HAProxy known bugs for maintenance branch 2.0 :  0 

This is maintenance branch 2.0 whose latest version is 2.0.35. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 2.0 version other than 2.0.35, you're running with known bugs.

Quick links

Versions available in this branch

This branch contains the following releases :

2024-04-052.0.35 ⇐ last

Fixes for known bugs pending in this branch since the last release (2.0.35)

These fixes have already been queued for the next 2.0 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in the latest version of this branch by category :

0 0 0 0 0

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

2024-07-19BUG/MINOR: quic: Non optimal first datagram.
2024-07-18BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
2024-07-18BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
2024-07-18BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
2024-07-18BUG/MEDIUM: startup: fix zero-warning mode
2024-07-17BUG/MAJOR: mux-h2: force a hard error upon short read with pending error
2024-07-17BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
2024-07-16BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
2024-07-16BUG/MINOR: do not close uninit FD in quic_test_socketops()
2024-07-12BUG/MINOR: session: Eval L4/L5 rules defined in the default section
2024-07-11BUG/MINOR: limits: fix license type in limits.h
2024-07-11BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
2024-07-10BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
2024-07-10BUG/MEDIUM: h1: Reject empty Transfer-encoding header
2024-07-10BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
2024-07-10BUG/MINOR: h1: Fail to parse empty transfer coding names
2024-07-08BUG/MINOR: jwt: fix variable initialisation
2024-07-08BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
2024-07-05BUG/MEDIUM: peers: Fix crash when syncing learn state of a peer without appctx
2024-07-04BUG/MEDIUM: quic: prevent crash on accept queue full
2024-07-03MINOR: quic: add 2 BUG_ON() on datagram dispatch
2024-07-03BUG/MINOR: jwt: don't try to load files with HMAC algorithm
2024-07-03BUG/MEDIUM: server: fix race on server_atomic_sync()
2024-07-02BUG/MEDIUM: hlua/cli: Fix lua CLI commands to work with applet's buffers
2024-07-01BUG/MINOR: promex: Remove Help prefix repeated twice for each metric
2024-07-01BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
2024-07-01BUG/MINOR: quic: Wrong datagram building when probing.
2024-06-28BUG/MINOR: quic: fix race-condition on trace for CID retrieval
2024-06-28BUG/MINOR: quic: fix race condition in qc_check_dcid()
2024-06-28BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
2024-06-28BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
2024-06-28BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
2024-06-28BUG/MEDIUM: server/dns: prevent DOWN/UP flap upon resolution timeout or error
2024-06-27BUG/MINOR: server: fix first server template name lookup UAF
2024-06-26BUG/MEDIUM: stick-table: Decrement the ref count inside lock to kill a session
2024-06-26BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
2024-06-24BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
2024-06-24BUG/MINOR: h3: fix BUG_ON() crash on control stream alloc failure
2024-06-24BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
2024-06-24BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
2024-06-19BUG/MAJOR: quic: do not loop on emission on closing/draining state
2024-06-19BUG/MAJOR: quic: fix padding with short packets
2024-06-17BUG/MINOR: proxy: fix email-alert leak on deinit() (2nd try)
2024-06-17BUG/MEDIUM: proxy: fix email-alert invalid free
2024-06-17BUG/MEDIUM: ssl: AWS-LC + TLSv1.3 won't do ECDSA in RSA+ECDSA configuration
2024-06-14DEBUG: hlua: distinguish burst timeout errors from exec timeout errors
2024-06-14BUG/MINOR: log: fix broken '+bin' logformat node option
2024-06-12BUG/MINOR: quic: fix padding of INITIAL packets
2024-06-12BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request
2024-06-12BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section
2024-06-11BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section
2024-06-11BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions
2024-06-11BUG/MINOR: proxy: fix header_unique_id leak on deinit()
2024-06-11BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
2024-06-11BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
2024-06-11BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
2024-06-11BUG/MINOR: proxy: fix email-alert leak on deinit()
2024-06-11BUG/MINOR: proxy: fix log_tag leak on deinit()
2024-06-11BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
2024-06-10BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
2024-06-10BUG/MAJOR: mux-h1: Properly copy chunked input data during zero-copy nego
2024-06-10BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
2024-06-10BUG/MINOR: quic: ensure Tx buf is always purged
2024-06-10BUG/MINOR: quic: fix computed length of emitted STREAM frames
2024-06-07BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
2024-06-05BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
2024-06-05BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
2024-06-04BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
2024-06-04BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
2024-06-04BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
2024-06-04BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
2024-06-04BUG/MINOR: quic: prevent crash on qc_kill_conn()
2024-06-04BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
2024-06-04BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
2024-06-03BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
2024-05-31BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
2024-05-31BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
2024-05-31BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
2024-05-28BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
2024-05-28BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
2024-05-24BUG/MINOR: server: Don't reset resolver options on a new default-server line
2024-05-24BUG/MINOR: http-htx: Support default path during scheme based normalization
2024-05-24BUG/MEDIUM: server/dns: preserve server's port upon resolution timeout or error
2024-05-24BUG/MINOR: rhttp: initialize session origin after preconnect reversal
2024-05-24BUG/MINOR: quic: adjust restriction for stateless reset emission
2024-05-24DEBUG: pollers/fd: add thread id suffix to per-thread memory areas name hints
2024-05-24DEBUG: tools: add vma_set_name_id() helper
2024-05-24BUG/MEDIUM: stick-tables: make sure never to create two same remote entries
2024-05-24BUG/MEDIUM: stick-tables: Fix race with peers when killing a sticky session
2024-05-24BUG/MEDIUM: stick-tables: Fix race with peers when trashing oldest entries
2024-05-23BUG/MEDIUM: mux-quic: Create sedesc in same time of the QUIC stream
2024-05-22BUG/MEDIUM: quic_tls: prevent LibreSSL < 4.0 from negotiating CHACHA20_POLY1305
2024-05-22BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only)
2024-05-22BUG/MINOR: sock: fix sock_create_server_socket
2024-05-22BUG/MINOR: rhttp: fix task_wakeup state
2024-05-22BUG/MINOR: rhttp: prevent listener suspend
2024-05-22BUG/MEDIUM: rhttp: fix preconnect on single-thread
2024-05-22BUG/MINOR: server: free PROXY v2 TLVs on srv drop
2024-05-22BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
2024-05-22BUG/MINOR: http-ana: Don't crush stream termination condition on internal error
2024-05-21BUG/MEDIUM: proto: fix fd leak in _connect_server
2024-05-21DEBUG: fd: add name hint for large memory areas
2024-05-21DEBUG: errors: add name hint for startup-logs memory area
2024-05-21DEBUG: pollers: add name hint for large memory areas used by pollers
2024-05-21DEBUG: sink: add name hint for memory area used by memory-backed sinks
2024-05-21DEBUG: shctx: name shared memory using vma_set_name()
2024-05-21DEBUG: tools: add vma_set_name() helper
2024-05-21BUG/MINOR: ring: free ring's allocated area not ring's usable area when using maps
2024-05-17BUG/MINOR: stats: Don't state the 303 redirect response is chunked
2024-05-17BUG/MEDIUM: fd: prevent memory waste in fdtab array
2024-05-15BUG/MAJOR: h1: Be stricter on request target validation during message parsing
2024-05-15BUG/MEDIUM: h1: Reject CONNECT request if the target has a scheme
2024-05-15BUG/MINOR: h1: Check authority for non-CONNECT methods only if a scheme is found
2024-05-15BUG/MEDIUM: muxes: enforce buf_wait check in takeover()
2024-05-15BUG/MINOR: ssl_sock: fix xprt_set_used() to properly clear the TASK_F_USR1 bit
2024-05-15BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
2024-05-15BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
2024-05-15BUG/MINOR: qpack: fix error code reported on QPACK decoding failure
2024-05-15BUG/MINOR: mux-quic: fix error code on shutdown for non HTTP/3
2024-05-15BUG/MEDIUM: server: clear purgeable conns before server deletion
2024-05-14BUG/MINOR: log: smp_rgs array issues with inherited global log directives
2024-05-13BUG/MINOR: log: fix leak in add_sample_to_logformat_list() error path
2024-05-10BUG/MEDIUM: mux-quic: fix crash on STOP_SENDING received without SD
2024-05-07BUG/MEDIUM: log/ring: broken syslog octet counting
2024-05-06BUG/MINOR: cfgparse: use curproxy global var from config post validation
2024-05-06BUG/MINOR: acl: support built-in ACLs with acl() sample
2024-05-06BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
2024-05-03BUG/MINOR: log: prevent double spaces emission in sess_build_logline()
2024-04-30BUG/MINOR: stconn: don't wake up an applet waiting on buffer allocation
2024-04-30BUG/MEDIUM: log: don't ignore disabled node's options
2024-04-30BUG/MINOR: log: fix global lf_expr node options behavior (2nd try)
2024-04-30BUG/MINOR: log/encode: fix potential NULL-dereference in LOGCHAR()
2024-04-30BUG/MINOR: log/encode: consider global options for key encoding
2024-04-29BUG/MINOR: log: fix global lf_expr node options behavior
2024-04-29BUG/MINOR: stats: replace objt_* by __objt_* macros
2024-04-29BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
2024-04-26BUG/MINOR: mworker: reintroduce way to disable seamless reload with -x /dev/null
2024-04-25BUG/MINOR: peers: Don't wait for a remote resync if there no remote peer
2024-04-25BUG/MEDIUM: peers: Use atomic operations on peers flags when necessary
2024-04-25BUG/MEDIUM: peers: Wait for sync task ack when a resynchro is finished
2024-04-25BUG/MEDIUM: peers: Reprocess peer state after all session shutdowns
2024-04-25BUG/MEDIUM: peers: Automatically start to learn on local peer
2024-04-24BUG/MINOR: h1: fix detection of upper bytes in the URI
2024-04-23BUG/MEDIUM: applet: Let's applets decide if they have more data to deliver
2024-04-22BUG/MINOR: stats: fix stot metric for listeners
2024-04-22BUG/MINOR: backend: use cum_sess counters instead of cum_conn
2024-04-19BUG/MEDIUM: peers: Fix state transitions of a peer
2024-04-19BUG/MEDIUM: peers: Don't set PEERS_F_RESYNC_PROCESS flag on a peer
2024-04-19BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
2024-04-19BUG/MINOR: sock: handle a weird condition with connect()
2024-04-19BUG/MINOR: stconn: Fix sc_mux_strm() return value
2024-04-18BUG/MEDIUM: peers: fix localpeer regression with 'bind+server' config style
2024-04-18BUG/MEDIUM: peers: Fix exit condition when max-updates-at-once is reached
2024-04-18BUG/MEDIUM: spoe: Always retry when an applet fails to send a frame
2024-04-18BUG/MEDIUM: applet: Fix applet API to put input data in a buffer
2024-04-17BUG/MINOR: ssl: fix crt-store load parsing
2024-04-17BUG/MINOR: ssl: check on forbidden character on wrong value
2024-04-17BUG/MEDIUM: evports: do not clear returned events list on signal
2024-04-16BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
2024-04-16BUG/MAJOR: peers: Update peers section state from a thread-safe manner
2024-04-16BUG/MINOR: peers: Report a resync was explicitly requested from a thread-safe manner
2024-04-16BUG/MEDIUM: grpc: Fix several unaligned 32/64 bits accesses
2024-04-15BUG/MAJOR: ring: use the correct size to reallocate startup_logs
2024-04-13BUG/MINOR: lru: fix the standalone test case for invalid revision
2024-04-12DEBUG: pools: report the data around the offending area in case of mismatch
2024-04-12DEBUG: pool: improve decoding of corrupted pools
2024-04-12BUG/MAJOR: stick-tables: fix race with peers in entry expiration
2024-04-12BUG/MEDIUM: peers/trace: fix crash when listing event types
2024-04-12BUG/MEDIUM: stick-tables: fix the task's next expiration date
2024-04-12BUG/MEDIUM: cache/stats: Handle inbuf allocation failure in the I/O handler
2024-04-11BUG/MINOR: server: fix slowstart behavior
2024-04-11BUILD: makefile: also drop DEBUG_CFLAGS
2024-04-11CI: update the build options to get rid of unneeded DEBUG options
2024-04-11BUILD: pools: make DEBUG_MEMORY_POOLS=1 the default option
2024-04-11BUILD: debug: make DEBUG_STRICT=1 the default
2024-04-11BUG/MINOR: debug: make sure DEBUG_STRICT=0 does work as documented
2024-04-11BUG/MINOR: guid: fix crash on invalid guid name
2024-04-10BUG/MINOR: http-ana: Fix TX_L7_RETRY and TX_D_L7_RETRY values
2024-04-10BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
2024-04-09BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
2024-04-09BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
2024-04-09BUG/MINOR: log: fix lf_text_len() truncate inconsistency
2024-04-09BUG/MINOR: listener: always assign distinct IDs to shards
2024-04-08BUG/MINOR: cli: Don't warn about a too big command for incomplete commands
2024-04-06BUG/MEDIUM: quic: don't blindly rely on unaligned accesses
2024-04-05BUG/MINOR: init: relax LSTCHK_NETADM checks for non root

Back to the list of branches and versions
Back to the HAProxy page