HAProxy 1.7.12 was released on 2019/10/25. It added 114 new commits
after version 1.7.11.

I noticed that due to the vast majority of the recent bugs being related
to modern changes like threads, muxes, connection scheduling etc, very
few fixes affect older versions like 1.7 and 1.6 and we tend to constantly
postpone their releases. The last 1.7 was issued no less than 1.5 years
ago with nobody complaining loudly. That tells me 3 things:
  - 1.7 is not that much used anymore
  - it is stable enough for most use cases where it's relevant
  - time is better spent working on recent versions than backporting minor
    fixes there at the risk of breaking existing setups

Thus I consider it reasonable to mark it "critical fixes only" since it
really reflects its practical status, and continue to keep it this way
for a while. With less fixes backported to it, we'll more easily handle
future releases, should any critical fix have to be backported in the
future. I'll do the same soon with 1.6. No need to run away screaming yet,
I think we can safely keep them one or two more years in this state before
dropping support.

I had a look at all the fixes pending there, and to be honest I don't
remember about most of them. However one thing is interesting, most of
those tagged "major" there were much less likely to be encountered than
the ones we've got since 1.8 so overall I think it has reached a level
of reliability that we should maintain instead of risking to degrade it
by failing to backport some unimportant fixes. It's also worth noting
that we reached such a state with only 12 releases in 1.7 while we'll
likely at least double this before 1.8 may reach the same status! It
looks like 1.7 was very calm overall, mostly because it does not much
differ from 1.6.

Those running on a git snapshot will probably want to update to this new
release, and those used to deploy 1.7.11 may want to jump to 1.7.12 and
stay away from several risks of crashes. Please check the changelog below
for more details.

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : http://www.haproxy.org/download/1.7/src/
   Git repository   : http://git.haproxy.org/git/haproxy-1.7.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-1.7.git
   Changelog        : http://www.haproxy.org/download/1.7/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Christopher Faulet (21):
      BUG/MINOR: checks: Fix check->health computation for flapping servers
      BUG/MINOR: config: Copy default error messages when parsing of a backend 
      BUG/MAJOR: stream-int: Update the stream expiration date in 
      BUG/MINOR: check: Wake the check task if the check is finished in 
      BUG/MAJOR: stats: Fix how huge POST data are read from the channel
      BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
      BUG/MINOR: http: Call stream_inc_be_http_req_ctr() only one time per 
      BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing 
      BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
      MINOR: config: Test validity of tune.maxaccept during the config parsing
      CLEANUP: config: Don't alter listener->maxaccept when nbproc is set to 1
      BUG/MEDIUM: hlua: Check the calling direction in lua functions of the 
HTTP class
      MINOR: hlua: Don't set request analyzers on response channel for lua 
      MINOR: hlua: Add a flag on the lua txn to know in which context it can be 
      BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP 
      BUG/MINOR: lua: Set right direction and flags on new HTTP objects
      BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is 
      BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is 
      BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is 
      BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a 
      DOC: Fix documentation about the cli command to get resolver stats

Cyril Bonté (1):
      BUG/MEDIUM: lua: socket timeouts are not applied

David Carlier (1):
      BUG/MEDIUM: da: cast the chunk to string.

Dragan Dosen (3):
      BUG/MINOR: map: correctly track reference to the last ref_elt being dumped
      BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees()
      BUG/MINOR: haproxy: fix rule->file memory leak

Emeric Brun (5):
      BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle.
      BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable 
      BUG/MINOR: map: fix map_regm with backref
      BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file
      BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on 

Frédéric Lécaille (2):
      BUG/MINOR: lua: Segfaults with wrong usage of types.
      BUG/MINOR: lua: Bad HTTP client request duration.

Jens Bissinger (1):
      DOC: Fix spelling error in configuration doc

Jérôme Magnin (2):
      BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in 
      BUG/MINOR: server: don't always trust srv_check_health when loading a 
server state

Kevin Zhu (1):
      BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit

Krisztian Kovacs (1):
      BUG/MEDIUM: namespace: close open namespaces during soft shutdown

Lukas Tribus (3):
      DOC: clarify force-private-cache is an option
      DOC: fix reference to map files in MAINTAINERS
      DOC: restore note about "independant" typo

Miroslav Zagorac (1):
      BUG/MINOR: WURFL: fix send_log() function arguments

Moemen MHEDHBI (1):
      DOC: Update configuration doc about the maximum number of stick counters.

Nikhil Agrawal (1):
      BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns 

Olivier Houchard (8):
      BUG/MINOR: servers: Don't make "server" in a frontend fatal.
      BUG/MEDIUM: hlua: Make sure we drain the output buffer when done.
      BUG/MEDIUM: buffers: Make sure we don't wrap in 
      MINOR: server: Use memcpy() instead of strncpy().
      MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80.
      MINOR: peers: use defines instead of enums to appease clang.
      BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR.
      BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free().

Patrick Hemmer (1):
      BUG/MEDIUM: lua: reset lua transaction between http requests

Remi Gacogne (4):
      BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
      BUG: dns: Prevent out-of-bounds read in dns_read_name()
      BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
      BUG: dns: Fix out-of-bounds read via signedness error in 

Ricardo Nabinger Sanchez (1):
      BUG/MAJOR: checks: segfault during tcpcheck_main

Thierry FOURNIER (9):
      BUG/MINOR: spoe: Mistake in error message about SPOE configuration
      BUG/MEDIUM: lua/socket: Length required read doesn't work
      MINOR: task/notification: Is notifications registered ?
      BUG/MEDIUM: lua/socket: wrong scheduling for sockets
      BUG/MAJOR: lua: Dead lock with sockets
      BUG/MEDIUM: lua/socket: Notification error
      BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
      BUG/MEDIUM: lua/socket: Buffer error, may segfault
      BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers

Tim Duesterhus (5):
      BUILD: Generate sha256 checksums in publish-release
      BUG/MINOR: stick_table: Prevent conn_cur from underflowing
      BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed 
      BUG/MINOR: lua: Properly initialize the buffer's fields for string 
samples in hlua_lua2(smp|arg)
      BUG/MINOR: sample: Make the `field` converter compatible with `-m found`

William Lallemand (4):
      BUG/MAJOR: map: fix a segfault when using http-request set-map
      BUG/MINOR: ssl: free the sni_keytype nodes
      BUG/MINOR: ssl: abort on sni allocation failure
      BUG/MINOR: ssl: abort on sni_keytypes allocation failure

Willy Tarreau (37):
      BUG/MINOR: lua: ensure large proxy IDs can be represented
      BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn 
      BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer 
was reportedly full
      BUG/MEDIUM: stats: don't ask for more data as long as we're responding
      BUG/MINOR: config: stick-table is not supported in defaults section
      SCRIPTS: git-show-backports: add missing quotes to "echo"
      BUG/MEDIUM: queue: prevent a backup server from draining the proxy's 
      BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4
      MINOR: stats: report the number of active jobs and listeners in "show 
      BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH
      BUG/MINOR: backend: balance uri specific options were lost across defaults
      BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit
      DOC: mention the effect of nf_conntrack_tcp_loose on src/dst
      SCRIPTS: add the slack channel URL to the announce script
      SCRIPTS: add the issue tracker URL to the announce script
      BUG/MINOR: stream: don't close the front connection when facing a backend 
      BUG/MAJOR: config: verify that targets of track-sc and stick rules are 
      BUG/MAJOR: spoe: verify that backends used by SPOE cover all their 
callers' processes
      BUG/MINOR: config: make sure to count the error on incorrect 
track-sc/stick rules
      BUG/MAJOR: stream: avoid double free on unique_id
      BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts
      BUG/MINOR: http-rules: mention "deny_status" for "deny" in the error 
      BUG/MEDIUM: http: also reject messages where "chunked" is missing from 
      BUG/MEDIUM: tcp-check: unbreak multiple connect rules again
      BUILD: makefile: work around an old bug in GNU make-3.80
      BUILD: makefile: use :space: instead of digits to count commits
      BUILD: makefile: do not rely on shell substitutions to determine git 
      BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity
      BUG/MEDIUM: maps: only try to parse the default value when it's present
      BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR
      BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
      BUG/MEDIUM: vars: make sure the scope is always valid when accessing vars
      BUG/MEDIUM: vars: make the tcp/http unset-var() action support conditions
      DOC: improve the wording in CONTRIBUTING about how to document a bug fix
      BUG/MINOR: stream-int: also update analysers timeouts on activity
      BUILD/MINOR: ssl: silence a build warning about const and 'cipher'
      BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion

sada (1):
      BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 


Reply via email to