** Description changed: [ Feature Freeze exception DONE ] The latest HAProxy releases introduce several bug fixes. Since we are performing stable updates for HAProxy, it would be nice to ensure oracular get also get those fixes. Moreover, it introduces a fix for CVE-2024-45506 (https://ubuntu.com/security/CVE-2024-45506). From the upstream changelog (https://www.haproxy.org/download/2.9/src/CHANGELOG) and the release announcement (https://www.mail- archive.com/[email protected]/msg45281.html), the only relevant functional change here is a DEFAULT_MAXFD configuration to set the maximum file descriptors to 1048576 to avoid possible long startup times and high memory usage. Attached are a diff of the changelogs of the proposed upstream version and the one currently in oracular, and the build logs for a local x86_64 build. The build logs for other platforms are available at https://launchpad.net/~athos-ribeiro/+archive/ubuntu/haproxy/+packages. Finally, the install logs are available together with the autopkgtest run for the PPA linked above. These are the autopkgtest logs for amd64: https://autopkgtest.ubuntu.com/results/autopkgtest-oracular-athos- ribeiro-haproxy/oracular/amd64/h/haproxy/20240913_105648_61afe@/log.gz [ Stable updates ] Apart from the oracular update (to 2.9.10), which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks an update for the HAProxy package in the following Ubuntu releases to the versions below: * oracular (24.10): HAProxy 2.9.11 * noble (24.04): HAProxy 2.8.11 * jammy (22.04): HAProxy 2.4.27 * focal (20.04): HAProxy 2.0.35 These updates include bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/HAProxyUpdates. [Upstream changes] https://www.haproxy.org/download/2.9/src/CHANGELOG https://www.haproxy.org/download/2.8/src/CHANGELOG https://www.haproxy.org/download/2.4/src/CHANGELOG https://www.haproxy.org/download/2.0/src/CHANGELOG TODO: Highlight any important bug fix oracular (from 2.9.10 to 2.9.11): noble (from 2.8.5 to 2.8.11): jammy (from 2.4.24 to 2.4.27): focal (from 2.0.33 to 2.0.35): [Test Plan] TODO: link to the upstream CI pipelines demonstrating all tests are passing TODO: if there are any non passing tests - explain why that is ok in this case TODO: add results of a local autopkgtest run against all the new HAProxy versions [Regression Potential] HAProxy itself does not have many reverse dependencies, however, any upgrade is a risk to introduce some breakage to other packages. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [Regression Potential - Changes Analysis (CA)] There is a significant number of low regression risk (as per upstream classification) functional changes. Moreover, some (fewer) bug fixes have a possible major regression risk (again, as per upstream classification). The functional changes mentioned above were included because they are, in majority, needed by other entries which are bug fixes, i.e., these are functional changes needed to fix specific bugs. [Regression Potential - CA - Upstream changes classification criteria] https://github.com/haproxy/haproxy/blob/master/CONTRIBUTING#L632 describes the upstream guidelines for tagging the entries in the upstream changelog based on their purpose, importance, severity, etc. Below, I summarize the relevant bits of such guidelines. Patches "fixing a bug must have the 'BUG' tag", e.g., "BUG/MAJOR: description" "When the patch cannot be categorized, [...] only use a risk or complexity information [...]. This is commonly the case for new features". For instance, "MINOR: description" For MINOR tags, the patch "is safe enough to be backported to stable branches". Patches tagged MEDIUM "may cause unexpected regressions of low importance [...], the patch is safe but touches working areas". Patches tagged MAJOR carry a "major risk of hidden regression". There is also a CRITICAL tag but no changes are tagged with it in the new candidate versions. [Regression Potential - CA - Impact] For the next Focal MRE, we would upgrade HAPRoxy from 2.0.33 to 2.0.35. Among the changes, there is a single bug fix tagged as BUG/MAJOR. For the next Jammy MRE, we would upgrade HAPRoxy from 2.4.24 to 2.4.27. Among the changes, there are 4 bug fixes tagged as BUG/MAJOR, and 1 MEDIUM and 11 MINOR uncategorized changes (potentially functional). For the next Noble MRE, we would upgrade HAProxy from 2.8.5 to 2.8.11. Among the changes, there are 9 bug fixes tagged as BUG/MAJOR, and 1 MEDIUM and 33 MINOR uncategorized changes (potentially functional). For the next Oracular MRE we would upgrade HAProxy from 2.9.10 to 2.9.11. Among the changes, there is a single bug fix tagged as BUG/MAJOR, an 2 MEDIUM and 7 MINOR uncategorized changes (potentially functional). [Regression Potential - CA - Assessment] Below we discuss the changes with the greater regression potential (and the most relevant uncategorized ones, which may contain functional changes) Focal 20.04: - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions As described in https://github.com/haproxy/haproxy/commit/1ad19917213fac57ee37e581b0ef137e36c6309d, since version 2.0, HAProxy implements its own socket BIO. This bug fix changes the read/write operations to always clear their retry flags before performing their operations (instead of only doing so after successful IO operations). This seems have been set with BUG/MAJOR flag due to the severity of the bug, and this should not change the correct cases where IO retries are needed. Jammy 22.04: - TBD + - BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe + + The BUG/MAJOR flag seems to have been chosen here due to the severity of + the issue, as described in + https://github.com/haproxy/haproxy/commit/87b96cf3a5581199c96ba92063a4d44f9a86ba8e + when it describes the "several impacts" of the corner case being fixed. + + - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions + + This is the same as described for Focal. + + - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume() + + This is flagged BUG/MAJOR due to the bug severity: the lack of locking + for some lua stack locking could cause lua stack corruption under heavy + load. The fix is ensuring locks are acquired in additional places. + + - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before + headers + + This is also flagged as BUG/MAJOR due to the severity. As per the HTTP/2 + RFC, all headers should be received before any DATA frames. Not + reporting an error here would cause corruption. + + - MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe + for reads Noble 24.04: TBD Oracular 24.10: TBD [Former HAProxy MREs] - https://pad.lv/2012557 - https://pad.lv/2028418 [Appendix A - Upstream potentially breaking changes list] Below you will find the list of changes I extracted from the full changelogs of the candidate MRE versions. I filtered the changelogs with the following command: $ cat *_changelog | grep -E '^[^ ]|(- )?(MAJOR|CRIT)|- (MINOR|MEDIUM)' This selected only the unclassified (not bug fixing) changes and the bug fixing changes classified as BUG/MAJOR and BUG/CRITICAL. Focal - potentially upgrading from 2.0.33 to 2.0.35 ChangeLog : =========== 2024/04/05 : 2.0.35 - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions 2023/12/19 : 2.0.34 Jammy - potentially upgrading from 2.4.24 to 2.4.27 ChangeLog : =========== 2024/06/18 : 2.4.27 - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon - MINOR: hlua: don't dump empty entries in hlua_traceback() - BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe 2024/04/05 : 2.4.26 - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions - MINOR: hlua: Be able to disable logging from lua - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume() - MINOR: hlua: use accessors for stream hlua ctx 2023/12/14 : 2.4.25 - MINOR: hlua: add hlua_stream_ctx_prepare helper function - MINOR: buf: Add b_force_xfer() function - BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers - MINOR: pattern: fix pat_{parse,match}_ip() function comments - MINOR: connection: Add a CTL flag to notify mux it should wait for reads again - MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads - MINOR: htx: Use a macro for overhead induced by HTX - MINOR: channel: Add functions to get info on buffers and deal with HTX streams - MINOR: stktable: add stktable_deinit function Noble - potentially upgrading from 2.8.5 to 2.8.11 ChangeLog : =========== 2024/09/19 : 2.8.11 - MINOR: activity: make the memory profiling hash size configurable at build time - MEDIUM: ssl: initialize the SSL stack explicitely - MINOR: queue: add a function to check for TOCTOU after queueing - MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2) - MINOR: channel: implement ci_insert() function - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state 2024/06/14 : 2.8.10 - MINOR: net_helper: Add support for floats/doubles. - MINOR: log: add dup_logsrv() helper function - BUG/MAJOR: quic: Crash with TLS_AES_128_CCM_SHA256 (libressl only) - MEDIUM: config: prevent communication with privileged ports - MINOR: session: rename private conns elements - BUG/MAJOR: server: do not delete srv referenced by session - BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe 2024/04/05 : 2.8.9 2024/04/05 : 2.8.8 - MINOR: mux-h2: add a counter of "glitches" on a connection - MINOR: mux-h2: count excess of CONTINUATION frames as a glitch - MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch - MINOR: mux-h2: always use h2c_report_glitch() - MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection - MINOR: connection: add a new mux_ctl to report number of connection glitches - MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES - MINOR: connection: add sample fetches to report per-connection glitches - BUG/MAJOR: promex: fix crash on deleted server - MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support - BUG/MAJOR: server: fix stream crash due to deleted server - MINOR: hlua: Be able to disable logging from lua - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume() - MINOR: hlua: use accessors for stream hlua ctx - MINOR: server: allow cookie for dynamic servers - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon 2024/02/26 : 2.8.7 - BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI 2024/02/15 : 2.8.6 - MINOR: stats: store the parent proxy in stats ctx (http) - MINOR: h3: check connection error during sending - MINOR: mux-h2: support limiting the total number of H2 streams per connection - MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding - MINOR: debug: make sure calls to ha_crash_now() are never merged - MINOR: debug: make ABORT_NOW() store the caller's line number when using abort - MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT - MINOR: mux-h2/traces: also suggest invalid header upon parsing error - MINOR: mux-h2/traces: explicitly show the error/refused stream states - MINOR: mux-h2/traces: clarify the "rejected H2 request" event - MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc - BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions - MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid - MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT) - MINOR: quic: extract qc_stream_buf free in a dedicated function - MINOR: h3: add traces for stream sending function - MINOR: quic: Stop using 1024th of a second. - MINOR: quic: Update K CUBIC calculation (RFC 9438) - MINOR: quic: Dynamic packet reordering threshold - MINOR: quic: Add a counter for reordered packets - MINOR: errors: ha_alert() and ha_warning() uses warn_exec_path() - MINOR: ext-check: add an option to preserve environment variables Oracular - potentially upgrading from 2.9.10 to 2.9.11 ChangeLog : =========== 2024/09/19 : 2.9.11 - MINOR: channel: implement ci_insert() function - MINOR: tools: Implement ipaddrcpy(). - MINOR: quic: Implement quic_tls_derive_token_secret(). - MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD - MINOR: quic: Token for future connections implementation. - MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct) - MINOR: quic: Implement qc_ssl_eary_data_accepted(). - MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event. - BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state - MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073315 Title: [FFe] + Backport of haproxy for focal, jammy and noble To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/haproxy/+bug/2073315/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
