Hi, HAProxy 2.0.12 was released on 2019/12/21. It added 13 new commits after version 2.0.11.
This version addresses the same bugs as the ones fixed by 2.1.2, i.e. (lazily copy-pasted): It fixes a last bunch of stability bugs that are not new but are better fixed quickly. One of them may cause a crash when mixing HTTP and TCP on a TCP frontend if a second request of an upgraded connection is sent to a TCP backend. One is a tight corner case in the scheduler and can only impact slow HTTP checks running on servers configured with fastinter and observe-l7 in multi-thread configs. The effect is that it can corrupt the timer's queue resulting in the watchdog killing the process. One in the FD layer could impact the DNS and cas the cause for the remaining cases of 100% CPU reported. And a last one was causing similar symptoms but when using 0-RTT. At least, now nasty bugs start to require a lot of conditions to appear, that's good! OpenSSL build fixes for "no-deprecated" were also merged. However neither the updated "debug" converter nor the "replace-path" action were backported for now, as they require some adaptations and I didn't want to risk some last minute breakage for something that nobody will use immediately anyway. Just like for 2.1, if you're not affected by these bugs, there's no need to rush an update. But if you are, you may experience a quieter Xmas by applying this small update :-) Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/2.0/src/ Git repository : http://git.haproxy.org/git/haproxy-2.0.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git Changelog : http://www.haproxy.org/download/2.0/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Christopher Faulet (1): BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream Lukas Tribus (1): BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility Olivier Houchard (3): BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. BUG/MEDIUM: ssl: Revamp the way early data are handled. BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd Rosen Penev (1): BUG/MINOR: ssl: openssl-compat: Fix getm_ defines Tim Duesterhus (1): DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri) Willy Tarreau (6): DOC: clarify the fact that replace-uri works on a full URI BUG/MINOR: sample: fix the closing bracket and LF in the debug converter BUG/MINOR: sample: always check converters' arguments MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute ---