Changes since version 2.9-dev2 :

Amaury Denoyelle (4):
      BUG/MEDIUM: quic: consume contig space on requeue datagram
      BUG/MINOR: quic: reappend rxbuf buffer on fake dgram alloc error
      BUILD: quic: fix wrong potential NULL dereference
      MINOR: h3: abort request if not completed before full response

Christopher Faulet (10):
      BUG/MEDIUM: h3: Properly report a C-L header was found to the HTX start-line
      BUG/MEDIUM: h3: Be sure to handle fin bit on the last DATA frame
      BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends
      MEDIUM: stream: Reset response analyse expiration date if there is no analyzer
      BUG/MINOR: htx/mux-h1: Properly handle bodyless responses when splicing is used
      BUG/MINOR: http-client: Don't forget to commit changes on HTX message
      CLEANUP: stconn: Move comment about sedesc fields on the field line
      REGTESTS: http: Create a dedicated script to test spliced bodyless responses
      REGTESTS: Test SPLICE feature is enabled to execute script about splicing
      BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement

Dragan Dosen (1):
      BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full

Frédéric Lécaille (20):
      BUG/MINOR: quic: Possible crash when acknowledging Initial v2 packets
      MINOR: quic: Export QUIC traces code from quic_conn.c
      MINOR: quic: Export QUIC CLI code from quic_conn.c
      MINOR: quic: Move TLS related code to quic_tls.c
      MINOR: quic: Add new "QUIC over SSL" C module.
      MINOR: quic: Add a new quic_ack.c C module for QUIC acknowledgements
      CLEANUP: quic: Defined but no more used function (quic_get_tls_enc_levels())
      MINOR: quic: Split QUIC connection code into three parts
      CLEANUP: quic: quic_conn struct cleanup
      MINOR: quic; Move the QUIC frame pool to its proper location
      BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
      CLEANUP: quic: Remove quic_path_room().
      MINOR: quic: Amplification limit handling sanitization.
      MINOR: quic: Move some counters from [rt]x quic_conn anonymous struct
      MEDIUM: quic: Send CONNECTION_CLOSE packets from a dedicated buffer.
      MINOR: quic: Use a pool for the connection ID tree.
      MEDIUM: quic: Allow the quic_conn memory to be asap released.
      MINOR: quic: Release asap quic_conn memory (application level)
      MINOR: quic: Release asap quic_conn memory from ->close() xprt callback.
      MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"

Ilya Shipitsin (2):
      CI: do not use "groupinstall" for Fedora Rawhide builds
      CI: get rid of travis-ci wrapper for Coverity scan

Patrick Hemmer (3):
      CLEANUP: acl: remove cache_idx from acl struct
      REORG: cfgparse: extract curproxy as a global variable
      MINOR: acl: add acl() sample fetch

Remi Tricot-Le Breton (1):
      BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX

William Lallemand (9):
      MINOR: sample: add pid sample
      MINOR: sample: implement act_conn sample fetch
      MINOR: sample: accept_date / request_date return %Ts / %tr timestamp values
      MEDIUM: sample: implement us and ms variant of utime and ltime
      BUG/MINOR: sample: check alloc_trash_chunk() in conv_time_common()
      DOC: configuration: describe Td in Timing events
      MINOR: sample: implement the T* timer tags from the log-format as fetches
      DOC: configuration: add sample fetches for timing events
      DOC: configuration: rework the custom log format table

Willy Tarreau (19):
      BUILD: cfgparse: keep a single "curproxy"
      REORG: http: move has_forbidden_char() from h2.c to http.h
      BUG/MAJOR: h3: reject header values containing invalid chars
      MINOR: mux-h2/traces: also suggest invalid header upon parsing error
      MINOR: ist: add new function ist_find_range() to find a character range
      MINOR: http: add new function http_path_has_forbidden_char()
      MINOR: h2: pass accept-invalid-http-request down the request parser
      REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
      BUG/MINOR: h1: do not accept '#' as part of the URI component
      BUG/MINOR: h2: reject more chars from the :path pseudo header
      BUG/MINOR: h3: reject more chars from the :path pseudo header
      REGTESTS: http-rules: verify that we block '#' by default for normalize-uri
      DOC: clarify the handling of URL fragments in requests
      BUG/MAJOR: http: reject any empty content-length header value
      BUG/MINOR: http: skip leading zeroes in content-length values
      BUG/MEDIUM: mux-h1: fix incorrect state checking in h1_process_mux()
      BUG/MEDIUM: mux-h1: do not forget EOH even when no header is sent
      BUILD: mux-h1: shut a build warning on clang from previous commit
      DEV: makefile: add a new "range" target to iteratively build all commits