Hi, HAProxy 2.1.2 was released on 2019/12/21. It added 18 new commits after version 2.1.1.
It fixes a last bunch of stability bugs that are not new but are better fixed quickly. One of them may cause a crash when mixing HTTP and TCP on a TCP frontend if a second request of an upgraded connection is sent to a TCP backend. One is a tight corner case in the scheduler and can only impact slow HTTP checks running on servers configured with fastinter and observe-l7 in multi-thread configs. The effect is that it can corrupt the timer's queue resulting in the watchdog killing the process. One in the FD layer could impact the DNS and cas the cause for the remaining cases of 100% CPU reported. And a last one was causing similar symptoms but when using 0-RTT. At least, now nasty bugs start to require a lot of conditions to appear, that's good! In addition to this, this release fixes some build issues with OpenSSL libraries built with the "no-deprecated" option, fixes excessive memory usage on global state-file (16kB per server line), makes the "debug" converter available by default, and introduces a new "replace-path" HTTP action that is more convenient to use than "replace-uri" when HTTP/1 and HTTP/2 are used together. Quite frankly if you're not affected by the issues above, there's no need to rush an update, especially in this period. I'm mainly releasing this for those who need something easy to deploy in order to fix pending issues and avoid phone calls during Xmas ;-) I'll try to stay offline for a few days and am aware that some of the usual suspects here are also taking a bit of vacation, so please don't get upset if you face issues and there's a bit more lag than usual, and instead take the opportunity to first update, and second collect detailed traces to save time when people are back at the keyboard. Note: I'm also doing another 2.0 in parallel. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/2.1/src/ Git repository : http://git.haproxy.org/git/haproxy-2.1.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.1.git Changelog : http://www.haproxy.org/download/2.1/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Christopher Faulet (1): BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream Lukas Tribus (1): BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility Olivier Houchard (3): BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. BUG/MEDIUM: ssl: Revamp the way early data are handled. BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd Rosen Penev (1): BUG/MINOR: ssl: openssl-compat: Fix getm_ defines Tim Duesterhus (1): MINOR: sample: Validate the number of bits for the sha2 converter Willy Tarreau (11): DOC: clarify the fact that replace-uri works on a full URI BUG/MINOR: sample: fix the closing bracket and LF in the debug converter BUG/MINOR: sample: always check converters' arguments MINOR: debug: support logging to various sinks MINOR: http: add a new "replace-path" action MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry BUG/MINOR: state-file: do not store duplicates in the global tree BUG/MINOR: state-file: do not leak memory on parse errors ---