUG/MINOR: tcp: don't try to set defaultmss when value is negative
2020-02-12BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
2020-02-12BUG/MEDIUM: listener: only consider running threads when resuming listeners
2020-02-11BUG/MINOR: dns: allow 63 char in hostname
2020-02-11BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
2020-02-04BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
2020-02-04BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
2020-01-24BUG/MINOR: dns: allow srv record weight set to 0
2020-01-23BUG/MINOR: http_act: don't check capture id in backend
2020-01-23BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
2020-01-23BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
2020-01-23BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
2020-01-23BUG/MINOR: dns: Make dns_query_id_seed unsigned
2020-01-23BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
2020-01-23BUG/MINOR: stream: don't mistake match rules for store-request rules
2020-01-23BUG/MEDIUM: cli: _getsocks must send the peers sockets
2020-01-23BUG/MAJOR: hashes: fix the signedness of the hash inputs
2020-01-23BUG/MEDIUM: mworker: remain in mworker mode during reload
2020-01-23BUG/MEDIUM: session: do not report a failure when rejecting a session
2019-12-20BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
2019-12-20BUG/MINOR: sample: always check converters' arguments
2019-12-20BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
2019-12-11BUG/MINOR: listener: fix off-by-one in state name check
2019-12-11BUG/MINOR: server: make "agent-addr" work on default-server line
2019-12-11BUG/MINOR: listener: do not immediately resume on transient error
2019-12-11BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers
2019-12-11BUG/MINOR: log: fix minor resource leaks on logformat error path
2019-12-11BUG/MEDIUM: kqueue: Make sure we report read events even when no data.
2019-12-10BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive.
2019-12-10BUG/MAJOR: dns: add minimalist error processing on the Rx path
2019-12-10BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept()
2019-12-10BUG/MINOR: listener: also clear the error flag on a paused listener
2019-12-10BUG/MINOR: listener/threads: always use atomic ops to clear the FD events
2019-12-10BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state
2019-12-05BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
2019-12-05BUG/MEDIUM: listener/thread: fix a race when pausing a listener
2019-11-25BUG/MAJOR: h2: make header field name filtering stronger
2019-11-25BUG/MAJOR: h2: reject header values containing invalid chars
2019-11-25BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
2019-11-15BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition
2019-11-07BUG: dns: timeout resolve not applied for valid resolutions
2019-11-07BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
2019-11-06BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it
2019-11-06BUG/MINOR: config: Update cookie domain warn to RFC6265
2019-10-28BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed
2019-10-23BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless
2019-10-23BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion
2019-10-22BUG/MINOR: ssl: fix memcpy overlap without consequences.
2019-10-22BUG/MINOR: sample: Make the `field` converter compatible with `-m found`
2019-10-22BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
2019-10-22BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
2019-10-22BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
2019-10-22BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload
2019-10-22BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
2019-10-22BUG/MINOR: ssl: abort on sni_keytypes allocation failure
2019-10-22BUG/MINOR: ssl: abort on sni allocation failure
2019-10-22BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
2019-10-22BUG/MINOR: WURFL: fix send_log() function arguments
2019-10-22BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
2019-10-22BUG/MINOR: ssl: free the sni_keytype nodes
2019-10-22BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
2019-10-22BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)
2019-10-22BUG/MEDIUM: namespace: fix fd leak in master-worker mode
2019-10-22BUG/MEDIUM: spoe: Use a different engine-id per process
2019-10-22BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames
2019-10-22BUG/MEDIUM: namespace: close open namespaces during soft shutdown
2019-10-22BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1
2019-10-22BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
2019-10-22BUG/MINOR: filters: Properly set the HTTP status code on analysis error
2019-10-22BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding
2019-09-04BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data
2019-08-26BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener()
2019-08-26BUG/MINOR: mworker: disable SIGPROF on re-exec
2019-08-23BUG/MEDIUM: spoe: Be sure the sample is found before setting its context
2019-08-23BUG/MINOR: logs/threads: properly split the log area upon startup
2019-08-23BUG/MEDIUM: checks: make sure the warmup task takes the server lock
2019-08-23BUG/MEDIUM: ssl: Use the early_data API the right way.
2019-08-23BUG/MINOR: haproxy: fix rule->file memory leak
2019-08-16BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
2019-08-08BUG/MINOR: ssl: fix 0-RTT for BoringSSL
2019-08-06BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
2019-08-06BUG/MINOR: mux-h2: always send stream window update before connection's
2019-08-06BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
2019-08-06BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
2019-08-06BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another one
2019-08-06BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
2019-08-02BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
2019-08-01BUG/MINOR: stream-int: also update analysers timeouts on activity
2019-08-01BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is increased
2019-07-30BUG/MEDIUM: protocols: properly initialize the proto_lock in 1.8
2019-07-30BUG/MINOR: lua: Set right direction and flags on new HTTP objects
2019-07-30BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue()
2019-07-29BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready
2019-07-29BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class
2019-07-26BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased
2019-07-26BUG/MINOR: proxy: always lock stop_proxy()
2019-07-26BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff
2019-07-26BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
2019-07-19BUG/MEDIUM: http/htx: unbreak option http_proxy
2019-07-19BUG/MEDIUM: tcp-check: unbreak multiple connect rules again
2019-07-12BUG/MAJOR: listener: fix thread safety in resume_listener()
2019-07-12BUG/MEDIUM: da: cast the chunk to string.
2019-07-05BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock
2019-06-19BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock
2019-06-18BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses
2019-06-18BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error message
2019-06-18BUG/MEDIUM: mux-h2: make sure the connection timeout is always set
2019-06-18BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions
2019-06-18BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars
2019-06-18BUG/MEDIUM: connection: fix multiple handshake polling issues
2019-06-18BUG/MINOR: deinit/threads: make hard-stop-after perform a clean exit
2019-06-18BUG/MEDIUM: http: fix "http-request reject" when not final
2019-05-27BUG/MAJOR: lb/threads: make sure the avoided server is not full on second pass
2019-05-27BUG/MINOR: ssl_sock: Fix memory leak when disabling compression
2019-05-24BUG/MEDIUM: spoe: Don't use the SPOE applet after releasing it
2019-05-24BUG/MEDIUM: dns: make the port numbers unsigned
2019-05-16BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()"
2019-04-30BUG/MEDIUM: port_range: Make the ring buffer lock-free.
2019-04-30BUG/MEDIUM: listener: Fix how unlimited number of consecutive accepts is handled
2019-04-30BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
2019-04-29BUG/MEDIUM: contrib/modsecurity: If host header is NULL, don't try to strdup it
2019-04-29BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed
2019-04-29BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per request
2019-04-24BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler
2019-04-24BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
2019-04-24BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST()
2019-04-24BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules
2019-04-24BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
2019-04-24BUG/MEDIUM: maps: only try to parse the default value when it's present
2019-04-24BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
2019-04-24BUG/MEDIUM: listener: make sure the listener never accepts too many conns
2019-04-24BUG/MEDIUM: listener: use a self-locked list for the dequeue lists
2019-04-24BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED()
2019-04-24BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED
2019-04-24BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element
2019-04-24BUG/MEDIUM: list: add missing store barriers when updating elements and head
2019-04-24BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer
2019-04-24BUG/MEDIUM: list: fix the rollback on addq in the locked liss
2019-04-24BUG/MEDIUM: lists: Properly handle the case we're removing the first elt.
2019-04-24BUG/MINOR: threads: fix the process range of thread masks
2019-04-24BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages
2019-04-24BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream
2019-04-24BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
2019-04-24BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release.
2019-04-24BUG/MINOR: cli: correctly handle abns in 'show cli sockets'
2019-04-24BUG/MAJOR: checks: segfault during tcpcheck_main
2019-04-24BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites
2019-04-24BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
2019-04-24BUG/MAJOR: stats: Fix how huge POST data are read from the channel
2019-03-18BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
2019-03-18BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes
2019-03-11BUG/MINOR: ssl: fix warning about ssl-min/max-ver support
2019-03-11BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
2019-03-11BUG/MEDIUM: logs: Only attempt to free startup_logs once.
2019-03-11BUG/MINOR: listener: keep accept rate counters accurate under saturation
2019-03-11BUG/MAJOR: listener: Make sure the listener exist before using it.
2019-02-11BUG/MINOR: config: Reinforce validity check when a process number is parsed
2019-02-10BUG/MAJOR: stream: avoid double free on unique_id
2019-02-10BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck
2019-02-10BUG/MEDIUM: server: initialize the idle conns list after parsing the config
2019-02-10BUG/MEDIUM: spoe: initialization depending on nbthread must be done last
2019-02-10BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets
2019-02-10BUG/MINOR: spoe: do not assume agent->rt is valid on exit
2019-02-06BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules
2019-02-05BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes
2019-02-05BUG/MAJOR: config: verify that targets of track-sc and stick rules are present
2019-02-04BUG/MINOR: config: fix bind line thread mask validation
2019-02-04BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().
2019-02-04BUG/MEDIUM: mux-h2: do not close the connection on aborted streams
2019-02-04BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection
2019-02-04BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams
2019-02-04BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions
2019-02-04BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update
2019-02-04BUG/MINOR: stream: don't close the front connection when facing a backend error
2019-02-04BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit
2019-02-04BUG/MINOR: spoe: corrected fragmentation string size
2019-02-04BUG/MINOR: hpack: return a compression error on invalid table size updates
2019-02-04BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream
2019-02-04BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error
2019-02-04BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY
2019-01-28BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
2019-01-28BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk()
2019-01-28BUG/MINOR: server: don't always trust srv_check_health when loading a server state
2019-01-28BUG/MINOR: stick_table: Prevent conn_cur from underflowing
2019-01-28BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
2019-01-28BUG/MINOR: backend: balance uri specific options were lost across defaults
2019-01-28BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
2019-01-28BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
2019-01-28BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT.
2019-01-28BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key
2019-01-08BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used
2019-01-07BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
2019-01-07BUG/MINOR: lua: bad args are returned for Lua actions
2019-01-07BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything
2019-01-07BUG/MEDIUM: cli: make "show sess" really thread-safe
2019-01-07BUG/MEDIUM: server: Also copy "check-sni" for server templates.
2019-01-07BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max
2019-01-07BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify()
2018-12-21BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error
2018-12-21BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response()
2018-12-21BUG/MINOR: logs: leave startup-logs global and not per-thread
2018-12-12BUG: dns: Fix off-by-one write in dns_validate_dns_response()
2018-12-12BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response()
2018-12-12BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
2018-12-12BUG: dns: Prevent out-of-bounds read in dns_read_name()
2018-12-12BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
2018-12-12BUG/MINOR: mux-h2: advertise a larger connection window size
2018-12-12BUG/MINOR: mux-h2: refrain from muxing during the preface
2018-12-12BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation
2018-12-12BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
2018-12-12BUG/MINOR: lb-map: fix unprotected update to server's score
2018-12-12BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed
2018-12-12BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name
2018-12-12BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id
2018-11-29BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field
2018-11-29BUG/MINOR: config: Copy default error messages when parsing of a backend starts
2018-11-29BUG/MEDIUM: Make sure stksess is properly aligned.
2018-11-29BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn
2018-10-29BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe
2018-10-29BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer
2018-10-29BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic
2018-10-29BUG/MINOR: only mark connections private if NTLM is detected
2018-10-29BUG/MINOR: ssl: Wrong usage of shctx_init().
2018-10-29BUG/MINOR: cache: Wrong usage of shctx_init().
2018-10-29BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB).
2018-10-29BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent.
2018-10-29BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF.
2018-10-16BUG/MEDIUM: threads: make sure threads_want_sync is marked volatile
2018-10-16BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point
2018-10-16BUG/MEDIUM: stream: don't crash on out-of-memory
2018-10-16BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM.
2018-10-16BUG/MINOR: checks: queues null-deref
2018-10-16BUG/MEDIUM: Cur/CumSslConns counters not threadsafe.
2018-10-08BUG/MEDIUM: buffers: Make sure we don't wrap in buffer_insert_line2/replace2.
2018-10-08BUG/MINOR: backend: check that the mux installed properly
2018-10-08BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
2018-09-20BUG/CRITICAL: hpack: fix improper sign check on the header index value
2018-09-20BUG/MINOR: cli: make sure the "getsock" command is only called on connections
2018-09-20BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
2018-09-19BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list
2018-09-19BUG/MINOR: server: Crash when setting FQDN via CLI.
2018-09-19BUG/MAJOR: kqueue: Don't reset the changes number by accident.
2018-09-19BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors
2018-09-19BUG/MINOR: http/threads: atomically increment the error snapshot ID
2018-09-19BUG/MINOR: dns: check and link servers' resolvers right after config parsing
2018-09-19BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames
2018-09-19BUG/MEDIUM: session: fix reporting of handshake processing time in the logs
2018-09-19BUG/MINOR: stream: use atomic increments for the request counter
2018-09-19BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1
2018-09-19BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file
2018-09-19BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0.
2018-09-19BUG/MAJOR: thread: lua: Wrong SSL context initialization.
2018-09-19BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
2018-09-19BUG/MEDIUM: lua: reset lua transaction between http requests
2018-08-24BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake()
2018-08-24BUG/MINOR: lua: Bad HTTP client request duration.
2018-08-24BUG/MEDIUM: unix: provide a ->drain() function
2018-08-24BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations
2018-08-24BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates
2018-08-24BUG/MEDIUM: lua: socket timeouts are not applied
2018-08-24BUG/MINOR: map: fix map_regm with backref
2018-08-24BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error.
2018-08-24BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
2018-08-24BUG/MINOR: ssl: empty connections reported as errors.
2018-08-24BUG/MEDIUM: cli: make "show fd" thread-safe
2018-08-24BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point
2018-08-24BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7
2018-08-22BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers
2018-08-07BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections
2018-08-07BUG/MEDIUM: servers: check the queues once enabling a server
2018-07-30BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
2018-07-30BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
2018-07-27BUG/MINOR: threads: Handle nbthread == MAX_THREADS.
2018-07-27BUG/MINOR: config: stick-table is not supported in defaults section
2018-07-27BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
2018-07-27BUG/MEDIUM: threads/sync: use sched_yield when available
2018-07-24BUG/MINOR: servers: Don't make "server" in a frontend fatal.
2018-07-24BUG/MEDIUM: stats: don't ask for more data as long as we're responding
2018-07-24BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
2018-07-20BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
2018-07-20BUG/MINOR: http: Set brackets for the unlikely macro at the right place
2018-07-19BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
2018-07-19BUG/MEDIUM: h2: never leave pending data in the output buffer on close
2018-07-19BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
2018-07-19BUG/MINOR: h2: remove accidental debug code introduced with show_fd function
2018-07-19BUG/MINOR: ssl: properly ref-count the tls_keys entries
2018-06-27BUG/MAJOR: stick_table: Complete incomplete SEGV fix

Back to the list of branches and versions
Back to the HAProxy page