Hi, HAProxy 1.8.22 was released on 2019/10/25. It added 46 new commits after version 1.8.21.
The main issue addressed in this release is an occasional risk of crash in H2 on skipped frames. The other issues are less important, and were already addressed in 1.9 and 2.0 released since last August. If you've been facing issues with threads not stopping on reload, FD leaks in SSL in master-worker mode, reliability issues with external checks or performance issues with threads and lots of ACLs or patterns, you should consider updating. Please check the changelog below for more details. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/1.8/src/ Git repository : http://git.haproxy.org/git/haproxy-1.8.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git Changelog : http://www.haproxy.org/download/1.8/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Christopher Faulet (10): BUG/MEDIUM: spoe: Be sure the sample is found before setting its context BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing data BUG/MINOR: filters: Properly set the HTTP status code on analysis error BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames DOC: Fix documentation about the cli command to get resolver stats BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr Dragan Dosen (1): BUG/MINOR: haproxy: fix rule->file memory leak Emeric Brun (5): CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn CLEANUP: bind: handle warning label on bind keywords parsing. BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 BUG/MINOR: ssl: fix memcpy overlap without consequences. Kevin Zhu (1): BUG/MEDIUM: spoe: Use a different engine-id per process Krisztian Kovacs (1): BUG/MEDIUM: namespace: close open namespaces during soft shutdown Krisztián Kovács (kkovacs) (1): BUG/MEDIUM: namespace: fix fd leak in master-worker mode Miroslav Zagorac (1): BUG/MINOR: WURFL: fix send_log() function arguments Olivier Houchard (2): BUG/MEDIUM: ssl: Use the early_data API the right way. MINOR: doc: Document allow-0rtt on the server line. Rob Allen (1): BUG/MINOR: mworker/ssl: close OpenSSL FDs on reload Tim Duesterhus (2): BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg) BUG/MINOR: sample: Make the `field` converter compatible with `-m found` William Lallemand (4): BUG/MINOR: ssl: free the sni_keytype nodes BUG/MINOR: ssl: abort on sni allocation failure BUG/MINOR: ssl: abort on sni_keytypes allocation failure BUG/MINOR: mworker/ssl: close openssl FDs unconditionally Willy Tarreau (16): BUILD/MINOR: stream: avoid a build warning with threads disabled MINOR: connection: add new function conn_is_back() BUG/MEDIUM: checks: make sure the warmup task takes the server lock BUG/MINOR: logs/threads: properly split the log area upon startup BUG/MINOR: mworker: disable SIGPROF on re-exec BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in delete_listener() BUG/MEDIUM: http: also reject messages where "chunked" is missing from transfer-enoding BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 MINOR: tools: implement my_flsl() BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri DOC: clarify some points around http-send-name-header's behavior MINOR: stats: mention in the help message support for "json" and "typed" CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes BUILD: ssl: fix again a libressl build failure after the openssl FD leak fix BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless n...@users.noreply.github.com (1): DOC: fixed typo in management.txt ---