HAProxy known bugs for version v2.8.4 (maintenance branch 2.8) :  81 

This version (2.8.4) is a release belonging to maintenance branch 2.8 whose latest version is 2.8.7. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2024-02-262.8.7 ⇐ last
2024-02-152.8.6 
2023-12-072.8.5 
2023-11-172.8.4 ⇐ yours
2023-09-072.8.3 
2023-08-092.8.2 
2023-07-032.8.1 
2023-05-312.8.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 2.8 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
81 0 3 32 46

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2024-02-26BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
2024-02-14BUG/MINOR: ext-check: cannot use without preserve-env
2024-02-14BUG/MINOR: diag: run the final diags before quitting when using -c
2024-02-14BUG/MINOR: diag: always show the version before dumping a diag warning
2024-02-14BUG/MEDIUM: quic: Wrong K CUBIC calculation.
2024-02-14BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
2024-02-14BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
2024-02-14BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
2024-02-14BUG/MEDIUM: qpack: allow 6xx..9xx status codes
2024-02-14BUG/MEDIUM: h3: do not crash on invalid response status code
2024-02-14BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
2024-02-14BUG/MEDIUM: mux-quic: report early error on stream
2024-02-14BUG/MINOR: h3: fix checking on NULL Tx buffer
2024-02-14BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
2024-02-14BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
2024-02-14BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
2024-02-14BUG/MEDIUM: ocsp: Separate refcount per instance and per store
2024-02-14BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
2024-02-14BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
2024-02-14BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
2024-02-14BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
2024-02-14BUG/MEDIUM: h1: always reject the NUL character in header values
2024-02-14BUG/MINOR: h1-htx: properly initialize the err_pos field
2024-02-14BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
2024-02-14BUG/MINOR: h1: Don't support LF only at the end of chunks
2024-02-14BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
2024-02-14BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
2024-02-14BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
2024-02-14BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
2024-02-14BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
2024-02-14BUG/MINOR: vars/cli: fix missing LF after "get var" output
2024-02-14BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
2024-02-14BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
2024-02-14MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
2024-01-17BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
2024-01-17BUG/MINOR: mux-h2: also count streams for refused ones
2024-01-17BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
2024-01-12BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
2024-01-12BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
2024-01-12BUG/MEDIUM: h3: fix incorrect snd_buf return value
2024-01-12BUG/MINOR: h3: close connection on sending alloc errors
2024-01-12BUG/MINOR: h3: properly handle alloc failure on finalize
2024-01-12BUG/MINOR: h3: close connection on header list too big
2024-01-12BUG/MINOR: quic: Missing call to TLS message callbacks
2024-01-12BUG/MINOR: quic: Wrong keylog callback setting.
2024-01-12BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
2024-01-12BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
2024-01-12BUG/MINOR: resolvers: default resolvers fails when network not configured
2024-01-12BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
2024-01-12BUG/MEDIUM: quic: QUIC CID removed from tree without locking
2024-01-12BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
2024-01-12BUG/MINOR: mworker/cli: fix set severity-output support
2023-12-07BUG/MEDIUM: proxy: always initialize the default settings after init
2023-12-07BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
2023-12-07BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
2023-12-07BUG/MINOR: ssl: Double free of OCSP Certificate ID
2023-12-05BUG/MINOR: quic: Packet number spaces too lately initialized
2023-12-05BUG/MINOR: quic: Missing QUIC connection path member initialization
2023-12-05BUG/MINOR: quic: Possible leak of TX packets under heavy load
2023-12-05BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
2023-12-05BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
2023-12-05BUG/MEDIUM: peers: fix partial message decoding
2023-12-05BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
2023-12-05BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
2023-12-05BUG/MINOR: config: Stopped parsing upon unmatched environment variables
2023-12-05BUG/MINOR: quic_tp: fix preferred_address decoding
2023-12-05BUG/MINOR: h3: always reject PUSH_PROMISE
2023-12-05BUG/MINOR: h3: fix TRAILERS encoding
2023-12-05BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
2023-12-05BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
2023-12-05BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
2023-12-05BUG/MINOR: server: do not leak default-server in defaults sections
2023-12-05BUG/MINOR: quic: Possible RX packet memory leak under heavy load
2023-12-05BUG/MEDIUM: quic: Possible crash for connections to be killed
2023-12-05BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
2023-12-05BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
2023-12-05BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
2023-12-05BUG/MINOR: stream/cli: report correct stream age in "show sess"
2023-12-05BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
2023-12-05BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
2023-12-05BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
2023-11-21BUG/MAJOR: quic: complete thread migration before tcp-rules

Back to the list of branches and versions
Back to the HAProxy page