subject:"\[ANNOUNCE\] haproxy\-1.8.10"

Re: [ANNOUNCE] haproxy-1.8.10

2018-06-23 Thread Aleksandar Lazic

Am 22.06.2018 um 16:42 schrieb William Lallemand:
> Hi,
> 
> HAProxy 1.8.10 was released on 2018/06/22. It added 40 new commits
> after version 1.8.9.

The image is also updated.

https://hub.docker.com/r/me2digital/haproxy18/

###
$ docker run --rm --entrypoint /usr/local/sbin/haproxy me2digital/haproxy18 -vv
HA-Proxy version 1.8.10-ec17d7a 2018/06/22
Copyright 2000-2018 Willy Tarreau 

Build options :
  TARGET  = linux2628
  CPU = generic
  CC  = gcc
  CFLAGS  = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement -fwrapv
-fno-strict-overflow -Wno-unused-label
  OPTIONS = USE_LINUX_SPLICE=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_REGPARM=1
USE_OPENSSL=1 USE_LUA=1 USE_PCRE=1 USE_PCRE_JIT=1 USE_TFO=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with OpenSSL version : OpenSSL 1.0.2k-fips  26 Jan 2017
Running on OpenSSL version : OpenSSL 1.0.2k-fips  26 Jan 2017
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : SSLv3 TLSv1.0 TLSv1.1 TLSv1.2
Built with Lua version : Lua 5.3.4
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT
IP_FREEBIND
Encrypted password support via crypt(3): yes
Built with multi-threading support.
Built with PCRE version : 8.32 2012-11-30
Running on PCRE version : 8.32 2012-11-30
PCRE library supports JIT : yes
Built with zlib version : 1.2.7
Running on zlib version : 1.2.7
Compression algorithms supported : identity("identity"), deflate("deflate"),
raw-deflate("deflate"), gzip("gzip")
Built with network namespace support.

Available polling systems :
  epoll : pref=300,  test result OK
   poll : pref=200,  test result OK
 select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Available filters :
[SPOE] spoe
[COMP] compression
[TRACE] trace
###

Best regards
aleks

> This version fixes several bugs that were crashing haproxy, when using
> http-request set-map with a wrong type or with the cirpherlist capture.
> Some deadlocks and crashes were also fixed that were provoked by the lua.
> 
> There was also an issue with the poller which was using 100% of the CPU.
> 
> It fixes several issues where haproxy was not leaving anymore when asked for a
> soft stop, or a reload in master-worker mode. These issues were amplified with
> the use of nbthread.
> 
> The SPOP version has been upgraded to 2.0. Due to an inconsistency in the
> examples and the reference implementation the 1.0 version is not supported
> anymore. This new version is basically the 1.0 with a bugfix. If your SPOP
> agent does not work anymore, you must upgrade the version and fix the SPOP
> flags. See commits c4dcaff, 48d02d0, 633f3bf in the master.
> 
> Thanks to all people who reported and helped fix those issues.
> 
> Users are encouraged to update.
> 
> Please find the usual URLs below :
>Site index   : http://www.haproxy.org/
>Discourse: http://discourse.haproxy.org/
>Sources  : http://www.haproxy.org/download/1.8/src/
>Git repository   : http://git.haproxy.org/git/haproxy-1.8.git/
>Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git
>Changelog: http://www.haproxy.org/download/1.8/src/CHANGELOG
>Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/
> 
> 
> ---
> Complete changelog :
> Christopher Faulet (9):
>   BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode 
> flags
>   BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode 
> flags
>   BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in 
> sync mode
>   MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 
> 1.0
>   BUG/MINOR: contrib/spoa_example: Don't reset the status code during 
> disconnect
>   BUG/MINOR: contrib/mod_defender: Don't reset the status code during 
> disconnect
>   BUG/MINOR: contrib/modsecurity: Don't reset the status code during 
> disconnect
>   BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
>   MINOR: threads: Be sure to remove threads from all_threads_mask on exit
> 
> Daniel Corbett (2):
>   BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
>   BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
> 
> David Carlier (1):
>   DOC: contrib/modsecurity: few typo fixes
> 
> Dragan Dosen (2):
>   BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
>   BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
> 
> Frédéric Lécaille (1):
>   BUG/MINOR: lua: Segfaults with wrong usage of types.
> 
> Kevin Zhu (1):
>   DOC: SPOE.txt: fix a typo
> 
> Olivier Houchard (4):
>   BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check 
> failure.
>   BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
>   BUG/MINOR: unix: Make sure we can

[ANNOUNCE] haproxy-1.8.10

2018-06-22 Thread William Lallemand

Hi,

HAProxy 1.8.10 was released on 2018/06/22. It added 40 new commits
after version 1.8.9.

This version fixes several bugs that were crashing haproxy, when using
http-request set-map with a wrong type or with the cirpherlist capture.
Some deadlocks and crashes were also fixed that were provoked by the lua.

There was also an issue with the poller which was using 100% of the CPU.

It fixes several issues where haproxy was not leaving anymore when asked for a
soft stop, or a reload in master-worker mode. These issues were amplified with
the use of nbthread.

The SPOP version has been upgraded to 2.0. Due to an inconsistency in the
examples and the reference implementation the 1.0 version is not supported
anymore. This new version is basically the 1.0 with a bugfix. If your SPOP
agent does not work anymore, you must upgrade the version and fix the SPOP
flags. See commits c4dcaff, 48d02d0, 633f3bf in the master.

Thanks to all people who reported and helped fix those issues.

Users are encouraged to update.

Please find the usual URLs below :
   Site index   : http://www.haproxy.org/
   Discourse: http://discourse.haproxy.org/
   Sources  : http://www.haproxy.org/download/1.8/src/
   Git repository   : http://git.haproxy.org/git/haproxy-1.8.git/
   Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git
   Changelog: http://www.haproxy.org/download/1.8/src/CHANGELOG
   Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/


---
Complete changelog :
Christopher Faulet (9):
  BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
  BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
  BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync 
mode
  MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 
1.0
  BUG/MINOR: contrib/spoa_example: Don't reset the status code during 
disconnect
  BUG/MINOR: contrib/mod_defender: Don't reset the status code during 
disconnect
  BUG/MINOR: contrib/modsecurity: Don't reset the status code during 
disconnect
  BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
  MINOR: threads: Be sure to remove threads from all_threads_mask on exit

Daniel Corbett (2):
  BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
  BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters

David Carlier (1):
  DOC: contrib/modsecurity: few typo fixes

Dragan Dosen (2):
  BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
  BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame

Frédéric Lécaille (1):
  BUG/MINOR: lua: Segfaults with wrong usage of types.

Kevin Zhu (1):
  DOC: SPOE.txt: fix a typo

Olivier Houchard (4):
  BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check 
failure.
  BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
  BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless 
reload.
  BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().

Thierry FOURNIER (11):
  BUG/MEDIUM: spoe: Flags are not encoded in network order
  BUG/MEDIUM: lua/socket: Length required read doesn't work
  MINOR: task/notification: Is notifications registered ?
  BUG/MEDIUM: lua/socket: wrong scheduling for sockets
  BUG/MAJOR: lua: Dead lock with sockets
  BUG/MEDIUM: lua/socket: Notification error
  BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
  BUG/MEDIUM: lua/socket: Buffer error, may segfault
  MINOR: lua: Increase debug information
  BUG/MAJOR: ssl: Random crash with cipherlist capture
  BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot

William Lallemand (5):
  BUG/MEDIUM: cache: don't cache when an Authorization header is present
  BUG/MEDIUM: threads: handle signal queue only in thread 0
  BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
  BUG/MINOR: signals: ha_sigmask macro for multithreading
  BUG/MAJOR: map: fix a segfault when using http-request set-map

Willy Tarreau (3):
  BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn 
computation
  BUG/BUILD: threads: unbreak build without threads
  BUG/BUILD: fd: fix typo causing a warning when threads are disabled

sada (1):
  BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 
arguments.

---

-- 
William Lallemand

Re: [ANNOUNCE] haproxy-1.8.10

[ANNOUNCE] haproxy-1.8.10

2 matches

Site Navigation

Mail list logo

Footer information