Hi,

HAProxy 2.0.12 was released on 2019/12/21. It added 13 new commits
after version 2.0.11.

This version addresses the same bugs as the ones fixed by 2.1.2, i.e.
(lazily copy-pasted):

It fixes a last bunch of stability bugs that are not new but are better
fixed quickly. One of them may cause a crash when mixing HTTP and TCP
on a TCP frontend if a second request of an upgraded connection is sent
to a TCP backend. One is a tight corner case in the scheduler and can
only impact slow HTTP checks running on servers configured with fastinter
and observe-l7 in multi-thread configs. The effect is that it can corrupt
the timer's queue resulting in the watchdog killing the process. One in
the FD layer could impact the DNS and cas the cause for the remaining
cases of 100% CPU reported. And a last one was causing similar symptoms
but when using 0-RTT. At least, now nasty bugs start to require a lot of
conditions to appear, that's good!

OpenSSL build fixes for "no-deprecated" were also merged. However neither
the updated "debug" converter nor the "replace-path" action were backported
for now, as they require some adaptations and I didn't want to risk some
last minute breakage for something that nobody will use immediately anyway.

Just like for 2.1, if you're not affected by these bugs, there's no need
to rush an update. But if you are, you may experience a quieter Xmas by
applying this small update :-)

Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Sources          : http://www.haproxy.org/download/2.0/src/
   Git repository   : http://git.haproxy.org/git/haproxy-2.0.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git
   Changelog        : http://www.haproxy.org/download/2.0/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Willy
---
Complete changelog :
Christopher Faulet (1):
      BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream

Lukas Tribus (1):
      BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility

Olivier Houchard (3):
      BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
      BUG/MEDIUM: ssl: Revamp the way early data are handled.
      BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the 
same fd

Rosen Penev (1):
      BUG/MINOR: ssl: openssl-compat: Fix getm_ defines

Tim Duesterhus (1):
      DOC: Improve documentation of http-re(quest|sponse) 
replace-(header|value|uri)

Willy Tarreau (6):
      DOC: clarify the fact that replace-uri works on a full URI
      BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
      BUG/MINOR: sample: always check converters' arguments
      MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
      BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
      MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute

---

Reply via email to