Hi, HAProxy 2.6.29 was released on 2026/05/11. It added 5 new commits after version 2.6.28.
The intent of this quick release is to fix a regression introduced in previous version affecting WebSocket over H2, and too short a master CLI timeout: - the recent change to try to release the master socket connections when an old worker doesn't respond were a bit too effective and broke valid operations. Indeed, by involving the server-fin timeout, the goal was to arm the timeout only once the client had disconnected, but right now commands are sent one at a time immediately followed by a shut which also arms the timeout, so commands that take too long to execute (e.g. reload) now report an error after one second. For now the fix was reverted since the original problem is super rare. Other options are still being considered, but it's possible that 3.4 and stable versions will use different approaches (e.g. a conservative timeout of several minutes for stable and something cleaner for 3.4). - the recent fix on handling of the H2 ":protocol" pseudo-header that was introduced with RFC8441 to support WebSocket over H2 was incorrect, due to my misunderstanding of the client's obligations in this spec when confronted to RFC9113: the client doesn't need to negotiate nor advertise intent to use Extended CONNECT, so that broke WebSocket over H2 on the frontend. - the "set stick-table" command on the CLI used to perform a lookup before checking the CLI permissions, but this lookup could create a non-existing entry, without being able to set the relevant data, then ending in an error. While it cannot really be used for attacking, it could be misused by scripts accidentally leaving incomplete entries until the timeout strikes. Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/2.6/src/ Git repository : https://git.haproxy.org/git/haproxy-2.6.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-2.6.git Changelog : https://www.haproxy.org/download/2.6/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages Willy --- Complete changelog : Willy Tarreau (5): Revert "BUG/MEDIUM: cli: fix master CLI connection slot leak on client disconnect" Revert "BUG/MINOR: mux-h2: condition the processing of 8441 extension to global setting" BUG/MEDIUM: mux-h2: fix the detection of the ext connect support BUG/MEDIUM: stick-table: properly check permissions on CLI's set/clear cmd BUG/MINOR: cfgparse-listen: do not emit extraneous line in rule order warnings ---
