HAProxy known bugs for version v3.2.4 (maintenance branch 3.2) :  99 

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

• full changelog for 3.2 : here
• browse history for 3.2 : here

Other versions in the same branch

Date	Version	Comment
2025-10-03	3.2.6	⇐ last
2025-09-23	3.2.5
2025-08-13	3.2.4	⇐ yours
2025-07-09	3.2.3
2025-07-02	3.2.2
2025-06-11	3.2.1
2025-05-28	3.2.0

Known bugs affecting this version, and already fixed in the maintenance branch

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

• MINOR: the bug presents a limited impact and can easily be mitigated ; users rarely upgrade just for these ones ;
• MEDIUM: the bug can cause some undesired behaviour and may require some tricky configuration changes to avoid hitting it ; users normally upgrade to get rid of them, or temporarily disable a functionality.
• MAJOR: the bug affects short term reliability and cannot easily be worked around without a significant performance penalty or without a significant functional loss ; such bugs don't stay long in the queue without a release and users must plan an upgrade as soon as possible ;
• CRITICAL: this one very rarely happens ; it indicates a short-term reliability or security issue for which there is no workaround. A release will be emitted for this fix even if it's alone and users are urged to upgrade immediately. Some distro maintainers might have been informed in advance in order to agree on a coordinated release date.

Total known bugs in this version by category :

Total	CRITICAL	MAJOR	MEDIUM	MINOR
99	1	4	44	50

Click on the subjects below to get the full description of the bug :

Merge date	Subject - Severity (minor, medium, major, critical)
2025-10-07	BUG/MINOr: hlua: Fix receive from HTTP applet by properly accounting data
2025-10-07	BUG/MINOR: acme: avoid overflow when diff > notAfter
2025-10-03	BUG/MEDIUM: resolvers: break an infinite loop in resolv_get_ip_from_response()
2025-10-02	BUG/MINOR: h3: forbid 'Z' as well in header field names checks
2025-10-02	BUG/MINOR: h2: forbid 'Z' as well in header field names checks
2025-10-02	BUG/CRITICAL: mjson: fix possible DoS when parsing numbers
2025-10-02	BUG/MEDIUM: fwlc: Handle memory allocation failures.
2025-10-01	BUG/MEDIUM: stick-tables: Make sure not to free a pending entry
2025-10-01	BUG/MEDIUM: ssl: ca-file directory mode must read every certificates of a file
2025-10-01	BUG/MINOR: pattern: Fix pattern lookup for map with opt@ prefix
2025-10-01	BUG/MINOR: acme: possible overflow in acme_will_expire()
2025-10-01	BUG/MINOR: acme: possible overflow on scheduling computation
2025-10-01	BUG/MINOR: pattern: Properly flag virtual maps as using samples
2025-10-01	BUG/MINOR: compression: Test payload size only if content-length is specified
2025-10-01	BUG/MEDIUM: wdt: improve stuck task detection accuracy
2025-09-29	BUG/MEDIUM: acme: free() of i2d_X509_REQ() with AWS-LC
2025-09-29	BUG/MEDIUM: acme: cfg_postsection_acme() don't init correctly acme sections
2025-09-29	BUG/MINOR: acme: don't unlink from acme_ctx_destroy()
2025-09-23	BUG/MINOR: pools: Fix the dump of pools info to deal with buffers limitations
2025-09-23	BUG/MEDIUM: stick-tables: Don't let table_process_entry() handle refcnt
2025-09-23	BUG/MINOR: acme/cli: wrong description for "acme challenge_ready"
2025-09-23	BUG/MEDIUM: resolvers: Wake resolver task up whne unlinking a stream requester
2025-09-23	BUG/MEDIUM: resolvers: Accept to create resolution without hostname
2025-09-23	BUG/MEDIUM: resolvers: Make resolution owns its hostname_dn value
2025-09-23	BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer
2025-09-23	BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers
2025-09-23	BUG/MEDIUM: resolvers: Properly cache do-resolv resolution
2025-09-23	DEBUG: peers: export functions that use locks
2025-09-23	DEBUG: stream: count the number of passes in the connect loop
2025-09-23	BUG/MINOR: tcpcheck: Don't use sni as pool-conn-name for non-SSL connections
2025-09-23	BUG/MINOR: server: Update healthcheck when server settings are changed via CLI
2025-09-23	BUG/MEDIUM: server: Use sni as pool connection name for SSL server only
2025-09-19	BUG/MEDIUM: pattern: fix possible infinite loops on deletion (try 2)
2025-09-19	DEBUG: stick-tables: export stktable_add_pend_updates() for better reporting
2025-09-19	BUG/MEDIUM: ring: invert the length check to avoid an int overflow
2025-09-19	BUG/MINOR: resolvers: always normalize FQDN from response
2025-09-19	BUG/MINOR: ocsp: Crash when updating CA during ocsp updates
2025-09-19	BUG/MEDIUM: http_ana: fix potential NULL deref in http_process_req_common()
2025-09-19	BUG/MINOR: ocsp: prototype inconsistency
2025-09-19	BUG/MINOR: ssl: Fix potential NULL deref in trace callback
2025-09-19	BUG/MINOR: ssl: Potential NULL deref in trace macro
2025-09-19	BUG/MEDIUM: jws: return size_t in JWS functions
2025-09-19	BUG/MINOR: acme: null pointer dereference upon allocation failure
2025-09-19	BUG/MAJOR: stream: Force channel analysis on successful synchronous send
2025-09-19	BUG/MAJOR: stream: Remove READ/WRITE events on channels after analysers eval
2025-09-19	BUG/MINOR: stick-table: make sure never to miss a process_table_expire update
2025-09-19	BUG/MEDIUM: stick-tables: don't loop on non-expirable entries
2025-09-19	BUG/MINOR: activity: fix reporting of task latency
2025-09-19	BUG/MEDIUM: ssl: create the mux immediately on early data
2025-09-19	BUG/MEDIUM: h1: Allow reception if we have early data
2025-09-19	BUG/MEDIUM: checks: fix ALPN inheritance from server
2025-09-19	BUG/MEDIUM: mux-h2: Reinforce conditions to report an error to app-layer stream
2025-09-19	BUG/MEDIUM: mux-h2: Report RST/error to app-layer stream during 0-copy fwding
2025-09-19	BUG/MINOR: mux-h2: Remove H2_CF_DEM_DFULL flags when the demux buffer is reset
2025-09-19	BUG/MEDIUM: mux-h2: Restart reading when mbuf ring is no longer full
2025-09-19	BUG/MEDIUM: mux-h2; Don't block reveives in H2_CS_ERROR and H2_CS_ERROR2 states
2025-09-19	BUG/MEDIUM: mux-h2: Reset MUX blocking flags when a send error is caught
2025-09-19	BUG/MINOR: cpu_topo: work around a small bug in musl's CPU_ISSET()
2025-09-19	BUG/MINOR: log: fix potential memory leak upon error in add_to_logformat_list()
2025-09-19	BUG/MINOR: connection: streamline conn detach from lists
2025-09-19	BUG/MEDIUM: conn: fix UAF on connection after reversal on edge
2025-09-19	BUG/MINOR: check: fix dst address when reusing a connection
2025-09-19	BUG/MINOR: check: ensure check-reuse is compatible with SSL
2025-09-19	BUG/MEDIUM: peers: don't fail twice to grab the update lock
2025-09-19	BUG/MINOR: stick-tables: never leave used entries without expiration
2025-09-19	BUG/MEDIUM: stick-tables: don't leave the expire loop with elements deleted
2025-09-19	BUG/MINOR: haproxy: be sure not to quit too early on soft stop
2025-09-19	BUG/MINOR: quic: fix padding issue on INITIAL retransmit
2025-09-19	BUG/MINOR: quic: fix room check if padding requested
2025-09-19	BUG/MINOR: quic: ignore AGAIN ncbuf err when parsing CRYPTO frames
2025-09-19	BUG/MINOR: tools: Add OOM check for malloc() in indent_msg()
2025-09-19	BUG/MINOR: compression: Add OOM check for calloc() in parse_compression_options()
2025-09-19	BUG/MINOR: cfgparse: Add OOM check for calloc() in cfg_parse_listen()
2025-09-19	BUG/MINOR: acl: Add OOM check for calloc() in smp_fetch_acl_parse()
2025-09-19	BUG/MINOR: log: Add OOM checks for calloc() and malloc() in logformat parser and dup_logger()
2025-09-19	BUG/MINOR: halog: Add OOM checks for calloc() in filter_count_srv_status() and filter_count_url()
2025-09-19	BUG/MEDIUM: server: Duplicate healthcheck's alpn inherited from default server
2025-09-19	BUG/MAJOR: mux-quic: fix crash on reload during emission
2025-09-19	BUG/MEDIUM: quic: CRYPTO frame freeing without eb_delete()
2025-09-19	BUG/MINOR: server: decrement session idle_conns on del server
2025-09-19	BUG/MINOR: connection: remove extra session_unown_conn() on reverse
2025-09-19	BUG/MINOR: connection: rearrange union list members
2025-09-19	BUG/MEDIUM: mworker: fix startup and reload on macOS
2025-09-19	BUG/MINOR: acl: set arg_list->kw to aclkw->kw string literal if aclkw is found
2025-09-19	BUG/MINOR: mux-quic: trace with non initialized qcc
2025-09-19	BUG/MINOR: quic: reorder fragmented RX CRYPTO frames by their offsets
2025-08-26	BUG/MEDIUM: spoe: Improve error detection in SPOE applet on client abort
2025-08-26	BUG/MEDIUM: http_ana: handle yield for "stats http-request" evaluation
2025-08-26	BUG/MEDIUM: mux-spop: Reject connection attempts from a non-spop frontend
2025-08-26	BUG/MINOR: quic: don't coalesce probing and ACK packet of same type
2025-08-26	BUG/MAJOR: quic: fix INITIAL padding with probing packet only
2025-08-26	BUG/MINOR: quic: do not emit probe data if CONNECTION_CLOSE requested
2025-08-26	BUG/MEDIUM: quic: reset padding when building GSO datagrams
2025-08-26	BUG/MEDIUM: ssl: apply ssl-f-use on every "ssl" bind
2025-08-26	BUG/MEDIUM: mux-h2: fix crash on idle-ping due to unwanted ABORT_NOW
2025-08-26	BUG/MEDIUM: mworker: more verbose error upon loading failure
2025-08-26	BUG/MEDIUM: cli: Report inbuf is no longer full when a line is consumed
2025-08-26	BUG/MINOR: spoe: Properly detect and skip empty NOTIFY frames
2025-08-26	BUG/MINOR: mux-h1: fix wrong lock label
2025-08-26	BUG/MEDIUM: quic: listener connection stuck during handshakes (OpenSSL 3.5)
2025-08-26	BUG/MEDIUM: Remove sync sends from streams to applets
2025-08-26	BUG/MEDIUM: stconn: Fix conditions to know an applet can get data from stream

Back to the list of branches and versions
Back to the HAProxy page