HAProxy known bugs for version v3.2.5 (maintenance branch 3.2) : 24

This version (3.2.5) is a release belonging to maintenance branch 3.2 whose latest version is 3.2.5. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

full changelog for 3.2 : here
browse history for 3.2 : here

Other versions in the same branch

This branch contains the following releases :

Date Version Comment

2025-09-23 3.2.5 ⇐ yours ⇐ last

2025-08-13 3.2.4

2025-07-09 3.2.3

2025-07-02 3.2.2

2025-06-11 3.2.1

2025-05-28 3.2.0

Date	Version	Comment
2025-09-23	3.2.5	⇐ yours ⇐ last
2025-08-13	3.2.4
2025-07-09	3.2.3
2025-07-02	3.2.2
2025-06-11	3.2.1
2025-05-28	3.2.0

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 3.2 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

MINOR: the bug presents a limited impact and can easily be mitigated ; users rarely upgrade just for these ones ;
MEDIUM: the bug can cause some undesired behaviour and may require some tricky configuration changes to avoid hitting it ; users normally upgrade to get rid of them, or temporarily disable a functionality.
MAJOR: the bug affects short term reliability and cannot easily be worked around without a significant performance penalty or without a significant functional loss ; such bugs don't stay long in the queue without a release and users must plan an upgrade as soon as possible ;
CRITICAL: this one very rarely happens ; it indicates a short-term reliability or security issue for which there is no workaround. A release will be emitted for this fix even if it's alone and users are urged to upgrade immediately. Some distro maintainers might have been informed in advance in order to agree on a coordinated release date.

Total known bugs in this version by category :

Total CRITICAL MAJOR MEDIUM MINOR

24 0 0 13 11

Total	CRITICAL	MAJOR	MEDIUM	MINOR
24	0	0	13	11

Click on the subjects below to get the full description of the bug :

Merge date Subject - Severity (minor, medium, major, critical)

2025-10-02 BUG/MEDIUM: fwlc: Handle memory allocation failures.

2025-10-01 BUG/MEDIUM: stick-tables: Make sure not to free a pending entry

2025-10-01 BUG/MEDIUM: ssl: ca-file directory mode must read every certificates of a file

2025-10-01 BUG/MINOR: pattern: Fix pattern lookup for map with opt@ prefix

2025-10-01 BUG/MINOR: acme: possible overflow in acme_will_expire()

2025-10-01 BUG/MINOR: acme: possible overflow on scheduling computation

2025-10-01 BUG/MINOR: pattern: Properly flag virtual maps as using samples

2025-10-01 BUG/MINOR: compression: Test payload size only if content-length is specified

2025-10-01 BUG/MEDIUM: wdt: improve stuck task detection accuracy

2025-09-29 BUG/MEDIUM: acme: free() of i2d_X509_REQ() with AWS-LC

2025-09-29 BUG/MEDIUM: acme: cfg_postsection_acme() don't init correctly acme sections

2025-09-29 BUG/MINOR: acme: don't unlink from acme_ctx_destroy()

2025-09-23 BUG/MINOR: pools: Fix the dump of pools info to deal with buffers limitations

2025-09-23 BUG/MEDIUM: stick-tables: Don't let table_process_entry() handle refcnt

2025-09-23 BUG/MINOR: acme/cli: wrong description for "acme challenge_ready"

2025-09-23 BUG/MEDIUM: resolvers: Wake resolver task up whne unlinking a stream requester

2025-09-23 BUG/MEDIUM: resolvers: Accept to create resolution without hostname

2025-09-23 BUG/MEDIUM: resolvers: Make resolution owns its hostname_dn value

2025-09-23 BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer

2025-09-23 BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers

2025-09-23 BUG/MEDIUM: resolvers: Properly cache do-resolv resolution

2025-09-23 DEBUG: peers: export functions that use locks

2025-09-23 DEBUG: stream: count the number of passes in the connect loop

2025-09-23 BUG/MINOR: tcpcheck: Don't use sni as pool-conn-name for non-SSL connections

2025-09-23 BUG/MINOR: server: Update healthcheck when server settings are changed via CLI

2025-09-23 BUG/MEDIUM: server: Use sni as pool connection name for SSL server only

Merge date	Subject - Severity (minor, medium, major, critical)
2025-10-02	BUG/MEDIUM: fwlc: Handle memory allocation failures.
2025-10-01	BUG/MEDIUM: stick-tables: Make sure not to free a pending entry
2025-10-01	BUG/MEDIUM: ssl: ca-file directory mode must read every certificates of a file
2025-10-01	BUG/MINOR: pattern: Fix pattern lookup for map with opt@ prefix
2025-10-01	BUG/MINOR: acme: possible overflow in acme_will_expire()
2025-10-01	BUG/MINOR: acme: possible overflow on scheduling computation
2025-10-01	BUG/MINOR: pattern: Properly flag virtual maps as using samples
2025-10-01	BUG/MINOR: compression: Test payload size only if content-length is specified
2025-10-01	BUG/MEDIUM: wdt: improve stuck task detection accuracy
2025-09-29	BUG/MEDIUM: acme: free() of i2d_X509_REQ() with AWS-LC
2025-09-29	BUG/MEDIUM: acme: cfg_postsection_acme() don't init correctly acme sections
2025-09-29	BUG/MINOR: acme: don't unlink from acme_ctx_destroy()
2025-09-23	BUG/MINOR: pools: Fix the dump of pools info to deal with buffers limitations
2025-09-23	BUG/MEDIUM: stick-tables: Don't let table_process_entry() handle refcnt
2025-09-23	BUG/MINOR: acme/cli: wrong description for "acme challenge_ready"
2025-09-23	BUG/MEDIUM: resolvers: Wake resolver task up whne unlinking a stream requester
2025-09-23	BUG/MEDIUM: resolvers: Accept to create resolution without hostname
2025-09-23	BUG/MEDIUM: resolvers: Make resolution owns its hostname_dn value
2025-09-23	BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer
2025-09-23	BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers
2025-09-23	BUG/MEDIUM: resolvers: Properly cache do-resolv resolution
2025-09-23	DEBUG: peers: export functions that use locks
2025-09-23	DEBUG: stream: count the number of passes in the connect loop
2025-09-23	BUG/MINOR: tcpcheck: Don't use sni as pool-conn-name for non-SSL connections
2025-09-23	BUG/MINOR: server: Update healthcheck when server settings are changed via CLI
2025-09-23	BUG/MEDIUM: server: Use sni as pool connection name for SSL server only

Back to the list of branches and versions
Back to the HAProxy page