Hello community, here is the log from the commit of package haproxy for openSUSE:Leap:15.2 checked in at 2020-05-06 20:41:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/haproxy (Old) and /work/SRC/openSUSE:Leap:15.2/.haproxy.new.2738 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "haproxy" Wed May 6 20:41:56 2020 rev:43 rq:800743 version:2.0.14 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/haproxy/haproxy.changes 2020-05-04 08:23:32.676478583 +0200 +++ /work/SRC/openSUSE:Leap:15.2/.haproxy.new.2738/haproxy.changes 2020-05-06 20:42:01.736848755 +0200 @@ -1,0 +2,217 @@ +Wed Apr 15 09:50:13 UTC 2020 - [email protected] + +- Removed patch: haproxy-2.0-hpack-tbl.patch as already fixed in 2.0.14 + +- Update to version 2.0.14: (bsc#1169457) + * [RELEASE] Released version 2.0.14 + * BUG/MINOR: namespace: avoid closing fd when socket failed in my_socketat + * BUG/MEDIUM: muxes: Use the right argument when calling the destroy method. + * SCRIPTS: announce-release: use mutt -H instead of -i to include the draft + * MINOR: http-htx: Add a function to retrieve the headers size of an HTX message + * MINOR: filters: Forward data only if the last filter forwards something + * BUG/MINOR: filters: Count HTTP headers as filtered data but don't forward them + * BUG/MINOR: http-ana: Matching on monitor-uri should be case-sensitive + * BUG/MAJOR: http-ana: Always abort the request when a tarpit is triggered + * MINOR: ist: add an iststop() function + * BUG/MINOR: http: http-request replace-path duplicates the query string + * BUG/MEDIUM: shctx: make sure to keep all blocks aligned + * MINOR: compiler: move CPU capabilities definition from config.h and complete them + * BUG/MEDIUM: ebtree: don't set attribute packed without unaligned access support + * BUILD: fix recent build failure on unaligned archs + * CLEANUP: cfgparse: Fix type of second calloc() parameter + * BUG/MINOR: sample: fix the json converter's endian-sensitivity + * BUG/MEDIUM: ssl: fix several bad pointer aliases in a few sample fetch functions + * BUG/MINOR: connection: make sure to correctly tag local PROXY connections + * MINOR: compiler: add new alignment macros + * BUILD: ebtree: improve architecture-specific alignment + * BUG/MINOR: sample: Make sure to return stable IDs in the unique-id fetch + * BUG/MINOR: dns: ignore trailing dot + * MINOR: contrib/prometheus-exporter: Add heathcheck status/code in server metrics + * MINOR: contrib/prometheus-exporter: Add the last heathcheck duration metric + * BUG/MEDIUM: random: initialize the random pool a bit better + * MINOR: tools: add 64-bit rotate operators + * BUG/MEDIUM: random: implement a thread-safe and process-safe PRNG + * MINOR: backend: use a single call to ha_random32() for the random LB algo + * BUG/MINOR: checks/threads: use ha_random() and not rand() + * BUG/MAJOR: list: fix invalid element address calculation + * MINOR: debug: report the task handler's pointer relative to main + * BUG/MEDIUM: debug: make the debug_handler check for the thread in threads_to_dump + * MINOR: haproxy: export main to ease access from debugger + * BUG/MINOR: wdt: do not return an error when the watchdog couldn't be enabled + * DOC: fix incorrect indentation of http_auth_* + * OPTIM: startup: fast unique_id allocation for acl. + * BUG/MINOR: pattern: Do not pass len = 0 to calloc() + * DOC: configuration.txt: fix various typos + * DOC: assorted typo fixes in the documentation and Makefile + * BUG/MINOR: init: make the automatic maxconn consider the max of soft/hard limits + * BUG/MAJOR: proxy_protocol: Properly validate TLV lengths + * REGTEST: make the PROXY TLV validation depend on version 2.2 + * MINOR: htx: Add a function to return a block at a specific offset + * BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the response payload + * BUG/MEDIUM: compression/filters: Fix loop on HTX blocks compressing the payload + * BUG/MINOR: http-ana: Reset request analysers on a response side error + * BUG/MINOR: lua: Ignore the reserve to know if a channel is full or not + * BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject action + * BUG/MINOR: http-rules: Fix a typo in the reject action function + * BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop action + * BUG/MINOR: rules: Increment be_counters if backend is assigned for a silent-drop + * DOC: fix typo about no-tls-tickets + * DOC: improve description of no-tls-tickets + * DOC: ssl: clarify security implications of TLS tickets + * BUILD: wdt: only test for SI_TKILL when compiled with thread support + * BUG/MEDIUM: random: align the state on 2*64 bits for ARM64 + * BUG/MINOR: haproxy: always initialize sleeping_thread_mask + * BUG/MINOR: listener/mq: do not dispatch connections to remote threads when stopping + * BUG/MINOR: haproxy/threads: try to make all threads leave together + * DOC: proxy_protocol: Reserve TLV type 0x05 as PP2_TYPE_UNIQUE_ID + * BUILD: on ARM, must be linked to libatomic. + * BUILD: makefile: fix regex syntax in ARM platform detection + * BUILD: makefile: fix expression again to detect ARM platform + * BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong cases. + * DOC: assorted typo fixes in the documentation + * MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into types/signal.h. + * BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in __signal_process_queue(). + * MINOR: memory: Change the flush_lock to a spinlock, and don't get it in alloc. + * BUG/MINOR: connections: Make sure we free the connection on failure. + * REGTESTS: use "command -v" instead of "which" + * REGTEST: increase timeouts on the seamless-reload test + * BUG/MINOR: haproxy/threads: close a possible race in soft-stop detection + * BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized + * BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL + * BUG/MINOR: peers: Use after free of "peers" section. + * MINOR: listener: add so_name sample fetch + * BUILD: ssl: only pass unsigned chars to isspace() + * BUG/MINOR: stats: Fix color of draining servers on stats page + * DOC: internals: Fix spelling errors in filters.txt + * MINOR: http-rules: Add a flag on redirect rules to know the rule direction + * BUG/MINOR: http_ana: make sure redirect flags don't have overlapping bits + * MINOR: http-rules: Handle the rule direction when a redirect is evaluated + * BUG/MINOR: filters: Use filter offset to decude the amount of forwarded data + * BUG/MINOR: filters: Forward everything if no data filters are called + * BUG/MINOR: http-ana: Reset request analysers on error when waiting for response + * BUG/CRITICAL: hpack: never index a header into the headroom after wrapping + +2020/02/13 : 2.0.13 + * BUG/MINOR: checks: refine which errno values are really errors. + * BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready. + * BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection. + * MINOR: config: disable busy polling on old processes + * MINOR: ssl: Remove unused variable "need_out". + * BUG/MINOR: h1: Report the right error position when a header value is invalid + * BUG/MINOR: proxy: Fix input data copy when an error is captured + * BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied + * BUG/MINOR: channel: inject output data at the end of output + * BUG/MEDIUM: session: do not report a failure when rejecting a session + * BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached + * BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send() + * BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch + * BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary + * BUG/MINOR: cli/mworker: can't start haproxy with 2 programs + * REGTEST: mcli/mcli_start_progs: start 2 programs + * BUG/MEDIUM: mworker: remain in mworker mode during reload + * BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed(). + * BUG/MAJOR: hashes: fix the signedness of the hash inputs + * REGTEST: add sample_fetches/hashes.vtc to validate hashes + * BUG/MEDIUM: cli: _getsocks must send the peers sockets + * BUG/MINOR: stream: don't mistake match rules for store-request rules + * BUG/MEDIUM: connection: add a mux flag to indicate splice usability + * BUG/MINOR: pattern: handle errors from fgets when trying to load patterns + * BUG/MINOR: cache: Fix leak of cache name in error path + * BUG/MINOR: dns: Make dns_query_id_seed unsigned + * BUG/MINOR: 51d: Fix bug when HTX is enabled + * BUILD: pattern: include errno.h + * BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters + * BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules + * BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing + * BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing + * MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive + * BUG/MINOR: http_act: don't check capture id in backend + * BUG/MEDIUM: 0rtt: Only consider the SSL handshake. + * BUG/MINOR: stktable: report the current proxy name in error messages + * BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers" + * BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines + * BUG/MINOR: dns: allow srv record weight set to 0 + * BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure. + * BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack + * BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error + * BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2 + * BUG/MEDIUM: connections: Don't forget to unlock when killing a connection. + * BUG/MEDIUM: memory_pool: Update the seq number in pool_flush(). + * MINOR: memory: Only init the pool spinlock once. + * BUG/MEDIUM: memory: Add a rwlock before freeing memory. + * BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty. + * BUG/MINOR: ssl: we may only ignore the first 64 errors + * CONTRIB: debug: add missing flags SF_HTX and SF_MUX + * CONTRIB: debug: add the possibility to decode the value as certain types only + * CONTRIB: debug: support reporting multiple values at once + * MINOR: acl: Warn when an ACL is named 'or' + * CONTRIB: debug: also support reading values from stdin + * SCRIPTS: announce-release: place the send command in the mail's header + * SCRIPTS: announce-release: allow the user to force to overwrite old files + * MINOR: build: add linux-glibc-legacy build TARGET + * BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit + * MINOR: http: add a new "replace-path" action + * BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer. + * BUG/MINOR: dns: allow 63 char in hostname + * BUG/MEDIUM: listener: only consider running threads when resuming listeners + * BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init + * BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener + * DOC: word converter ignores delimiters at the start or end of input string + * BUG/MINOR: tcp: don't try to set defaultmss when value is negative + * SCRIPTS: make announce-release executable again + +2019/12/21 : 2.0.12 + * DOC: Improve documentation of http-re(quest|sponse) replace-(header|value|uri) + * DOC: clarify the fact that replace-uri works on a full URI + * BUG/MINOR: sample: fix the closing bracket and LF in the debug converter + * BUG/MINOR: sample: always check converters' arguments + * BUG/MEDIUM: ssl: Don't set the max early data we can receive too early. + * MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task + * BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing + * BUG/MEDIUM: ssl: Revamp the way early data are handled. + * MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute + * BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd + * BUG/MINOR: ssl: openssl-compat: Fix getm_ defines + * BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream + * BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility + +2019/12/11 : 2.0.11 + * BUG/MINOR: stream: init variables when the list is empty + * BUG/MINOR: contrib/prometheus-exporter: Use HTX errors and not legacy ones + * BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only + * BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is empty + * DOC: Clarify behavior of server maxconn in HTTP mode + * DOC: clarify matching strings on binary fetches + * DOC: move the "group" keyword at the right place + * BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data + * BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible + * BUG/MEDIUM: listener/thread: fix a race when pausing a listener + * BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 + * BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending + * BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN + * BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data + * BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity(). + * BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting. + * BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added + * BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state + * BUG/MINOR: listener/threads: always use atomic ops to clear the FD events ++++ 20 more lines (skipped) ++++ between /work/SRC/openSUSE:Leap:15.2/haproxy/haproxy.changes ++++ and /work/SRC/openSUSE:Leap:15.2/.haproxy.new.2738/haproxy.changes Old: ---- haproxy-2.0-hpack-tbl.patch haproxy-2.0.10+git0.ac198b92.tar.gz New: ---- haproxy-2.0.14.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ haproxy.spec ++++++ --- /var/tmp/diff_new_pack.ydM4qZ/_old 2020-05-06 20:42:02.324849973 +0200 +++ /var/tmp/diff_new_pack.ydM4qZ/_new 2020-05-06 20:42:02.324849973 +0200 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version: 2.0.10+git0.ac198b92 +Version: 2.0.14 Release: 0 # # @@ -91,7 +91,7 @@ Patch1: haproxy-1.6.0_config_haproxy_user.patch Patch2: haproxy-1.6.0-makefile_lib.patch Patch3: haproxy-1.6.0-sec-options.patch -Patch4: haproxy-2.0-hpack-tbl.patch + # Source99: haproxy-rpmlintrc # @@ -125,7 +125,6 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 %build make \ ++++++ _service ++++++ --- /var/tmp/diff_new_pack.ydM4qZ/_old 2020-05-06 20:42:02.364850056 +0200 +++ /var/tmp/diff_new_pack.ydM4qZ/_new 2020-05-06 20:42:02.368850064 +0200 @@ -3,10 +3,8 @@ <param name="url">http://git.haproxy.org/git/haproxy-2.0.git</param> <param name="scm">git</param> <param name="filename">haproxy</param> - <param name="versionformat">@PARENT_TAG@+git@TAG_OFFSET@.%h</param> - <param name="versionrewrite-pattern">v(.*)</param> - <param name="versionrewrite-replacement">\1</param> - <param name="revision">v2.0.10</param> + <param name="versionformat">2.0.14</param> + <param name="revision">v2.0.14</param> <param name="changesgenerate">enable</param> </service> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.ydM4qZ/_old 2020-05-06 20:42:02.388850106 +0200 +++ /var/tmp/diff_new_pack.ydM4qZ/_new 2020-05-06 20:42:02.388850106 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">http://git.haproxy.org/git/haproxy-2.0.git</param> - <param name="changesrevision">ac198b92d461515551b95daae20954b3053ce87e</param> + <param name="changesrevision">396d200d414baff193e51d5fa5c8c9fe87ee12ad</param> </service> </servicedata> \ No newline at end of file ++++++ haproxy-2.0.10+git0.ac198b92.tar.gz -> haproxy-2.0.14.tar.gz ++++++ ++++ 7393 lines of diff (skipped) ++++++ haproxy.cfg ++++++ --- /var/tmp/diff_new_pack.ydM4qZ/_old 2020-05-06 20:42:02.900851166 +0200 +++ /var/tmp/diff_new_pack.ydM4qZ/_new 2020-05-06 20:42:02.904851175 +0200 @@ -32,4 +32,4 @@ stats enable stats uri / stats refresh 5s - rspadd Server:\ haproxy/1.6 + rspadd Server:\ haproxy/2.0
