HAProxy 1.9.1 was released on 2019/01/08. It added 90 new commits
after version 1.9.0.

One of them fixes a security issue discovered by Tim Düsterhus
(CVE-2018-20615) :

   BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used

An incorrect frame length check is performed on HEADERS frame having the
PRIORITY flag, possibly resulting in a read-past-bound which can cause a
crash depending how the frame is crafted. All 1.9 and 1.8 versions are
affected. As a result, all HTTP/2 users must either upgrade or temporarily
disable HTTP/2 by commenting the "npn h2" and "alpn h2" statements on their
related "bind" lines.

This version also collects a number of significant bug fixes that were
reported since the release, among which :
  - risk of crashes when using HTTP reuse with more than 5 servers for
    a given session ;
  - occasional zombie connections when objects retrieved from the cache
    were compressed during delivery ;
  - some chunked-encoding inconsistencies between H1 on one side and H2
    on the other one in HTX mode ;
  - a few other HTX issues I honestly don't remember in details
  - a small number of lost event issues affecting the H1 and H2 muxes,
    possibly resulting in occasional timeouts and/or zombie connections

Lukas' update to redispatch connection failures when using consistent
hash was merged as well as eventhough it was not really a bug, it was at
least a counter-intuitive behaviour.

An annoying limitation was also reported and addressed : health checks
currently cannot use the H2 mux to send HTTP requests to H2 servers, but
since the ALPN string is set per server, it wasn't possible to force
these checks to at least rely on HTTPS instead. A new "check-alpn"
directive was added to allow to specify the ALPN string to advertise for
checks to address this.

A number of updates were merged to the regression testing suite since it
helps us a lot to reproduce bugs and improve reliability.

What's nice is that www.haproxy.org has been running on this code since
the release with only very minor glitches (a few tens of zombie connections
a week due to the compression+cache issue etc) and doesn't show any sign of
trouble anymore after these fixes.

I intend to issue 1.9.2 soon (possibly next week) with a small bunch of
additional minor fixes that I didn't want to mix with this version. In
addition I managed to implement the long-missing support for H2
CONTINUATION frames and trailers which are sufficiently low risk to be
backported. Thanks to these, h2spec now reports zero error, and gRPC
works out of the box through HAProxy :-)  Thus unless someone steps up
with a good objection to these being backported into 1.9, we'll do it.

Anyway, please don't forget to update!

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Sources          : http://www.haproxy.org/download/1.9/src/
   Git repository   : http://git.haproxy.org/git/haproxy-1.9.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-1.9.git
   Changelog        : http://www.haproxy.org/download/1.9/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Alex Zorin (1):
      MINOR: payload: add sample fetch for TLS ALPN

Christopher Faulet (36):
      BUG/MAJOR: stream-int: Update the stream expiration date in 
      BUG/MINOR: compression/htx: Don't compress responses with unknown body 
      BUG/MINOR: compression/htx: Don't add the last block of data if it is 
      MINOR: channel: Add the function channel_add_input
      MINOR: stats/htx: Call channel_add_input instead of updating channel 
state by hand
      BUG/MEDIUM: cache: Be sure to end the forwarding when XFER length is 
      BUG/MAJOR: htx: Return the good block address after a defrag
      BUG/MEDIUM: mux-h1: Add a task to handle connection timeouts
      BUG/MEDIUM: proto-htx: Set SI_FL_NOHALF on server side when request is 
      REGTEST: Require the option LUA to run lua tests
      REGTEST: script: Process script arguments before everything else
      REGTEST: script: Evaluate the varnishtest command to allow quoted 
      REGTEST: script: Add the option --clean to remove previous log direcotries
      REGTEST: script: Add the option --debug to show logs on standard ouput
      REGTEST: script: Add the option --keep-logs to keep all log directories
      REGTEST: script: Add the option --use-htx to enable the HTX in regtests
      REGTEST: script: Print only errors in the results report
      REGTEST: Add option to use HTX prefixed by the macro 'no-htx'
      REGTEST: script: Add support of alternatives in requited options list
      REGTEST: Add a basic test for the compression
      BUG/MINOR: cache/htx: Be sure to count partial trailers
      MINOR: stream/htx: Add info about the HTX structs in "show sess all" 
      MINOR: stream: Add the subscription events of SIs in "show sess all" 
      MINOR: mux-h1: Add the subscription events in "show fd" command
      MINOR: htx: Add an helper function to get the max space usable for a block
      MINOR: channel/htx: Add HTX version for some helper functions
      BUG/MEDIUM: cache/htx: Respect the reserve when cached objects are served
      BUG/MINOR: stats/htx: Respect the reserve when the stats page is dumped
      BUG/MINOR: mux-h1: Close connection on shutr only when shutw was really 
      MEDIUM: mux-h1: Clarify how shutr/shutw are handled
      BUG/MINOR: compression: Disable it if another one is already in progress
      BUG/MINOR: filters: Detect cache+compression config on legacy HTTP streams
      BUG/MINOR: cache: Disable the cache if any compression filter precedes it
      MINOR: htx: Add a function to truncate all blocks after a specific offset
      MINOR: channel/htx: Add the HTX version of channel_truncate/erase
      BUG/MINOR: proto_htx: Use HTX versions to truncate or erase a buffer

Frédéric Lécaille (8):
      REGTEST: A basic test for "http-buffer-request"
      REGTEST: Add a reg test for health-checks over SSL/TLS.
      REGTEST: Make reg-tests target support argument.
      REGTEST: Fix a typo about barrier type.
      REGTEST: Be less Linux specific with a syslog regex.
      REGTEST: Missing enclosing quotes for ${tmpdir} macro.
      REGTEST: Exclude freebsd target for some reg tests.
      REGTEST: Add some informatoin to test results.

Jarno Huuskonen (2):
      DOC: Fix typo in req.ssl_alpn example (commit 4afdd138424ab...)
      DOC: http-request cache-use / http-response cache-store expects cache name

Jérôme Magnin (2):
      BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in 
      BUG/MINOR: htx: send the proper authenticate header when using 
http-request auth

Nikhil Agrawal (1):
      BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns 

Olivier Houchard (17):
      BUG/MEDIUM: tasks: Decrement tasks_run_queue in tasklet_free().
      BUG/MAJOR: connections: Close the connection before freeing it.
      BUG/MEDIUM: h2: Don't forget to quit the sending_list if 
      BUG/MEDIUM: mux_h2: Don't add to the idle list if we're full.
      BUG/MEDIUM: server: Also copy "check-sni" for server templates.
      BUG/MEDIUM: servers: Don't try to reuse connection if we switched server.
      BUG/MEDIUM: servers: Fail if we fail to allocate a conn_stream.
      BUG/MAJOR: servers: Use the list api correctly to avoid crashes.
      BUG/MAJOR: servers: Correctly use LIST_ELEM().
      BUG/MAJOR: sessions: Use an unlimited number of servers for the conn list.
      BUG/MEDIUM: servers: Flag the stream_interface on handshake error.
      MEDIUM: servers: Be smarter when switching connections.
      MINOR: ssl: Add ssl_sock_set_alpn().
      MEDIUM: checks: Add check-alpn.
      MEDIUM: mux_h1: Implement h1_show_fd.
      BUG/MEDIUM: h1: In h1_init(), wake the tasklet instead of calling 
      BUG/MEDIUM: server: Defer the mux init until after xprt has been 

PiBa-NL (1):
      REGTEST: mailers: add new test for 'mailers' section

Thierry FOURNIER (2):
      BUG/MINOR: lua: bad args are returned for Lua actions
      BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred

Willy Tarreau (20):
      BUG/MEDIUM: log: don't mark log FDs as non-blocking on terminals
      BUG/MEDIUM: mux-h2: Don't forget to quit the send list on error reports
      BUG/MEDIUM: mux-h2: don't needlessly wake up the demux on short frames
      MINOR: mux-h2: only increase the connection window with the first update
      REGTESTS: remove the expected window updates from H2 handshakes
      BUG/MINOR: mux-h2: make empty HEADERS frame return a connection error
      BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than 
the max
      BUG/MEDIUM: mux-h2: always restart reading if data are available
      BUG/MINOR: mux-h2: don't check the CS count in h2c_bck_handle_headers()
      BUG/MEDIUM: mux-h1: use per-direction flags to indicate transitions
      BUG/MEDIUM: mux-h1: make HTX chunking consistent with H2
      MINOR: mux-h1: parse the content-length header on output and set 
      BUG/MEDIUM: mux-h1: don't enforce chunked encoding on requests
      MINOR: lb: allow redispatch when using consistent hash
      MINOR: stream/htx: add the HTX flags output in "show sess all"
      MINOR: stream/cli: fix the location of the waiting flag in "show sess all"
      MINOR: stream/cli: report more info about the HTTP messages on "show sess 
      BUG/MEDIUM: cli: make "show sess" really thread-safe
      DOC: regtest: make it clearer what the purpose of the "broken" series is
      BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used


Reply via email to