Hi, HAProxy 2.0.18 was released on 2020/09/30. It added 43 new commits after version 2.0.17.
Just like with 2.1.9, this one also collects 2 months of fixes. It does have essentially the same fixes except for the Lua changes that allowed all sample fetch functions and converters to be used, since that's quite not suitable for 2.0 right now. The other fixed issues are still valid however: fixes for the reference python SPOA server, HTTP 1xx interim responses that were unexpectedly delayed, command-line parsing issue causing "haproxy -s" with no more argument to go 100% CPU, an unknown H2 frame type that was accidently rejected while it ought to not to, listeners not bound to all processes not correctly handling a pause and resume cycle, the workaround for the libgcc_s crashes when using chroot, Lua fixes to how arguments are passed to sample fetch functions and converters (namely maps), a few OCSP issues I don't remember about, and a rare risk of crash or most likely wrong info being used if a request-only sample fetch is used in a response. And unsurprisingly like with 2.1.9, there's no rush to upgrade to 2.0.18, however I'd appreciate it if new bug reports for 2.0 are provided based on 2.0.18 so that we're sure we're not facing a known fixed bug (since some of them are dirty and can cause erratic behaviors which complicate troubleshooting). Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Wiki : https://github.com/haproxy/wiki/wiki Sources : http://www.haproxy.org/download/2.0/src/ Git repository : http://git.haproxy.org/git/haproxy-2.0.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.0.git Changelog : http://www.haproxy.org/download/2.0/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Amaury Denoyelle (1): BUG/MINOR: config: Fix memory leak on config parse listen Christopher Faulet (9): BUG/MEDIUM: mux-h2: Don't fail if nothing is parsed for a legacy chunk response BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation BUG/MEDIUM: doc: Fix replace-path action description BUG/MEDIUM: pattern: Renew the pattern expression revision when it is pruned BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch Eric Salama (1): BUG/MINOR: Fix memory leaks cfg_parse_peers Gilchrist Dadaglo (5): BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed BUG/MINOR: contrib/spoa-server: Do not free reference to NULL BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address Tim Duesterhus (3): DOC: cache: Use '<name>' instead of '<id>' in error message MINOR: Commit .gitattributes CLEANUP: Update .gitignore Victor Kislov (1): BUG/MINOR: auth: report valid crypto(3) support depending on build options William Dauchy (2): DOC: spoa-server: fix false friends `actually` DOC: agent-check: fix typo in "fail" word expected reply William Lallemand (5): BUG/MINOR: snapshots: leak of snapshots on deinit() BUG/MINOR: startup: haproxy -s cause 100% cpu BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate BUG/MINOR: ssl: verifyhost is case sensitive Willy Tarreau (16): SCRIPTS: git-show-backports: make -m most only show the left branch SCRIPTS: git-show-backports: emit the shell command to backport a commit BUG/MINOR: stats: use strncmp() instead of memcmp() on health states BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction BUG/MINOR: reload: do not fail when no socket is sent BUG/MINOR: threads: work around a libgcc_s issue with chrooting BUILD: thread: limit the libgcc_s workaround to glibc only BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections BUILD: threads: better workaround for late loading of libgcc_s BUG/MINOR: server: report correct error message for invalid port on "socks4" BUG/MEDIUM: h2: report frame bits only for handled types BUG/MEDIUM: listeners: do not pause foreign listeners REGTESTS: add a few load balancing tests REGTEST: fix host part in balance-uri-path-only.vtc REGTEST: make abns_socket.vtc require 1.8 REGTEST: make map_regm_with_backref require 1.7 ---