HAProxy known bugs for maintenance branch 2.7 : 84

This is maintenance branch 2.7 whose latest version is 2.7.10. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches. In short, if you are running any 2.7 version other than 2.7.10, you're running with known bugs.

Quick links

full changelog for 2.7 : here
browse history for 2.7 : here

Versions available in this branch

This branch contains the following releases :

Date Version Comment

2023-08-09 2.7.10 ⇐ last

2023-06-07 2.7.9

2023-05-02 2.7.8

2023-04-27 2.7.7

2023-03-28 2.7.6

2023-03-17 2.7.5

2023-03-10 2.7.4

2023-02-14 2.7.3

2023-01-20 2.7.2

2022-12-19 2.7.1

2022-12-01 2.7.0

Date	Version	Comment
2023-08-09	2.7.10	⇐ last
2023-06-07	2.7.9
2023-05-02	2.7.8
2023-04-27	2.7.7
2023-03-28	2.7.6
2023-03-17	2.7.5
2023-03-10	2.7.4
2023-02-14	2.7.3
2023-01-20	2.7.2
2022-12-19	2.7.1
2022-12-01	2.7.0

Fixes for known bugs pending in this branch since the last release (2.7.10)

These fixes have already been queued for the next 2.7 release but no version was released with them yet. Note that fixes are backported several at a time from the development branch to maintenance branches, and the absence of a fix here doesn't mean none will be issued soon.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

MINOR: the bug presents a limited impact and can easily be mitigated ; users rarely upgrade just for these ones ;
MEDIUM: the bug can cause some undesired behaviour and may require some tricky configuration changes to avoid hitting it ; users normally upgrade to get rid of them, or temporarily disable a functionality.
MAJOR: the bug affects short term reliability and cannot easily be worked around without a significant performance penalty or without a significant functional loss ; such bugs don't stay long in the queue without a release and users must plan an upgrade as soon as possible ;
CRITICAL: this one very rarely happens ; it indicates a short-term reliability or security issue for which there is no workaround. A release will be emitted for this fix even if it's alone and users are urged to upgrade immediately. Some distro maintainers might have been informed in advance in order to agree on a coordinated release date.

Total known bugs in the latest version of this branch by category :

Total CRITICAL MAJOR MEDIUM MINOR

84 0 2 34 48

Total	CRITICAL	MAJOR	MEDIUM	MINOR
84	0	2	34	48

Click on the subjects below to get the full description of the bug :

Merge date	Subject - Severity (minor, medium, major, critical)
2023-11-20	BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
2023-11-20	BUG/MINOR: stconn: Fix streamer detection for HTX streams
2023-11-15	BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
2023-11-15	BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
2023-11-14	BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
2023-11-14	BUG/MEDIUM: mworker: set the master variable earlier
2023-11-14	BUG/MINOR: http-client: Don't forget to commit changes on HTX message
2023-11-14	BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
2023-11-14	BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
2023-11-14	BUG/MEDIUM: connection: report connection errors even when no mux is installed
2023-11-14	BUG/MINOR: sink: don't learn srv port from srv addr
2023-11-14	BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
2023-11-14	BUG/MINOR: quic: fix retry token check inconsistency
2023-11-14	BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
2023-11-14	BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
2023-11-14	BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
2023-11-14	BUG/MINOR: quic: idle timer task requeued in the past
2023-11-14	BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
2023-11-14	BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
2023-11-14	BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
2023-11-14	BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
2023-11-14	BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
2023-11-14	BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
2023-11-14	BUG/MINOR: stktable: missing free in parse_stick_table()
2023-11-14	BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
2023-11-14	BUG/MEDIUM: ssl: segfault when cipher is NULL
2023-11-14	BUG/MINOR: mux-quic: fix early close if unset client timeout
2023-11-14	BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
2023-11-14	BUG/MINOR: ssl: use a thread-safe sslconns increment
2023-11-14	BUG/MINOR: quic: do not consider idle timeout on CLOSING state
2023-11-14	BUG/MEDIUM: server: "proto" not working for dynamic servers
2023-11-14	DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
2023-11-14	BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
2023-10-27	BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
2023-10-27	BUG/MINOR: mux-h2: commit the current stream ID even on reject
2023-10-27	BUG/MEDIUM: peers: Fix synchro for huge number of tables
2023-10-27	BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
2023-10-27	BUG/MINOR: trace: fix trace parser error reporting
2023-10-27	BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
2023-10-27	BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
2023-10-27	BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
2023-10-27	BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
2023-10-27	BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
2023-10-27	BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
2023-10-27	BUG/MINOR: h3: strengthen host/authority header parsing
2023-10-27	BUG/MINOR: mux-quic: support initial 0 max-stream-data
2023-10-27	BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
2023-10-27	BUG/MINOR: quic: reject packet with no frame
2023-10-27	BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
2023-10-27	BUG/MINOR: hq-interop: simplify parser requirement
2023-10-27	BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
2023-10-27	BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
2023-10-27	BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
2023-10-27	BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
2023-10-27	BUG/MEDIUM: http-ana: Try to handle response before handling server abort
2023-10-17	BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
2023-10-06	BUG/MEDIUM: actions: always apply a longest match on prefix lookup
2023-10-04	BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
2023-10-04	BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
2023-10-04	BUG/MINOR: server: add missing free for server->rdr_pfx
2023-10-04	BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
2023-10-04	BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
2023-10-04	BUG/MINOR: promex: fix backend_agg_check_status
2023-10-04	BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
2023-10-04	BUG/MINOR: hlua/init: coroutine may not resume itself
2023-10-04	BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
2023-09-29	Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
2023-09-29	BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
2023-09-29	BUG/MINOR: quic: Wrong cluster secret initialization
2023-09-29	BUG/MINOR: quic: Leak of frames to send.
2023-09-29	BUILD: bug: make BUG_ON() void to avoid a rare warning
2023-09-07	BUG/MINOR: hlua/action: incorrect message on E_YIELD error
2023-09-07	BUG/MEDIUM: stconn/stream: Forward shutdown on write timeout
2023-09-07	BUG/MINOR: quic: Wrong RTT computation (srtt and rrt_var)
2023-09-07	BUG/MINOR: quic: Wrong RTT adjusments
2023-09-07	BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer
2023-09-07	BUG/MAJOR: quic: Really ignore malformed ACK frames.
2023-09-07	BUG/MINOR: quic: Possible skipped RTT sampling
2023-09-07	BUG/MEDIUM: stconn: Don't block sends if there is a pending shutdown
2023-09-07	BUG/MEDIUM: stconn: Wake applets on sending path if there is a pending shutdown
2023-09-07	BUG/MINOR: checks: do not queue/wake a bounced check
2023-09-07	BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate
2023-09-07	BUG/MINOR: ssl_sock: fix possible memory leak on OOM
2023-09-07	BUG/MINOR: hlua_fcn: potentially unsafe stktable_data_ptr usage
2023-09-07	BUG/MINOR: stktable: allow sc-set-gpt(0) from tcp-request connection
2023-09-07	BUG/MINOR: hlua: fix invalid use of lua_pop on error paths
2023-09-07	BUG/MEDIUM: quic: fix tasklet_wakeup loop on connection closing

Known bugs fixed in the development branch after the last commit in this branch

It is important to understand that not all of these commits are necessarily relevant to this version, but clicking on them will show the bug description. All fixes are made first in the development branch and then backported to the maintenance branches. This ensures no fix is lost when upgrading. If a fix was marked for backporting to this branch and is not there yet, it's likely that it is still missing. Do not hesitate to ask on the haproxy mailing list if you feel like a fix has been skipped.

Date Subject

2023-11-28 BUG/MEDIUM: mux-h2: Remove H2_SF_NOTIFIED flag for H2S blocked on fast-forward

2023-11-28 BUG/MEDIUM: stconn: Don't perform zero-copy FF if opposite SC is blocked

2023-11-28 BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding

2023-11-27 BUG/MEDIUM: mux-h1: Properly ignore trailers when a content-length is announced

2023-11-24 BUG/MINOR: global: Fix tune.disable-(fast-forward/zero-copy-forwarding) options

2023-11-23 BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward send

2023-11-23 DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo

2023-11-23 BUG/MINOR: server: do not leak default-server in defaults sections

2023-11-22 BUG/MINOR: quic: Possible RX packet memory leak under heavy load

2023-11-22 BUG/MINOR: quic: Possible leak of TX packets under heavy load

2023-11-22 BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load

2023-11-20 DEBUG: connection/flags: update flags for reverse HTTP

2023-11-20 BUG/MEDIUM: quic: Possible crash for connections to be killed

Date	Subject
2023-11-28	BUG/MEDIUM: mux-h2: Remove H2_SF_NOTIFIED flag for H2S blocked on fast-forward
2023-11-28	BUG/MEDIUM: stconn: Don't perform zero-copy FF if opposite SC is blocked
2023-11-28	BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
2023-11-27	BUG/MEDIUM: mux-h1: Properly ignore trailers when a content-length is announced
2023-11-24	BUG/MINOR: global: Fix tune.disable-(fast-forward/zero-copy-forwarding) options
2023-11-23	BUG/MEDIUM: mux-h1: Don't set CO_SFL_MSG_MORE flag on last fast-forward send
2023-11-23	DEBUG: tinfo: store the pthread ID and the stack pointer in tinfo
2023-11-23	BUG/MINOR: server: do not leak default-server in defaults sections
2023-11-22	BUG/MINOR: quic: Possible RX packet memory leak under heavy load
2023-11-22	BUG/MINOR: quic: Possible leak of TX packets under heavy load
2023-11-22	BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
2023-11-20	DEBUG: connection/flags: update flags for reverse HTTP
2023-11-20	BUG/MEDIUM: quic: Possible crash for connections to be killed

Back to the list of branches and versions
Back to the HAProxy page