On 2022-08-04 10:35, William Edwards wrote:
However,
https://haproxy.debian.net/#distribution=Debian&release=buster&version=2.2 says:
"The Debian HAProxy packaging team provides various versions of HAProxy
packages for use on different Debian or Ubuntu systems. The following
wizard helps you to find the package suitable for your system. [...] You
will get a stable release of HAProxy 2.2: you may not get the latest
version but important fixes from later versions are included. Moreover,
regressions are unlikely."
The bugs page tries to get users to ALWAYS use the latest version. But
the haproxy.debian.org page says that it's okay not to use the latest
version.
That's two different point of views, one from Debian, one from upstream.
They are difficult to reconcile. That's why you (as a user) have to
choose: an old version with only "important" fixes (security fixes
mostly) and with known bugs but unlikely regressions on upgrade, or a
recent version of a stable branch with fixes and sometimes regressions.
Upstream is unlikely to help debug old versions. The Debian solution is
to report the issue on bugs.debian.org, but this does not scale well and
I am likely to just ignore the bug because I am too short on time. If
2.2.9 as in official Debian repository does not work for you, the
easiest path is to upgrade to 2.2.25 using the second set of instructions.
> I found this bug[1] on the bugs page which looks promising. I'll do
> some more investigation today. Perhaps someone could corroborate that
> that bug's symptoms match what I'm seeing.
Note that if this patch fixes this bug, this is a lot of work to
integrate it into the current release of Debian. This will have to wait
for the next point release (not a security issue), I would need to ask
people to authorize the patch, explain, ask again, prepare, upload, then
upload the backports until you get the resulting package available as
2.2.9-2+deb11u4~bpo10+1. Backporting a random patch may trigger
regressions as it may need other patches to be backported. This is a
nest of problems. So, if this patch solves your issue, you are on your
own maintaining a fork of the package.
The commit mentioned in the patch (eddcfbc1911c when backported) is
introduced in 2.2.23, so it's likely not the patch you need or you need
other patches as well.