Hi, HAProxy 1.9.16 was released on 2020/07/31. It added 86 new commits after version 1.9.15.
The 1.9 branch is EOL now. Thus, it is the last 1.9 release. No further release should be expected. It contains all pending patches marked to be backported to the 1.9 to leave it in a proper state. Have a look at the changelog below for the complete list of fixes. You should have no reason to deploy it in a production environment. Use the 2.0 or above instead. No specific support should no longer be expected on the 1.9. This branch will not receive fixes anymore. Thanks everyone for you help and your contributions ! Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : http://www.haproxy.org/download/1.9/src/ Git repository : http://git.haproxy.org/git/haproxy-1.9.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-1.9.git Changelog : http://www.haproxy.org/download/1.9/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ --- Complete changelog : Christopher Faulet (24): BUG/MINOR: check: Update server address and port to execute an external check MINOR: checks: Add a way to send custom headers and payload during http chekcs BUG/MINOR: checks: Respect the no-check-ssl option BUG/MEDIUM: server/checks: Init server check during config validity check BUG/MINOR: checks/server: use_ssl member must be signed BUG/MEDIUM: checks: Always initialize checks before starting them BUG/MINOR: checks: Compute the right HTTP request length for HTTP health checks BUG/MINOR: checks: Remove a warning about http health checks BUG/MINOR: sample: Set the correct type when a binary is converted to a string BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur BUG/MINOR: cache: Don't needlessly test "cache" keyword in parse_cache_flt() BUG/MINOR: checks: Respect check-ssl param when a port or an addr is specified BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations BUG/MINOR: proto-http: Fix detection of NTLM for the legacy HTTP version MINOR: spoe: Don't systematically create new applets if processing rate is low BUG/MEDIUM: pattern: Add a trailing \0 to match strings only if possible BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked BUG/MEDIUM: mux-h2: Emit an error if the response chunk formatting is incomplete BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields Dragan Dosen (1): BUG/MEDIUM: ssl: fix the id length check within smp_fetch_ssl_fc_session_id() Emeric Brun (3): BUG/MINOR: peers: fix internal/network key type mapping. BUG/MINOR: logs: prevent double line returns in some events. BUG/MEDIUM: logs: fix trailing zeros on log message. Gaetan Rivet (1): BUG/MINOR: checks: chained expect will not properly wait for enough data Jerome Magnin (3): BUG/MINOR: ssl: default settings for ssl server options are not used DOC: option logasap does not depend on mode BUILD: select: only declare existing local labels to appease clang Miroslav Zagorac (1): BUG/MINOR: spoe: correction of setting bits for analyzer Nathan Neulinger (1): BUG/MINOR: lua: Add missing string length for lua sticktable lookup Olivier Doucet (1): DOC: Improve documentation on http-request set-src Olivier Houchard (1): BUG/MEDIUM: http-ana: Handle NTLM messages correctly. Ryan O'Hara (1): BUG/MINOR: systemd: Wait for network to be online Tim Duesterhus (5): BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL BUG/MINOR: http_act: don't check capture id in backend (2) BUG/MINOR: sample: Free str.area in smp_check_const_bool BUG/MINOR: sample: Free str.area in smp_check_const_meth William Dauchy (1): BUG/MINOR: pollers: remove uneeded free in global init William Lallemand (10): REGTEST: ssl: test the client certificate authentication BUG/MEDIUM: mworker: fix the copy of options in copy_argv() BUG/MINOR: init: -x can have a parameter starting with a dash BUG/MINOR: init: -S can have a parameter starting with a dash BUG/MEDIUM: mworker: fix the reload with an -- option BUG/MINOR: mworker: fix a memleak when execvp() failed BUG/MINOR: ssl: fix ssl-{min,max}-ver with openssl < 1.1.0 BUG/MINOR: mworker/cli: fix the escaping in the master CLI BUG/MINOR: mworker/cli: fix semicolon escaping in master CLI DOC: ssl: add "allow-0rtt" and "ciphersuites" in crt-list Willy Tarreau (32): BUG/MINOR: tools: fix the i386 version of the div64_32 function BUG/MINOR: http: make url_decode() optionally convert '+' to SP BUG/MEDIUM: capture: capture-req/capture-res converters crash without a stream BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam BUG/MEDIUM: sample: make the CPU and latency sample fetches check for a stream BUG/MEDIUM: shctx: really check the lock's value while waiting BUG/MEDIUM: shctx: bound the number of loops that can happen around the lock BUG/MEDIUM: backend: don't access a non-existing mux from a previous connection Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY connections" BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS() BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_UPDATE_{MIN,MAX}() BUG/MINOR: http-ana: fix NTLM response parsing again BUG/MEDIUM: http_ana: make the detection of NTLM variants safer BUG/MINOR: pools: use %u not %d to report pool stats in "show pools" BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf SCRIPTS: publish-release: pass -n to gzip to remove timestamp MINOR: haproxy: add a reminder that this is the last version of 1.9 BUILD: makefile: adjust the sed expression of "make help" for solaris BUG/MEDIUM: pattern: fix thread safety of pattern matching BUG/MINOR: tcp-rules: tcp-response must check the buffer's fullness BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks BUG/MINOR: spoe: add missing key length check before checking key names MEDIUM: map: make the "clear map" operation yield MINOR: cli: make "show sess" stop at the last known session BUG/MINOR: proxy: fix dump_server_state()'s misuse of the trash BUG/MINOR: proxy: always initialize the trash in show servers state BUILD: ebtree: fix build on libmusl after recent introduction of eb_memcmp() MINOR: pools: increase MAX_BASE_POOLS to 64 BUG/MINOR: cfgparse: don't increment linenum on incomplete lines DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x Yves Lafon (1): BUG/MINOR: cli: allow space escaping on the CLI -- Christopher Faulet