HAProxy known bugs for version v2.4.0 (maintenance branch 2.4) :  214 

This version (2.4.0) is a release belonging to maintenance branch 2.4 whose latest version is 2.4.12. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2022-01-112.4.12 ⇐ last
2022-01-072.4.11 
2021-12-232.4.10 
2021-11-242.4.9 
2021-11-032.4.8 
2021-10-042.4.7 
2021-10-042.4.6 
2021-10-012.4.5 
2021-09-072.4.4 
2021-08-172.4.3 
2021-07-072.4.2 
2021-06-172.4.1 
2021-05-142.4.0 ⇐ yours

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 2.4 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
214 0 19 71 124

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2022-01-11BUG/MAJOR: mux-h1: Don't decrement .curr_len for unsent data
2022-01-11BUG/MEDIUM: mworker: don't use _getsocks in wait mode
2022-01-07BUG/MEDIUM: http-ana: Preserve response's FLT_END analyser on L7 retry
2022-01-07BUG/MINOR: cli: fix _getsocks with musl libc
2022-01-07BUG/MEDIUM: ssl: free the ckch instance linked to a server
2022-01-07BUG/MINOR: ssl: free the fields in srv->ssl_ctx
2022-01-07BUG/MINOR: mux-h1: Fix splicing for messages with unknown length
2022-01-07BUG/MEDIUM: mux-h1: Fix splicing by properly detecting end of message
2021-12-30BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server
2021-12-24BUG/MINOR: pools: don't mark ourselves as harmless in DEBUG_UAF mode
2021-12-24BUG/MEDIUM: backend: fix possible sockaddr leak on redispatch
2021-12-23BUG/MINOR: backend: restore the SF_SRV_REUSED flag original purpose
2021-12-23BUG/MINOR: backend: do not set sni on connection reuse
2021-12-16BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode
2021-12-16BUG/MINOR: cli/server: Don't crash when a server is added with a custom id
2021-12-03BUILD: bug: Fix error when compiling with -DDEBUG_STRICT_NOCRASH
2021-12-02BUG/MAJOR: segfault using multiple log forward sections.
2021-12-02BUG/MEDIUM: resolvers: Detach query item on response error
2021-12-02BUG/MINOR: server: Don't rely on last default-server to init server SSL context
2021-12-02BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time
2021-11-23BUG/MINOR: cache: Fix loop on cache entries in "show cache"
2021-11-23BUG/MINOR: ssl: make SSL counters atomic
2021-11-23MINOR: shctx: add a few BUG_ON() for consistency checks
2021-11-23BUG/MINOR: shctx: do not look for available blocks when the first one is enough
2021-11-23BUG/MEDIUM: shctx: leave the block allocator when enough blocks are found
2021-11-23BUG/MEDIUM: cache/cli: make "show cache" thread-safe
2021-11-23BUG/MEDIUM: mux-h2: always process a pending shut read
2021-11-23BUG/MEDIUM: ssl: abort with the correct SSL error when SNI not found
2021-11-23BUG/MINOR: ssl: free correctly the sni in the backend SSL cache
2021-11-23BUG/MEDIUM: ssl: backend TLS resumption with sni and TLSv1.3
2021-11-15BUG/MEDIUM: mux-h1: Handle delayed silent shut in h1_process() to release H1C
2021-11-15BUG/MINOR: stick-table/cli: Check for invalid ipv6 key
2021-11-15BUG/MEDIUM: connection: make cs_shutr/cs_shutw//cs_close() idempotent
2021-11-15BUG/MINOR: mux-h2: Fix H2_CF_DEM_SHORT_READ value
2021-11-15BUG/MINOR: mworker: doesn't launch the program postparser
2021-11-15BUG/MEDIUM: conn-stream: Don't reset CS flags on close
2021-11-10Revert "BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back"
2021-11-10BUG/MINOR: http-ana: Apply stop to the current section for http-response rules
2021-11-10BUG/MINOR: cache: properly ignore unparsable max-age in quotes
2021-11-10BUG/MINOR: resolvers: throw log message if trash not large enough for query
2021-11-10BUG/MINOR: resolvers: fix sent messages were counted twice
2021-11-10BUG/MEDIUM: mux-h2: reject upgrade if no RFC8441 support
2021-11-03BUG/MINOR: sample: fix backend direction flags consecutive to last fix
2021-11-03BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
2021-11-03BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data
2021-11-03BUG/MINOR: http: Authorization value can have multiple spaces after the scheme
2021-11-03BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
2021-11-03BUG/MINOR: halog: Add missing newlines in die() messages
2021-11-03BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions
2021-11-03BUG/MEDIUM: resolvers: Don't recursively perform requester unlink
2021-11-03BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released
2021-11-03BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed
2021-11-03BUG/MINOR: backend: fix improper insert in avail tree for always reuse
2021-10-22BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems
2021-10-22BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
2021-10-22BUG/MINOR: task: do not set TASK_F_USR1 for no reason
2021-10-22BUG/MAJOR: buf: fix varint API post- vs pre- increment
2021-10-20BUG/MEDIUM: resolvers: always check a valid item in query_list
2021-10-20BUG/MAJOR: resolvers: add other missing references during resolution removal
2021-10-20BUG/MEDIUM: resolvers: use correct storage for the target address
2021-10-20BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
2021-10-20BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
2021-10-20BUG/MEDIUM: resolver: make sure to always use the correct hostname length
2021-10-20BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier
2021-10-20BUG/MAJOR: dns: tcp session can remain attached to a list after a free
2021-10-20BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors
2021-10-19BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
2021-10-19BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
2021-10-19BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
2021-10-19BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
2021-10-19BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames
2021-10-19BUG/MEDIUM: sample: properly verify that variables cast to sample
2021-10-04BUG/MEDIUM: http-ana: Clear request analyzers when applying redirect rule
2021-10-04BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release
2021-10-01MINOR: tasks: catch TICK_ETERNITY with BUG_ON() in __task_queue()
2021-09-30BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input
2021-09-30BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing
2021-09-30BUG/MAJOR: lua: use task_wakeup() to properly run a task once
2021-09-30BUG/MEDIUM: lua: fix wakeup condition from sleep()
2021-09-30MINOR: Makefile: add MEMORY_POOLS to the list of DEBUG_xxx options
2021-09-30BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers"
2021-09-24BUG/MEDIUM: stream-int: Defrag HTX message in si_cs_recv() if necessary
2021-09-24BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM
2021-09-24BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data
2021-09-24BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer
2021-09-24BUG/MINOR: stats: use refcount to protect dynamic server on dump
2021-09-24BUG/MINOR: server: do not use refcount in free_server in stopping mode
2021-09-24BUG/MINOR: http-ana: increment internal_errors counter on response error
2021-09-24BUG/MINOR: h1-htx: Fix a typo when request parser is reset
2021-09-24BUG/MEDIUM: leastconn: fix rare possibility of divide by zero
2021-09-24BUG/MINOR: server: allow 'enable health' only if check configured
2021-09-23BUG/MINOR: vars: do not talk about global section in CLI errors for set-var
2021-09-23BUG/MINOR: vars: truncate the variable name in error reports about scope.
2021-09-23BUG/MINOR: vars: properly set the argument parsing context in the expression
2021-09-23BUG/MINOR: vars: improve accuracy of the rules used to check expression validity
2021-09-20BUG/MINOR: flt-trace: fix an infinite loop when random-parsing is set
2021-09-20BUG/MINOR: cli/payload: do not search for args inside payload
2021-09-20BUG/MINOR: connection: prevent null deref on mux cleanup task allocation
2021-09-20BUG/MINOR: tcpcheck: Improve LDAP response parsing to fix LDAP check
2021-09-20BUG/MAJOR: mux-h1: Don't eval input data if an error was reported
2021-09-16BUG/MINOR: compat: make sure __WORDSIZE is always defined
2021-09-10BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached
2021-09-10BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload
2021-09-10BUG/MINOR: systemd: ExecStartPre must use -Ws
2021-09-10BUG/MINOR: filters: Set right FLT_END analyser depending on channel
2021-09-10BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set
2021-09-10BUG/MEDIUM: http-ana: Reset channels analysers when returning an error
2021-09-10BUG/MINOR: stream: Don't release a stream if FLT_END is still registered
2021-09-08BUG/MINOR: lua: Don't yield in channel.append() and channel.set()
2021-09-08BUG/MINOR: lua: Yield in channel functions only if lua context can yield
2021-09-07Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
2021-09-03BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
2021-09-03BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
2021-09-03BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
2021-09-02BUG/MINOR: tools: Fix loop condition in dump_text()
2021-09-02BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
2021-09-02BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
2021-09-02BUG/MINOR: time: fix idle time computation for long sleeps
2021-09-02BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
2021-09-02BUG/MINOR: base64: base64urldec() ignores padding in output size check
2021-09-02BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
2021-09-02BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
2021-08-20BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
2021-08-17BUG/MEDIUM: h2: give :authority precedence over Host
2021-08-17BUG/MAJOR: h2: enforce stricter syntax checks on the :method pseudo-header
2021-08-17BUG/MAJOR: h2: verify that :path starts with a '/' before concatenating it
2021-08-17BUG/MAJOR: h2: verify early that non-http/https schemes match the valid syntax
2021-08-13BUG/MEDIUM: cfgcheck: verify existing log-forward listeners during config check
2021-08-12BUG/MEDIUM: spoe: Fix policy to close applets when SPOE connections are queued
2021-08-12BUG/MINOR: tcpcheck: Properly detect pending HTTP data in output buffer
2021-08-12BUG/MINOR: buffer: fix buffer_dump() formatting
2021-08-11BUG/MEDIUM: spoe: Create a SPOE applet if necessary when the last one is released
2021-08-11BUG/MINOR: server: update last_change on maint->ready transitions too
2021-08-11BUG/MINOR: server: remove srv from px list on CLI 'add server' error
2021-08-11BUG/MINOR: fd: protect fd state harder against a concurrent takeover
2021-08-11BUG/MINOR: pollers: always program an update for migrated FDs
2021-08-11BUG/MINOR: poll: fix abnormally high skip_fd counter
2021-08-11BUG/MINOR: select: fix excess number of dead/skip reported
2021-08-11BUG/MEDIUM: pollers: clear the sleeping bit after waking up, not before
2021-08-11BUG/MEDIUM: connection: close a rare race between idle conn close and takeover
2021-08-11BUG/MINOR: connection: Add missing error labels to conn_err_code_str
2021-08-11BUG/MEDIUM: mux-h2: Handle remaining read0 cases on partial frames
2021-07-27BUG/MINOR: mux-h1: Be sure to swap H1C to splice mode when rcv_pipe() is called
2021-07-27BUG/MINOR: mux-h2: Obey dontlognull option during the preface
2021-07-27BUG/MINOR: mux-h1: Obey dontlognull option for empty requests
2021-07-27BUG/MINOR: systemd: must check the configuration using -Ws
2021-07-27BUG/MINOR: resolvers: Use a null-terminated string to lookup in servers tree
2021-07-27BUG/MINOR: check: fix the condition to validate a port-less server
2021-07-27BUG/MINOR: stats: Add missing agent stats on servers
2021-07-27BUG/MEDIUM: ssl_sample: fix segfault for srv samples on invalid request
2021-07-27BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs
2021-07-27BUG/MEDIUM: mworker: do not register an exit handler if exit is expected
2021-07-15BUG/MINOR: ssl: Default-server configuration ignored by server
2021-07-06BUG/MINOR: cli: fix server name output in "show fd"
2021-07-06BUG/MEDIUM: sock: make sure to never miss early connection failures
2021-07-06BUG/MINOR: peers: fix data_type bit computation more than 32 data_types
2021-07-06BUG/MINOR: stick-table: fix several printf sign errors dumping tables
2021-06-30BUG/MEDIUM: resolvers: Make 1st server of a template take part to SRV resolution
2021-06-28BUG/MINOR: mqtt: Support empty client ID in CONNECT message
2021-06-28BUG/MINOR: mqtt: Fix parser for string with more than 127 characters
2021-06-28BUG/MINOR: tcpcheck: Fix numbering of implicit HTTP send/expect rules
2021-06-28BUG/MINOR: checks: return correct error code for srv_parse_agent_check
2021-06-28BUG/MINOR: resolvers: Reset server IP when no ip is found in the response
2021-06-28BUG/MINOR: resolvers: Always attach server on matching record on resolution
2021-06-23BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
2021-06-23BUG/MINOR: cache: Correctly handle existing-but-empty 'accept-encoding' header
2021-06-22BUG/MINOR: server/cli: Fix locking in function processing "set server" command
2021-06-22BUG/MINOR: resolvers: Use resolver's lock in resolv_srvrq_expire_task()
2021-06-22BUG/MEDIUM: resolvers: Add a task on servers to check SRV resolution status
2021-06-22BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
2021-06-22BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is enabled
2021-06-22BUG/MINOR: server-state: load SRV resolution only if params match the config
2021-06-17BUG/MINOR: mux-h2/traces: bring back the lost "sent H2 REQ/RES" traces
2021-06-17BUG/MINOR: mux-h2/traces: bring back the lost "rcvd H2 REQ" trace
2021-06-17BUG/MINOR: stats: make "show stat typed desc" work again
2021-06-16BUG/MINOR: server: explicitly set "none" init-addr for dynamic servers
2021-06-16BUG/MINOR: mux-h1: do not skip the error response on bad requests
2021-06-16BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue
2021-06-16BUG/MINOR: mworker: fix typo in chroot error message
2021-06-16BUG/MINOR: ssl: use atomic ops to update global shctx stats
2021-06-16BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
2021-06-16BUG/MEDIUM: server: do not auto insert a dynamic server in px addr_node
2021-06-16BUG/MINOR: server: do not keep an invalid dynamic server in px ids tree
2021-06-16BUG/MEDIUM: server: do not forget to generate the dynamic servers ids
2021-06-16BUG/MEDIUM: server: clear dynamic srv on delete from proxy id/name trees
2021-06-16BUG/MEDIUM: server: extend thread-isolate over much of CLI 'add server'
2021-06-16BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
2021-06-16BUG/MAJOR: resolvers: segfault using server template without SRV RECORDs
2021-06-16BUG/MINOR: resolvers: answser item list was randomly purged or errors
2021-06-16BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default
2021-06-16BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded
2021-06-16BUG/MAJOR: pools: fix possible race with free() in the lockless variant
2021-06-16BUG/MINOR: pools: make DEBUG_UAF always write to the to-be-freed location
2021-06-16BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush()
2021-06-10BUG/MEDIUM: compression: Add a flag to know the filter is still processing data
2021-06-10BUG/MEDIUM: compression: Properly get the next block to iterate on payload
2021-06-10BUG/MEDIUM: compression: Fix loop skipping unused blocks to get the next block
2021-06-10BUG/MEDIUM: opentracing: initialization before establishing daemon and/or chroot mode
2021-06-10Revert "BUG/MINOR: opentracing: initialization after establishing daemon mode"
2021-06-10BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future
2021-06-10BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry
2021-06-03BUG/MINOR: vars: Be sure to have a session to get checks variables
2021-05-31BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree
2021-05-31BUG/MINOR: http: Missing calloc return value check in make_arg_list
2021-05-31BUG/MINOR: http: Missing calloc return value check while parsing redirect rule
2021-05-31BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list
2021-05-31BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo
2021-05-31BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule
2021-05-31BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response
2021-05-31BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy
2021-05-31BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare
2021-05-31BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture
2021-05-31BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine
2021-05-31BUG/MINOR: peers: Missing calloc return value check in peers_register_table
2021-05-31BUG/MINOR: server: Missing calloc return value check in srv_parse_source
2021-05-31BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts
2021-05-31BUG/MINOR: http-ana: Send the right error if max retries is reached on L7 retry
2021-05-31BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response
2021-05-31BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
2021-05-31BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
2021-05-31BUG/MEDIUM: ebtree: Invalid read when looking for dup entry

Back to the list of branches and versions
Back to the HAProxy page