HAProxy 2.1.9 was released on 2020/09/30. It added 59 new commits
after version 2.1.8.

This version collects 2 months of fixes, the same as those that were spread
over 2.2.3 and 2.2.4, so I won't paraphrase myself, but will just give a
quick summary.

We have fixes for the reference python SPOA server, HTTP 1xx interim
responses that were unexpectedly delayed, command-line parsing issue
causing "haproxy -s" with no more argument to go 100% CPU, an unknown
H2 frame type that was accidently rejected while it ought to not to,
listeners not bound to all processes not correctly handling a pause and
resume cycle, the workaround for the libgcc_s crashes when using chroot,
Lua fixes to how arguments are passed to sample fetch functions and
converters (namely maps), allowing some converters to have become
accessible again from Lua, a few OCSP issues I don't rememberr about,
and a rare risk of crash or most likely wrong info being used if a
request-only sample fetch is used in a response.

With all this, I'd say that it would be nice to upgrade. No emergency,
but I'd rather not get any reports from 2.1 versions older than 2.1.9
considering the number of known erratic behaviors we can get there.
Please find the usual URLs below :
   Site index       : http://www.haproxy.org/
   Discourse        : http://discourse.haproxy.org/
   Slack channel    : https://slack.haproxy.org/
   Issue tracker    : https://github.com/haproxy/haproxy/issues
   Wiki             : https://github.com/haproxy/wiki/wiki
   Sources          : http://www.haproxy.org/download/2.1/src/
   Git repository   : http://git.haproxy.org/git/haproxy-2.1.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-2.1.git
   Changelog        : http://www.haproxy.org/download/2.1/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/

Complete changelog :
Amaury Denoyelle (1):
      BUG/MINOR: config: Fix memory leak on config parse listen

Christopher Faulet (19):
      BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send
      BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
      MINOR: arg: Add an argument type to keep a reference on opaque data
      BUG/MINOR: converters: Store the sink in an arg pointer for debug() 
      BUG/MINOR: lua: Duplicate map name to load it when a new Map object is 
      BUG/MINOR: arg: Fix leaks during arguments validation for 
      BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg 
      BUG/MINOR: lua: Check argument type to convert it to IP mask in arg 
      MINOR: hlua: Don't needlessly copy lua strings in trash during args 
      BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg 
      MEDIUM: lua: Don't filter exported fetches and converters
      MINOR: http-htx: Add an option to eval query-string when the path is 
      BUG/MINOR: http-rules: Replace path and query-string in "replace-path" 
      BUG/MEDIUM: doc: Fix replace-path action description
      Revert "BUG/MINOR: http-rules: Replace path and query-string in 
"replace-path" action"
      BUG/MEDIUM: pattern: Renew the pattern expression revision when it is 
      MINOR: arg: Use chunk_destroy() to release string arguments
      BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from 
      BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch

Eric Salama (1):
      BUG/MINOR: Fix memory leaks cfg_parse_peers

Gilchrist Dadaglo (5):
      BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to 
memory leak
      BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed
      BUG/MINOR: contrib/spoa-server: Do not free reference to NULL
      BUG/MINOR: contrib/spoa-server: Updating references to free in case of 
      BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of 

Tim Duesterhus (3):
      DOC: cache: Use '<name>' instead of '<id>' in error message
      MINOR: Commit .gitattributes
      CLEANUP: Update .gitignore

Victor Kislov (1):
      BUG/MINOR: auth: report valid crypto(3) support depending on build options

William Dauchy (2):
      DOC: spoa-server: fix false friends `actually`
      DOC: agent-check: fix typo in "fail" word expected reply

William Lallemand (7):
      BUG/MINOR: ssl: fix memory leak at OCSP loading
      BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()
      BUG/MINOR: snapshots: leak of snapshots on deinit()
      BUG/MINOR: startup: haproxy -s cause 100% cpu
      BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()
      BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
      BUG/MINOR: ssl: verifyhost is case sensitive

Willy Tarreau (20):
      SCRIPTS: git-show-backports: make -m most only show the left branch
      SCRIPTS: git-show-backports: emit the shell command to backport a commit
      BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
      BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction
      BUG/MINOR: reload: do not fail when no socket is sent
      BUG/MINOR: threads: work around a libgcc_s issue with chrooting
      BUILD: thread: limit the libgcc_s workaround to glibc only
      BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections
      BUILD: threads: better workaround for late loading of libgcc_s
      BUG/MINOR: server: report correct error message for invalid port on 
      BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK
      BUG/MEDIUM: h2: report frame bits only for handled types
      MINOR: h2/trace: also display the remaining frame length in traces
      MINOR: backend: make the "whole" option of balance uri take only one bit
      MINOR: backend: add a new "path-only" option to "balance uri"
      REGTESTS: add a few load balancing tests
      BUG/MEDIUM: listeners: do not pause foreign listeners
      REGTEST: fix host part in balance-uri-path-only.vtc
      REGTEST: make abns_socket.vtc require 1.8
      REGTEST: make map_regm_with_backref require 1.7


Reply via email to