- Update from version 3.2.2 to 3.2.4
- Update of rootfile not required
- Changelog
3.2.4
- DOC: deviceatlas build clarifications
- BUG/MEDIUM: ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no
ECDSA ciphers
- BUG/MEDIUM: acme: use POST-as-GET instead of GET for resources
- MINOR: acme: remove acme_req_auth() and use acme_post_as_get()
instead
- BUG/MINOR: acme: allow "processing" in challenge requests
- CLEANUP: acme: fix wrong spelling of "resources"
- MINOR: acme: add ACME to the haproxy -vv feature list
- MINOR: acme: implement traces
- BUG/MINOR: hlua: Skip headers when a receive is performed on an
HTTP applet
- BUG/MEDIUM: hlua: Report to SC when data were consumed on a lua
socket
- BUG/MEDIUM: hlua: Report to SC when output data are blocked on a
lua socket
- BUG/MEDIUM: dns: Reset reconnect tempo when connection is finally
established
- BUG/MEDIUM: logs: fix sess_build_logline_orig() recursion with
options
- BUG/MINOR: hlua: take default-path into account with
lua-load-per-thread
- BUG/MEDIUM: mux-quic: ensure Early-data header is set
- CLEANUP: ssl: Rename ssl_trace-t.h to ssl_trace.h
- BUILD: acme: avoid declaring TRACE_SOURCE in acme-t.h
- BUG/MEDIUM: hlua_fcn: ensure systematic watcher cleanup for
server list
iterator
- MINOR: acme: emit a log for DNS-01 challenge response
- MINOR: acme: emit the DNS-01 challenge details on the dpapi sink
- MEDIUM: acme: allow to wait and restart the task for DNS-01
- MINOR: acme: update the log for DNS-01
- BUG/MINOR: acme: possible integer underflow in acme_txt_record()
- MEDIUM: acme: use lowercase for challenge names in configuration
- DOC: management: clarify usage of -V with -c
- MEDIUM: ssl/cli: relax crt insertion in crt-list of type directory
- BUG/MINOR: listener: really assign distinct IDs to shards
- MINOR: quic: Prevent QUIC build with OpenSSL 3.5 new QUIC API
version
< 3.5.1
- BUG/MEDIUM: quic: Crash after QUIC server callbacks restoration
(OpenSSL 3.5)
- BUG/MEDIUM: http-client: Don't wake http-client applet if nothing
was
xferred
- BUG/MEDIUM: http-client: Properly inc input data when HTX blocks
are
xferred
- BUG/MEDIUM: http-client: Ask for more room when request data
cannot be
xferred
- BUG/MINOR: http-client: Ignore 1XX interim responses in non-HTX
mode
- BUG/MINOR: http-client: Reject any 101-switching-protocols
response
- BUG/MEDIUM: http-client: Drain the request if an early response
is received
- BUG/MEDIUM: http-client: Notify applet has more data to deliver
until
the EOM
- MINOR: h1-htx: Add function to format an HTX message in its H1
representation
- BUG/MINOR: mux-h1: Use configured error files if possible for
early H1
errors
- BUG/MINOR: h1-htx: Don't forget to init flags in
h1_format_htx_msg function
- BUG/MEDIUM: h3: do not overwrite interim with final response
- BUG/MINOR: h3: properly realloc buffer after interim response
encoding
- BUG/MINOR: h3: ensure that invalid status code are not encoded
(FE side)
- MINOR: qmux: change API for snd_buf FIN transmission
- BUG/MEDIUM: h3: handle interim response properly on FE side
- BUG/MINOR: quic: Wrong source address use on FreeBSD
- MINOR: h3: remove unused outbuf in h3_resp_headers_send()
- BUG/MINOR: applet: Don't trigger BUG_ON if the tid is not on
appctx init
- BUG/MINOR: halog: exit with error when some output filters are set
simultaneosly
- BUG/MEDIUM: threads: Disable the workaround to load libgcc_s on
macOS
- BUG/MINOR: logs: fix log-steps extra log origins selection
- BUG/MINOR: hq-interop: fix FIN transmission
- BUG/MINOR mux-quic: apply correctly timeout on output pending data
- BUG/MINOR: mux-quic: ensure close-spread-time is properly applied
- CLEANUP: http-client: Remove useless indentation when sending
request body
- DOC: list missing global QUIC settings
- BUILD: compat: provide relaxed versions of the MIN/MAX macros
- BUILD: compat: always set _POSIX_VERSION to ease comparisons
- BUG/MINOR: stick-table: cap sticky counter idx with
tune.nb_stk_ctr
instead of MAX_SESS_STKCTR
- MINOR: sock: update broken accept4 detection for older hardwares.
- BUG/MEDIUM: ssl: Fix 0rtt to the server
- BUG/MEDIUM: ssl: fix build with AWS-LC
- BUG/MINOR: init: Initialize random seed earlier in the init
process
- DOC: management: fix typo in commit f4f93c56
- DOC: config: recommend single quoting passwords
- BUG/MEDIUM: mux-quic: adjust wakeup behavior
- BUG/MEDIUM: http-client: Test HTX_FL_EOM flag before commiting
the HTX
buffer
3.2.3
- CI: enable USE_QUIC=1 for OpenSSL versions >= 3.5.0
- CI: github: add an OpenSSL 3.5.0 job
- CI: github: update the stable CI to ubuntu-24.04
- BUILD: quic: QUIC build against OpenSSL 3.5 broken
- BUG/MEDIUM: quic: SSL/TCP handshake failures with OpenSSL 3.5
- CI: github: update to OpenSSL 3.5.1
- BUG/MINOR: quic: Missing TLS 1.3 QUIC cipher suites and groups
inits
(OpenSSL 3.5 QUIC API)
- BUG/MINOR: ssl/ocsp: fix definition discrepancies with
ocsp_update_init()
- BUG/MINOR: ssl: crash in ssl_sock_io_cb() with SSL traces and idle
connections
- BUG/MINOR: http-act: Fix parsing of the expression argument for
pause
action
- BUILD/MEDIUM: deviceatlas: fix when installed in custom locations.
Signed-off-by: Adolf Belka <[email protected]>
---
lfs/haproxy | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lfs/haproxy b/lfs/haproxy
index 005754e55..633d11f50 100644
--- a/lfs/haproxy
+++ b/lfs/haproxy
@@ -26,7 +26,7 @@ include Config
SUMMARY = The Reliable, High Performance TCP/HTTP Load Balancer
-VER = 3.2.2
+VER = 3.2.4
# From: https://www.haproxy.org/download/
@@ -36,7 +36,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = haproxy
-PAK_VER = 32
+PAK_VER = 33
DEPS =
@@ -54,7 +54,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 =
8dc203c6ff0d366cba482c55bb8fc03d0b8ed7f6fee96a311efebc8a00abb5f50f087fa4b1045322ee831f3f7da0bee6eea67200083b0af5d40e8dd3f252644c
+$(DL_FILE)_BLAKE2 =
b08c8637623a81f0e39ef897db032e43a5129cdff8440e6d77c8c19e3700b6f67bf4ac75084a465e100a7fb16c25a4c15830cda15baa4af927a919bff1c977bf
install : $(TARGET)
--
2.51.0
