HAProxy known bugs for version v3.2.0 (maintenance branch 3.2) :  40 

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

• full changelog for 3.2 : here
• browse history for 3.2 : here

Other versions in the same branch

Date	Version	Comment
2025-07-09	3.2.3	⇐ last
2025-07-02	3.2.2
2025-06-11	3.2.1
2025-05-28	3.2.0	⇐ yours

Known bugs affecting this version, and already fixed in the maintenance branch

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

• MINOR: the bug presents a limited impact and can easily be mitigated ; users rarely upgrade just for these ones ;
• MEDIUM: the bug can cause some undesired behaviour and may require some tricky configuration changes to avoid hitting it ; users normally upgrade to get rid of them, or temporarily disable a functionality.
• MAJOR: the bug affects short term reliability and cannot easily be worked around without a significant performance penalty or without a significant functional loss ; such bugs don't stay long in the queue without a release and users must plan an upgrade as soon as possible ;
• CRITICAL: this one very rarely happens ; it indicates a short-term reliability or security issue for which there is no workaround. A release will be emitted for this fix even if it's alone and users are urged to upgrade immediately. Some distro maintainers might have been informed in advance in order to agree on a coordinated release date.

Total known bugs in this version by category :

Total	CRITICAL	MAJOR	MEDIUM	MINOR
40	0	2	15	23

Click on the subjects below to get the full description of the bug :

Merge date	Subject - Severity (minor, medium, major, critical)
2025-07-31	BUG/MEDIUM: mux-quic: ensure Early-data header is set
2025-07-31	BUG/MINOR: hlua: take default-path into account with lua-load-per-thread
2025-07-31	BUG/MEDIUM: logs: fix sess_build_logline_orig() recursion with options
2025-07-31	BUG/MEDIUM: dns: Reset reconnect tempo when connection is finally established
2025-07-31	BUG/MEDIUM: hlua: Report to SC when output data are blocked on a lua socket
2025-07-31	BUG/MEDIUM: hlua: Report to SC when data were consumed on a lua socket
2025-07-31	BUG/MINOR: hlua: Skip headers when a receive is performed on an HTTP applet
2025-07-24	BUG/MINOR: acme: allow "processing" in challenge requests
2025-07-24	BUG/MEDIUM: acme: use POST-as-GET instead of GET for resources
2025-07-22	BUG/MEDIUM: ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers
2025-07-07	BUG/MINOR: http-act: Fix parsing of the expression argument for pause action
2025-07-07	BUG/MINOR: ssl: crash in ssl_sock_io_cb() with SSL traces and idle connections
2025-07-07	BUG/MINOR: ssl/ocsp: fix definition discrepancies with ocsp_update_init()
2025-07-07	BUG/MINOR: quic: Missing TLS 1.3 QUIC cipher suites and groups inits (OpenSSL 3.5 QUIC API)
2025-07-07	BUG/MEDIUM: quic: SSL/TCP handshake failures with OpenSSL 3.5
2025-07-02	BUG/MINOR: httpclient: wrongly named httpproxy flag
2025-07-02	BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter
2025-07-02	BUG/MEDIUM: mux-h2: Properly handle connection error during preface sending
2025-07-02	BUG/MEDIUM: hlua: Forbid any L6/L7 sample fetche functions from lua services
2025-07-02	BUG/MINOR: tools: use my_unsetenv instead of unsetenv
2025-07-02	BUG/MINOR: quic: wrong QUIC_FT_CONNECTION_CLOSE(0x1c) frame encoding
2025-07-02	BUG/MINOR: log: Be able to use %ID alias at anytime of the stream's evaluation
2025-07-02	BUG/MINOR: stream: Avoid recursive evaluation for unique-id based on itself
2025-07-02	BUG/MINOR: tools: only reset argument start upon new argument
2025-07-02	BUG/MAJOR: fwlc: Count an avoided server as unusable.
2025-07-02	BUG/MINOR: mux-quic/h3: properly handle too low peer fctl initial stream
2025-06-16	BUG/MEDIUM: check: Set SOCKERR by default when a connection error is reported
2025-06-16	BUG/MEDIUM: cli: Don't consume data if outbuf is full or not available
2025-06-16	BUG/MINOR: quic: Fix OSSL_FUNC_SSL_QUIC_TLS_got_transport_params_fn callback (OpenSSL3.5)
2025-06-13	BUG/MINOR: http-ana: Properly handle keep-query redirect option if no QS
2025-06-13	BUG/MINOR: config/server: reject QUIC addresses
2025-06-11	BUG/MINIR: h1: Fix doc of 'accept-unsafe-...-request' about URI parsing
2025-06-11	BUG/MEDIUM: fd: Use the provided tgid in fd_insert() to get tgroup_info
2025-06-11	BUG/MINOR: quic: Missing SSL session object freeing
2025-06-11	BUG/MINOR: config: fix arg number reported on empty arg warning
2025-06-11	BUG/MINOR: config: emit warning for empty args only in discovery mode
2025-06-11	BUG/MEDIUM: cli: Properly parse empty lines and avoid crashed
2025-06-11	BUG/MINOR: mux-spop: Fix null-pointer deref on SPOP stream allocation failure
2025-06-11	BUG/MEDIUM: check: Requeue healthchecks on I/O events to handle check timeout
2025-06-11	BUG/MAJOR: leastconn: Protect tree_elt with the lbprm lock

Back to the list of branches and versions
Back to the HAProxy page