Hi,
HAProxy 2.7.3 was released on 2023/02/14. It added 76 new commits
after version 2.7.2.
The main reason for this release today is the availability of a fix for the
vulnerability explained in the other thread (CVE-2023-25725).
In addition, this version addresses the following issues:
- a risk of crash in QUIC when "option nolinger" is present, when
dealing with 1-RTT packets, or when no space is available to send
trailers or H3 SETTINGS frames.
- a regression from a previous fix that caused some server-side
connection not to expire if some unsent data are blocked in the
request channel.
- a 13-years old issue with the expiration of old entries in stick-
tables that slows down eviction at every timer period rollover
(49.7 days), making the table size and memory usage grow for a
while until all of them were either refreshed or expired. I'm
still puzzled that 3 users apparently noticed it at the same time
around last rollover on Jan 30th.
- hot-adding a server via the CLI could result in it not taking
traffic if its "maxconn" value was set and not the "minconn" one,
causing 503 to be returned.
- various minor QUIC issues were addressed by resyncing the code with
2.8-dev.
- file-backed rings used by traces were not properly unmapped before
being closed, sometimes resulting in losing the latest updates.
- a few memory leaks on deinit were addressed (these are only noticeable
in Valgrind or ASAN).
- a bug in the SSL cache eviction that affected WolfSSL was fixed, but
it's unclear if it could affect other libs (openssl was apparently not
due to fixed-size records)
- a warning will be emitted when a crt-list line is malformed.
- the stats will now report request and session counters per HTTP
version in the tooltip that appears in "sessions/total" column.
- the CLI's "show quic" command was backported, it corresponds to
"netstat" or "ss" in TCP except that here it is for QUIC, so it
allows to inspect the state of currently established QUIC connections.
- a new global setting "tune.quic.max-frame-loss" was added to limit
the number of retransmits over a QUIC connection (10 by default), so
that dead connections can always expire.
- minor doc fixes
The changes are intentionally limited so that all users of 2.7.2 and older
can update without taking risks.
Please find the usual URLs below :
Site index : https://www.haproxy.org/
Documentation : https://docs.haproxy.org/
Wiki : https://github.com/haproxy/wiki/wiki
Discourse : https://discourse.haproxy.org/
Slack channel : https://slack.haproxy.org/
Issue tracker : https://github.com/haproxy/haproxy/issues
Sources :
https://www.haproxy.org/download/20230214-cve-2023-25725/src/
Git repository :
https://git.haproxy.org/git/haproxy-20230214-cve-2023-25725.git/
Git Web browsing :
https://git.haproxy.org/?p=haproxy-20230214-cve-2023-25725.git
Changelog :
https://www.haproxy.org/download/20230214-cve-2023-25725/src/CHANGELOG
Dataplane API :
https://github.com/haproxytech/dataplaneapi/releases/latest
Pending bugs : https://www.haproxy.org/l/pending-bugs
Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs
Code reports : https://www.haproxy.org/l/code-reports
Latest builds : https://www.haproxy.org/l/dev-packages
Willy
---
Complete changelog :
Aleksey Ponomaryov (1):
BUG/MEDIUM: stick-table: do not leave entries in end of window during
purge
Amaury Denoyelle (28):
MEDIUM: quic-sock: fix udp source address for send on listener socket
MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
BUG/MINOR: h3: fix GOAWAY emission
BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
BUG/MEDIUM: h3: do not crash if no buf space for trailers
OPTIM: h3: skip buf realign if no trailer to encode
MINOR: mux-quic/h3: define stream close callback
BUG/MEDIUM: h3: handle STOP_SENDING on control stream
BUG/MINOR: h3: reject RESET_STREAM received for control stream
MINOR: h3: add missing traces on closure
BUG/MINOR: h3: fix crash due to h3 traces
MINOR: quic: remove fin from quic_stream frame type
MINOR: quic: ensure offset is properly set for STREAM frames
MINOR: quic: define new functions for frame alloc
MINOR: quic: refactor frame deallocation
MEDIUM: quic: implement a retransmit limit per frame
MINOR: quic: add config for retransmit limit
BUG/MEDIUM: quic: do not split STREAM frames if no space
BUG/MINOR: h3: fix crash due to h3 traces
MINOR: quic: implement a basic "show quic" CLI handler
MINOR: quic: display CIDs and state in "show quic"
MINOR: quic: display socket info on "show quic"
MINOR: quic: display infos about various encryption level on "show quic"
MINOR: quic: display Tx stream info on "show quic"
MINOR: quic: filter closing conn on "show quic"
BUG/MINOR: quic: fix filtering of closing connections on "show quic"
BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
BUG/MINOR: mworker: fix uptime for master process
Aurelien DARRAGON (12):
DEV: hpack: fix `trash` build regression
BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
BUG/MINOR: stats: use proper buffer size for http dump
BUG/MINOR: stats: fix source buffer size for http dump
BUG/MEDIUM: stats: fix resolvers dump
BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
BUG/MINOR: stats: fix show stats field ctx for servers
BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
DOC: config: fix option spop-check proxy compatibility
DOC: config: 'http-send-name-header' option may be used in default section
MINOR: cfgparse/server: move (min/max)conn postparsing logic into
dedicated function
BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding
server
Christopher Faulet (1):
BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
Frédéric Lécaille (14):
BUG/MINOR: quic: Do not request h3 clients to close its unidirection
streams
MINOR: stats: add by HTTP version cumulated number of sessions and
requests
BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
BUG/MINOR: quic: Possible stream truncations under heavy loss
BUG/MINOR: quic: Too big PTO during handshakes
MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
MINOR: quic: When probing Handshake packet number space, also probe the
Initial one
BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
BUG/MINOR: quic: Unchecked source connection ID
MINOR: quic: Update version_information transport parameter to draft-14
BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword
list
BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
Olivier Houchard (1):
MINOR: connection: add a BUG_ON() to detect destroying connection in idle
list
Remi Tricot-Le Breton (1):
BUG/MINOR: jwt: Wrong return value checked
William Lallemand (2):
BUG/MEDIUM: ssl: wrong eviction from the session cache tree
BUG/MINOR: ssl/crt-list: warn when a line is malformated
Willy Tarreau (16):
BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
DEV: haring: add a new option "-r" to automatically repair broken files
BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
BUG/MINOR: log: release global log servers on exit
BUG/MINOR: ring: release the backing store name on exit
BUG/MINOR: sink: free the forwarding task on exit
MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is
active
MINOR: trace: add a trace_no_cb() dummy callback for when to use no
callback
MINOR: trace: add the long awaited TRACE_PRINTF()
CLEANUP: quic: no need for atomics on packet refcnt
BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime
calculation
BUG/MEDIUM: cache: use the correct time reference when comparing dates
BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
DOC: proxy-protocol: fix wrong byte in provided example
BUG/CRITICAL: http: properly reject empty http header field names
---