Hi all,
today while backporting fixes to 1.3 I found that I had left an
embarrassing typo in the cookie parsing code when fixing it for
undesired spaces. The code in question is normally never triggered,
but when it is, it can cause haproxy to segfault.
The condition to make this happen is to have a server emit a malformated
response cookie when cookie-based persistence is enabled on haproxy. In
most situations it will not happen (and it did not till now), but in
hosting environments, it can be a bit more delicate.
The bug is a regression introduced with a fix after 1.4.8. It means
that it could also affect people running with versions up to 1.4.8 if
they have backported the related fixes.
As a result, I'd suggest that any 1.4 user upgrades in order to be safe,
and it would be nice if distro maintainers could ensure to quickly merge
this one-liner fix.
The usual links apply (note: I have not yet built the binaries) :
site index : http://haproxy.1wt.eu/
sources : http://haproxy.1wt.eu/download/1.4/src/
changelog : http://haproxy.1wt.eu/download/1.4/src/CHANGELOG
binaries : http://haproxy.1wt.eu/download/1.4/bin/
Willy
