Thank you to all the team for the work on the FD layer and my best wishes! 
However to avoid phone calls I have set nbthread to 1 before leaving ;)

----- Original Message -----
From: Willy Tarreau <>
Sent: Sat, 21 Dec 2019 12:44:05 +0100 (CET)
Subject: [ANNOUNCE] haproxy-2.1.2


HAProxy 2.1.2 was released on 2019/12/21. It added 18 new commits
after version 2.1.1.

It fixes a last bunch of stability bugs that are not new but are better
fixed quickly. One of them may cause a crash when mixing HTTP and TCP
on a TCP frontend if a second request of an upgraded connection is sent
to a TCP backend. One is a tight corner case in the scheduler and can
only impact slow HTTP checks running on servers configured with fastinter
and observe-l7 in multi-thread configs. The effect is that it can corrupt
the timer's queue resulting in the watchdog killing the process. One in
the FD layer could impact the DNS and cas the cause for the remaining
cases of 100% CPU reported. And a last one was causing similar symptoms
but when using 0-RTT. At least, now nasty bugs start to require a lot of
conditions to appear, that's good!

In addition to this, this release fixes some build issues with OpenSSL
libraries built with the "no-deprecated" option, fixes excessive memory
usage on global state-file (16kB per server line), makes the "debug"
converter available by default, and introduces a new "replace-path" HTTP
action that is more convenient to use than "replace-uri" when HTTP/1 and
HTTP/2 are used together.

Quite frankly if you're not affected by the issues above, there's no need
to rush an update, especially in this period. I'm mainly releasing this
for those who need something easy to deploy in order to fix pending issues
and avoid phone calls during Xmas ;-)  I'll try to stay offline for a few
days and am aware that some of the usual suspects here are also taking a
bit of vacation, so please don't get upset if you face issues and there's
a bit more lag than usual, and instead take the opportunity to first update,
and second collect detailed traces to save time when people are back at
the keyboard.

Note: I'm also doing another 2.0 in parallel.

Please find the usual URLs below :
   Site index       :
   Discourse        :
   Slack channel    :
   Issue tracker    :
   Sources          :
   Git repository   :
   Git Web browsing :
   Changelog        :
   Cyril's HTML doc :

Complete changelog :
Christopher Faulet (1):
      BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream

Lukas Tribus (1):
      BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility

Olivier Houchard (3):
      BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
      BUG/MEDIUM: ssl: Revamp the way early data are handled.
      BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the 
same fd

Rosen Penev (1):
      BUG/MINOR: ssl: openssl-compat: Fix getm_ defines

Tim Duesterhus (1):
      MINOR: sample: Validate the number of bits for the sha2 converter

Willy Tarreau (11):
      DOC: clarify the fact that replace-uri works on a full URI
      BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
      BUG/MINOR: sample: always check converters' arguments
      MINOR: debug: support logging to various sinks
      MINOR: http: add a new "replace-path" action
      MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
      BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
      MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
      BUG/MEDIUM: state-file: do not allocate a full buffer for each server 
      BUG/MINOR: state-file: do not store duplicates in the global tree
      BUG/MINOR: state-file: do not leak memory on parse errors


Reply via email to