Hi, HAProxy 2.2.27 was released on 2023/01/27. It added 31 new commits after version 2.2.26.
This release fixes a 2.2.26 regression that prevents HAProxy to start when a ring section is configured. Indeed, in this case an error during the configuration parsing was triggered because a backport was failed. This issue is fixed now. About other fixes: * Interim H2 responses that carry the end-of-stream flag are now rejected as invalid while it was handled as a full response. The consequences of this issue are uncertain in 2.4 and newer, but on 2.2 and older it could trigger a BUG_ON() condition and cause a panic. * The FCGI path-info subexpression was not properly handled due to an inverted condition. * A major fix regarding uninitialized bytes in the FCGI mux was backported. It one could have leak sensitive data to the backends before the fix. * Make sure that the logged HTTP status matches the reported status even upon errors and also after http-after-response * When trying to upgrade from a previous version with a reload instead of a restart, a bug in the master-worker was preventing to reload and was stopping the whole process. * A fix for a buffer realignment bug introduced in 1.9 was fixed. It's uncertain whether it was possible to trigger it or not, but it could possibly have been responsible for some rare unexplained corruptions. * A scheduling issue in the resolvers was preventing the resolution during runtime. Thanks everyone for you help and your contributions ! Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/2.2/src/ Git repository : https://git.haproxy.org/git/haproxy-2.2.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-2.2.git Changelog : https://www.haproxy.org/download/2.2/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages --- Complete changelog : Aurelien DARRAGON (2): REGTEST: fix the race conditions in digest.vtc REGTEST: fix the race conditions in hmac.vtc Christopher Faulet (11): BUG/MEDIIM: stconn: Flush output data before forwarding close to write side BUG/MINOR: cfgparse: Use the right proxy list during validity check of sinks BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action BUG/MINOR: promex: Don't forget to consume the request on error BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state Manu Nicolas (1): CLEANUP: htx: fix a typo in an error message of http_str_to_htx Paul Barnetta (1): BUG/MINOR: mux-fcgi: Correctly set pathinfo Remi Tricot-Le Breton (4): BUG/MEDIUM: ssl: Verify error codes can exceed 63 BUG/MINOR: ssl: Fix potential overflow BUG/MINOR: http: Memory leak of http redirect rules' format string BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain William Lallemand (4): CI: github: change "ubuntu-latest" to "ubuntu-20.04" BUILD: peers: peers-t.h depends on stick-table-t.h BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers REGTESTS: startup: check maxconn computation Willy Tarreau (6): BUILD: makefile: build the features list dynamically BUILD: makefile: sort the features list BUG/MINOR: http-ana: make set-status also update txn->status BUG/MINOR: mux-h2: add missing traces on failed headers decoding BUILD: hpack: include global.h for the trash that is needed in debug mode BUG/MINOR: sink: free the forwarding task on exit Youfu Zhang (1): BUG/MAJOR: fcgi: Fix uninitialized reserved bytes scientiamobile (1): LICENSE: wurfl: clarify the dummy library license. -- Christopher Faulet