HAProxy known bugs for version v2.1.2 (maintenance branch 2.1)

This version (2.1.2) is a release belonging to maintenance branch 2.1 whose latest version is 2.1.5. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2020-05-292.1.5 ⇐ last
2020-04-022.1.4 
2020-02-122.1.3 
2019-12-212.1.2 ⇐ yours
2019-12-112.1.1 
2019-11-252.1.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 2.1 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
169 1 6 56 106

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2020-06-02Revert "BUG/MEDIUM: connections: force connections cleanup on server changes"
2020-05-28BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
2020-05-28BUG/MINOR: lua: Add missing string length for lua sticktable lookup
2020-05-28BUG/MEDIUM: logs: fix trailing zeros on log message.
2020-05-28BUG/MINOR: logs: prevent double line returns in some events.
2020-05-25BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
2020-05-20BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified
2020-05-20BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
2020-05-20BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any reason
2020-05-20BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt()
2020-05-20BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
2020-05-20BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
2020-05-20BUG/MINOR: soft-stop: always wake up waiting threads on stopping
2020-05-20BUG/MINOR: pollers: remove uneeded free in global init
2020-05-20BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
2020-05-20BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered
2020-05-20BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
2020-05-20BUG/MINOR: http-ana: fix NTLM response parsing again
2020-05-20BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
2020-05-20BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
2020-05-20BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}()
2020-05-20BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
2020-05-20BUG/MINOR: sample: Set the correct type when a binary is converted to a string
2020-05-20BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id()
2020-05-20BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are parsed
2020-05-20BUG/MEDIUM: connections: force connections cleanup on server changes
2020-05-20BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
2020-05-20BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
2020-05-20BUG/MINOR: checks: Remove a warning about http health checks
2020-05-20BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks
2020-05-08BUG/MINOR: checks/server: use_ssl member must be signed
2020-05-07Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections"
2020-05-07Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY connections"
2020-05-01BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock
2020-05-01BUG/MEDIUM: shctx: really check the lock's value while waiting
2020-05-01BUG/MINOR: debug: properly use long long instead of long for the thread ID
2020-05-01BUG/MEDIUM: listener: mark the thread as not stuck inside the loop
2020-05-01BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream
2020-05-01BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam
2020-05-01BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam
2020-05-01BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream
2020-05-01BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream
2020-05-01BUG/MINOR: mux-fcgi: Be sure to have a connection as session's origin to use it
2020-05-01BUG/MINOR: obj_type: Handle stream object in obj_base_ptr() function
2020-05-01BUG/MINOR: checks: chained expect will not properly wait for enough data
2020-05-01BUG/MEDIUM: server/checks: Init server check during config validity check
2020-05-01BUG/MINOR: checks: Respect the no-check-ssl option
2020-05-01BUG/MINOR: check: Update server address and port to execute an external check
2020-05-01BUG/MINOR: http: make url_decode() optionally convert '+' to SP
2020-05-01BUG/MINOR: tools: fix the i386 version of the div64_32 function
2020-05-01BUG/MEDIUM: http-ana: Handle NTLM messages correctly.
2020-05-01BUG/MINOR: ssl: default settings for ssl server options are not used
2020-05-01BUG/MINOR: peers: Incomplete peers sections should be validated.
2020-04-14BUG/MINOR: connection: always send address-less LOCAL PROXY connections
2020-04-09BUG/MINOR: ssl: memleak of the struct cert_key_and_chain
2020-04-08BUG/MINOR: ssl/cli: memory leak in 'set ssl cert'
2020-04-02BUG/MINOR: protocol_buffer: Wrong maximum shifting.
2020-04-02BUG/CRITICAL: hpack: never index a header into the headroom after wrapping
2020-04-01BUG/MINOR: http-ana: Reset request analysers on error when waiting for response
2020-03-31BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits
2020-03-31BUG/MINOR: stats: Fix color of draining servers on stats page
2020-03-31BUG/MINOR: peers: Use after free of "peers" section.
2020-03-31BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
2020-03-31BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
2020-03-31BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection
2020-03-31BUG/MINOR: connections: Make sure we free the connection on failure.
2020-03-31BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue().
2020-03-31MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h.
2020-03-31BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases.
2020-03-31BUG/MINOR: haproxy/threads: try to make all threads leave together
2020-03-31BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping
2020-03-31BUG/MINOR: haproxy: always initialize sleeping_thread_mask
2020-03-31BUG/MEDIUM: pools: Always update free_list in pool_gc().
2020-03-31BUG/MEDIUM: random: align the state on 2*64 bits for ARM64
2020-03-31BUG/MEDIUM: mt_lists: Make sure we set the deleted element to NULL;
2020-03-31BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop
2020-03-31BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action
2020-03-31BUG/MINOR: http-rules: Fix a typo in the reject action function
2020-03-31BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action
2020-03-31BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not
2020-03-31BUG/MINOR: http-ana: Reset request analysers on a response side error
2020-03-31BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload
2020-03-31BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload
2020-03-31BUG/MINOR: filters: Forward everything if no data filters are called
2020-03-31BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data
2020-03-31BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
2020-03-31BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits
2020-03-31BUG/MINOR: pattern: Do not pass len = 0 to calloc()
2020-03-31BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled
2020-03-31BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump
2020-03-11BUG/MAJOR: list: fix invalid element address calculation
2020-03-11BUG/MINOR: checks/threads: use ha_random() and not rand()
2020-03-11BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG
2020-03-11BUG/MEDIUM: random: initialize the random pool a bit better
2020-02-28BUG/MINOR: http-htx: Do case-insensive comparisons on Host header name
2020-02-28BUG/MINOR: dns: ignore trailing dot
2020-02-28BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch
2020-02-28BUG/MINOR: h2: reject again empty :path pseudo-headers
2020-02-28BUG/MINOR: connection: make sure to correctly tag local PROXY connections
2020-02-28BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions
2020-02-28BUG/MINOR: sample: fix the json converter's endian-sensitivity
2020-02-28BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support
2020-02-28BUG/MEDIUM: shctx: make sure to keep all blocks aligned
2020-02-28BUG/MINOR: http: http-request replace-path duplicates the query string
2020-02-21BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered
2020-02-21BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive
2020-02-21BUG/MINOR: http-htx: Don't return error if authority is updated without changes
2020-02-21BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them
2020-02-21BUG/MINOR: mux-fcgi: Forbid special characters when matching PATH_INFO param
2020-02-21BUG/MEDIUM: muxes: Use the right argument when calling the destroy method.
2020-02-21BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat
2020-02-12BUG/MINOR: tcp: don't try to set defaultmss when value is negative
2020-02-12BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect
2020-02-12BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported
2020-02-12BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
2020-02-12BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
2020-02-12BUG/MEDIUM: listener: only consider running threads when resuming listeners
2020-02-11BUG/MINOR: dns: allow 63 char in hostname
2020-02-11BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
2020-02-07BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
2020-02-05BUG/MINOR: ssl: clear the SSL errors on DH loading failure
2020-02-04BUG/MINOR: ssl: we may only ignore the first 64 errors
2020-02-04BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
2020-02-04BUG/MEDIUM: memory: Add a rwlock before freeing memory.
2020-02-04BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
2020-02-04BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
2020-02-04BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
2020-02-04BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
2020-02-04BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
2020-01-24BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
2020-01-24BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
2020-01-24BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers"
2020-01-24BUG/MINOR: stktable: report the current proxy name in error messages
2020-01-24BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
2020-01-24BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
2020-01-24BUG/MINOR: ssl: typo in previous patch
2020-01-24BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
2020-01-24BUG/MINOR: ssl: increment issuer refcount if in chain
2020-01-24BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
2020-01-23BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
2020-01-23BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
2020-01-23BUG/MINOR: http_act: don't check capture id in backend
2020-01-23BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
2020-01-23BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
2020-01-23BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
2020-01-23BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
2020-01-23BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
2020-01-23BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
2020-01-23BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
2020-01-20BUG/MINOR: 51d: Fix bug when HTX is enabled
2020-01-20BUG/MINOR: dns: Make dns_query_id_seed unsigned
2020-01-20BUG/MINOR: cache: Fix leak of cache name in error path
2020-01-20BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
2020-01-20BUG/MEDIUM: connection: add a mux flag to indicate splice usability
2020-01-20BUG/MINOR: stream: don't mistake match rules for store-request rules
2020-01-20BUG/MEDIUM: cli: _getsocks must send the peers sockets
2020-01-20BUG/MAJOR: hashes: fix the signedness of the hash inputs
2020-01-20BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
2020-01-20BUG/MEDIUM: mworker: remain in mworker mode during reload
2020-01-20BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
2020-01-20BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
2020-01-20BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
2020-01-20BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
2020-01-20BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
2020-01-09BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
2020-01-09BUG/MEDIUM: session: do not report a failure when rejecting a session
2020-01-09BUG/MINOR: channel: inject output data at the end of output
2020-01-09BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
2020-01-09BUG/MINOR: proxy: Fix input data copy when an error is captured
2020-01-09BUG/MINOR: h1: Report the right error position when a header value is invalid
2020-01-09BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
2020-01-09BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
2020-01-07BUG/MINOR: checks: refine which errno values are really errors.

Back to the list of branches and versions
Back to the HAProxy page