Hi, HAProxy 2.3.12 was released on 2021/07/08. It added 2 new commits after version 2.3.11.
Please do not use 2.3.11! I failed the backport of the use-after-free bug fix in the lockless pools between 2.4 and 2.3. The pools code in 2.4 was significantly reworked to be cleaner and simpler, and I found two occurrences in 2.3 and older that required the same fix and that were missing it. The result can be a runtime deadlock depending on the build options, the operating system and the load (the watchdog will catch it, but nobody wants to deploy this, obviously). After scrutinizing the code all the afternoon and torturing it under different build options, I can now affirm that the code is properly fixed in 2.3.12. These patches were backported into 2.2 as well because the faulty patch was already there. For 2.0 and below the patch was fixed to limit the risks of incomplete backports (namely for those who continue to cherry-pick selected fixes). I'm seeing that at least Vincent was fast enough to package 2.3.11 for debian 10, I hope nobody deployed it yet. I'm really sorry for the mess. For those who are wondering, 2.4 was not affected. Please find the usual URLs below : Site index : http://www.haproxy.org/ Discourse : http://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Wiki : https://github.com/haproxy/wiki/wiki Sources : http://www.haproxy.org/download/2.3/src/ Git repository : http://git.haproxy.org/git/haproxy-2.3.git/ Git Web browsing : http://git.haproxy.org/?p=haproxy-2.3.git Changelog : http://www.haproxy.org/download/2.3/src/CHANGELOG Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ Willy --- Complete changelog : Willy Tarreau (2): BUG/MAJOR: pools: fix incomplete backport of lockless pool fix BUG/MAJOR: pools: second fix for incomplete backport of lockless pool fix ---