** Description changed: [ Feature Freeze exception ] The latest HAProxy releases introduce several bug fixes. Since we are performing stable updates for HAProxy, it would be nice to ensure oracular get also get those fixes. Moreover, it introduces a fix for CVE-2024-45506 (https://ubuntu.com/security/CVE-2024-45506). From the upstream changelog (https://www.haproxy.org/download/2.9/src/CHANGELOG) and the release announcement (https://www.mail- archive.com/[email protected]/msg45281.html), the only relevant functional change here is a DEFAULT_MAXFD configuration to set the maximum file descriptors to 1048576 to avoid possible long startup times and high memory usage. Attached are a diff of the changelogs of the proposed upstream version and the one currently in oracular, and the build logs for a local x86_64 build. The build logs for other platforms are available at https://launchpad.net/~athos-ribeiro/+archive/ubuntu/haproxy/+packages. Finally, the install logs are available together with the autopkgtest run for the PPA linked above. These are the autopkgtest logs for amd64: - TODO + https://autopkgtest.ubuntu.com/results/autopkgtest-oracular-athos- + ribeiro-haproxy/oracular/amd64/h/haproxy/20240913_105648_61afe@/log.gz [ Stable updates ] Apart from the oracular update, which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks an update for the HAProxy package in the following Ubuntu releases to the versions below: * noble (24.04): HAProxy 2.8.10 * jammy (22.04): HAProxy 2.4.27 * focal (20.04): HAProxy 2.0.35 These updates include bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/HAProxyUpdates. [Upstream changes] https://www.haproxy.org/download/2.8/src/CHANGELOG https://www.haproxy.org/download/2.4/src/CHANGELOG https://www.haproxy.org/download/2.0/src/CHANGELOG TODO: Highlight any important bug fix [Test Plan] TODO: link to the upstream CI pipelines demonstrating all tests are passing TODO: if there are any non passing tests - explain why that is ok in this case TODO: add results of a local autopkgtest run against all the new HAProxy versions [Regression Potential] HAProxy itself does not have many reverse dependencies, however, any upgrade is a risk to introduce some breakage to other packages. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. TODO: consider any other regression potential specific to the version being updated and list if any. [Former HAProxy MREs] - https://pad.lv/2012557 - https://pad.lv/2028418
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073315 Title: [FFe] + Backport of haproxy for focal, jammy and noble To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/2073315/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
