Hi, HAProxy 1.4.27 was released on 2016/03/14. It added 29 new commits after version 1.4.26 that was released more than one year ago.
This version mainly fixes a bug causing the process to crash when http-send-name-header is used if a number of conditions are met. The other visible change is that some protocol security checks have been backported to closely match the HTTP specification and limit the risk that haproxy passes mangled requests or responses that may affect devices vulnerable to smuggling attacks. The rest is pretty minor. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Sources : http://www.haproxy.org/download/1.4/src/ Git repository : http://git.haproxy.org/git/haproxy-1.4.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-1.4.git Changelog : http://www.haproxy.org/download/1.4/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : - DOC: Fix L4TOUT typo in documentation - BUG/MEDIUM: http: remove content-length from chunked messages - DOC: http: update the comments about the rules for determining transfer-length - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1 - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230 - BUG/MINOR: cfgparse: fix typo in 'option httplog' error message - DOC: usesrc root privileges requirements - DOC: typo in 'redirect', 302 code meaning - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry - BUG/MAJOR: http: don't call http_send_name_header() after an error - CLEANUP: config: make the errorloc/errorfile messages less confusing - BUG/MINOR: config: check that tune.bufsize is always positive - BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth) - DOC: Address issue where documentation is excluded due to a gitignore rule. - CLEANUP: .gitignore: ignore more test files - CLEANUP: .gitignore: finally ignore everything but what is known. - CLEANUP: don't ignore debian/ directory if present - FIX: small typo in an example using the "Referer" header - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 - BUG/MINOR: acl: don't use record layer in req_ssl_ver - BUG/MEDIUM: http: switch the request channel to no-delay once done. - BUILD: freebsd: double declaration - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size - BUG/MEDIUM: config: Adding validation to stick-table expire value. - DOC: add server name at rate-limit sessions example - MINOR: cfgparse: warn when uid parameter is not a number - MINOR: cfgparse: warn when gid parameter is not a number ---