HAProxy known bugs for maintenance branch 2.4 :  4 

This is maintenance branch 2.4 whose latest version is 2.4.27. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 2.4 version other than 2.4.27, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

DateVersionComment
2024-06-182.4.27 ⇐ last
2024-04-052.4.26 
2023-12-142.4.25 
2023-08-192.4.24 
2023-06-092.4.23 
2023-02-142.4.22 
2023-01-272.4.21 
2022-12-092.4.20 
2022-09-282.4.19 
2022-07-272.4.18 
2022-05-132.4.17 
2022-04-292.4.16 
2022-03-142.4.15 
2022-02-252.4.14 
2022-02-162.4.13 
2022-01-112.4.12 
2022-01-072.4.11 
2021-12-232.4.10 
2021-11-242.4.9 
2021-11-032.4.8 
2021-10-042.4.7 
2021-10-042.4.6 
2021-10-012.4.5 
2021-09-072.4.4 
2021-08-172.4.3 
2021-07-072.4.2 
2021-06-172.4.1 
2021-05-142.4.0 

Fixes for known bugs pending in this branch since the last release (2.4.27)

These fixes have already been queued for the next 2.4 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

TotalCRITICALMAJORMEDIUMMINOR
4 0 1 1 2

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2024-07-03BUG/MAJOR: server: do not delete srv referenced by session
2024-07-03BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
2024-07-03BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
2024-06-19BUG/MEDIUM: cli: fix cli_output_msg() regression

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

DateSubject
2024-09-16BUG/MINOR: peers: local entries updates may not be advertised after resync
2024-09-13BUG/MEDIUM: queue: implement a flag to check for the dequeuing
2024-09-12BUG/MINOR: clock: validate that now_offset still applies to the current date
2024-09-12BUG/MINOR: clock: make time jump corrections a bit more accurate
2024-09-12BUG/MINOR: polling: fix time reporting when using busy polling
2024-09-10BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
2024-09-09BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
2024-09-09BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
2024-09-09BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
2024-09-09BUG/MEDIUM: pattern: prevent uninitialized reads in pat_match_{str,beg}
2024-09-09BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
2024-09-08BUG/MEDIUM: clock: detect and cover jumps during execution
2024-09-06BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only
2024-09-04BUG/MEDIUM: clock: also update the date offset on time jumps
2024-09-03BUG/MEDIUM: mux-pt: Fix condition to perform a shutdown for writes in mux_pt_shut()
2024-09-03BUG/MINOR: Crash on O-RTT RX packet after dropping Initial pktns
2024-09-03BUG/MINOR: mux-spop: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
2024-09-03BUG/MAJOR: mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
2024-09-03BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
2024-09-03BUG/MINOR: quic: unexploited retransmission cases for Initial pktns.
2024-09-02BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
2024-09-02BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown
2024-09-02BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
2024-08-30BUG/MEDIUM: quic: always validate sender address on 0-RTT
2024-08-30BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
2024-08-30BUG/MINIR: proxy: Match on 429 status when trying to perform a L7 retry
2024-08-28BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
2024-08-28BUG/MEDIUM: mux-h2: Set ES flag when necessary on 0-copy data forwarding
2024-08-23BUG/MINOR: haproxy: free init_env in deinit only if allocated
2024-08-20BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
2024-08-20BUG/MINOR: cfgparse-global: remove redundant goto
2024-08-20BUG/MINOR: cfgparse-global: clean common_kw_list
2024-08-20BUG/MINOR: cfgparse-global: fix err msg in mworker keyword parser
2024-08-20BUG/MINOR: stats: add lang attribute to html tag
2024-08-20BUG/MINOR: stats: fix color of input elements in dark mode
2024-08-13BUG/MINOR: release-estimator: fix relative scheme in CHANGELOG URL
2024-08-13BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
2024-08-13BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
2024-08-11BUG/MINOR: tools: make fgets_from_mem() stop at the end of the input
2024-08-09BUG/MINOR: h3: properly reject too long header responses
2024-08-09BUG/MINOR: cfgparse: parse_cfg: fix null ptr dereference reported by coverity
2024-08-09BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
2024-08-09BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
2024-08-08BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
2024-08-08BUG/MINOR: proto_tcp: keep error msg if listen() fails
2024-08-08BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
2024-08-07BUG/MINOR: quic: prevent freeze after early QCS closure
2024-08-07BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
2024-08-07BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
2024-08-07BUG/MINOR: trace: automatically start in waiting mode with "start "
2024-08-07BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
2024-08-07BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
2024-08-07BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
2024-08-07BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
2024-08-06BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
2024-08-06BUG/MINOR: fcgi-app: handle a possible strdup() failure
2024-08-05BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
2024-08-02BUG/MINOR: quic: Too shord datagram during O-RTT handshakes (aws-lc only)
2024-08-02BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
2024-08-02BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
2024-08-02BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
2024-08-02BUG/MEDIUM: http-ana: Report error on write error waiting for the response
2024-08-01BUG/MINOR: h2: reject extended connect for h2c protocol
2024-08-01BUG/MINOR: h1: do not forward h2c upgrade header token
2024-08-01BUG/MIONR: quic: fix fc_lost
2024-08-01BUG/MINOR: quic: fix fc_rtt/srtt values
2024-07-31BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
2024-07-30BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
2024-07-30BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
2024-07-30BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
2024-07-30BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
2024-07-30BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
2024-07-29BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
2024-07-26BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
2024-07-26BUG/MEDIUM: quic: fix invalid conn reject with CONNECTION_REFUSED
2024-07-24BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
2024-07-24BUG/MEDIUM: sink: properly init applet under sft lock
2024-07-19BUG/MINOR: quic: Non optimal first datagram.
2024-07-18BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
2024-07-18BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
2024-07-18BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
2024-07-18BUG/MEDIUM: startup: fix zero-warning mode
2024-07-17BUG/MAJOR: mux-h2: force a hard error upon short read with pending error
2024-07-17BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
2024-07-16BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
2024-07-16BUG/MINOR: do not close uninit FD in quic_test_socketops()

Back to the list of branches and versions
Back to the HAProxy page