Hi, HAProxy 3.2.1 was released on 2025/06/11. It added 11 new commits after version 3.2.0.
It is small release but it fixed some bugs affecting the 3.2.0 that may be annoying: The main one was about the leastconn load-balancing algorithm. A crash could be experiences when a server passed up or down or when its weight changed while it was repositionned in the FWLC tree. In these cases, the tree was not enough protected and that led to inconsistencies. It was possible to not respect healthchecks timeout when the "check" timeout was defined with a high "connect" timeout. In that case, the check task was not woken up as expected on timeout expiration. This issue affects all stable versions. Last modifications on the command line parsing introduced a regression. Empty command lines were not properly parsed and could lead to crashes. This was fixed by detecting empty lines to skip arguments parsing. An old issue about the FD insertion in the fdtab array was revealed by the recent changes to support different CPU alloocation policies. The wrong thread group was used and depending on the mapping, this could lead to a crash. There was a memory leak when the SSL context allocation from a QUIC connection failed. The SSL object was not properly released. In the SPOP multiplexer, there was a possible NULL-pointer dereference on SPOP stream allocation failure. During the configuration parsing, it was possible to have a warning about empty argument emitted twice. This warning is now only displayed in discovery mode. The warning was also fixed to report the good argument number. Finally, the documentation of 'accept-unsafe-violations-in-http-request' option was fixed to properly describe checks performed on the URI during the request parsing. Thanks everyone for your help ! Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/3.2/src/ Git repository : https://git.haproxy.org/git/haproxy-3.2.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-3.2.git Changelog : https://www.haproxy.org/download/3.2/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages --- Complete changelog : Amaury Denoyelle (2): BUG/MINOR: config: emit warning for empty args only in discovery mode BUG/MINOR: config: fix arg number reported on empty arg warning Christopher Faulet (5): DOC: config: Fix a typo in 2.7 (Name format for maps and ACLs) BUG/MEDIUM: check: Requeue healthchecks on I/O events to handle check timeout BUG/MINOR: mux-spop: Fix null-pointer deref on SPOP stream allocation failure BUG/MEDIUM: cli: Properly parse empty lines and avoid crashed BUG/MINIR: h1: Fix doc of 'accept-unsafe-...-request' about URI parsing Frederic Lecaille (1): BUG/MINOR: quic: Missing SSL session object freeing Olivier Houchard (2): BUG/MAJOR: leastconn: Protect tree_elt with the lbprm lock BUG/MEDIUM: fd: Use the provided tgid in fd_insert() to get tgroup_info Willy Tarreau (1): BUILD: tools: properly define ha_dump_backtrace() to avoid a build warning -- Christopher Faulet
