HAProxy known bugs for maintenance branch 2.2 :  25 

This is maintenance branch 2.2 whose latest version is 2.2.4. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 2.2 version other than 2.2.4, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

DateVersionComment
2020-09-302.2.4 ⇐ last
2020-09-082.2.3 
2020-07-312.2.2 
2020-07-232.2.1 
2020-07-072.2.0 

Fixes for known bugs pending in this branch since the last release (2.2.4)

These fixes have already been queued for the next 2.2 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

TotalCRITICALMAJORMEDIUMMINOR
25 0 1 9 15

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2020-10-27BUG/MEDIUM: ssl: OCSP must work with BoringSSL
2020-10-22BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer possible
2020-10-22BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD requests
2020-10-22BUG/MEDIUM: server: support changing the slowstart value from state-file
2020-10-22BUG/MINOR: queue: properly report redistributed connections
2020-10-19BUG/MINOR: disable dynamic OCSP load with BoringSSL
2020-10-19BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions.
2020-10-19BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn
2020-10-19BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages
2020-10-19BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided
2020-10-19BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at once
2020-10-19BUG/MINOR: connection: fix loop iter on connection takeover
2020-10-19BUG/MINOR: mux-h2: do not stop outgoing connections on stopping
2020-10-19BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited
2020-10-09BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses
2020-10-09BUG/MINOR: http: Fix content-length of the default 500 error
2020-10-09BUG/MEDIUM: mux-h2: Don't handle pending read0 too early on streams
2020-10-09BUG/MEDIUM: mux-fcgi: Don't handle pending read0 too early on streams
2020-10-08BUG/MINOR: mux-h1: Always set the session on frontend h1 stream
2020-10-08BUG/MINOR: mux-h1: Be sure to only set CO_RFL_READ_ONCE for the first read
2020-10-08BUG/MINOR: peers: Inconsistency when dumping peer status codes.
2020-10-08BUG/MINOR: stats: fix validity of the json schema
2020-10-02BUG/MEDIUM: queue: make pendconn_cond_unlink() really thread-safe
2020-10-02BUG/MINOR: tcpcheck: Set socks4 and send-proxy flags before the connect call
2020-10-02BUG/MINOR: Fix several leaks of 'log_tag' in init().

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

DateSubject
2020-10-27BUG/MINOR: cache: Check the return value of http_replace_res_status
2020-10-27BUG/MINOR: log: fix risk of null deref on error path
2020-10-27BUG/MINOR: log: fix memory leak on logsrv parse error
2020-10-27BUG/MEDIUM: ssl: OCSP must work with BoringSSL

Back to the list of branches and versions
Back to the HAProxy page