Hi,
This is a friendly bot that watches fixes pending for the next haproxy-stable
release! One such e-mail is sent periodically once patches are waiting in the
last maintenance branch, and an ideal release date is computed based on the
severity of these fixes and their merge date. Responses to this mail must be
sent to the mailing list.
Last release 3.0.4 was issued on 2024-09-03. There are currently 32
patches in the queue cut down this way:
- 14 MEDIUM, first one merged on 2024-09-03
- 18 MINOR, first one merged on 2024-09-03
Thus the computed ideal release date for 3.0.5 would be 2024-10-01, which is in
three weeks or less.
Last release 2.9.10 was issued on 2024-09-03. There are currently 25
patches in the queue cut down this way:
- 10 MEDIUM, first one merged on 2024-09-04
- 15 MINOR, first one merged on 2024-09-04
Thus the computed ideal release date for 2.9.11 would be 2024-10-02, which is
in four weeks or less.
Last release 2.8.10 was issued on 2024-06-14. There are currently 58
patches in the queue cut down this way:
- 24 MEDIUM, first one merged on 2024-07-03
- 34 MINOR, first one merged on 2024-07-03
Thus the computed ideal release date for 2.8.11 would be 2024-08-28, which was
one week ago.
Last release 2.6.18 was issued on 2024-06-18. There are currently 20
patches in the queue cut down this way:
- 8 MEDIUM, first one merged on 2024-06-19
- 12 MINOR, first one merged on 2024-07-03
Thus the computed ideal release date for 2.6.19 would be 2024-09-17, which is
in one week or less.
The current list of patches in the queue is:
- 3.0 - MEDIUM : quic: always validate sender address
on 0-RTT
- 2.8, 2.9, 3.0 - MEDIUM : mux-pt/mux-h1: Release the pipe on
connection error on sending path
- 3.0 - MEDIUM : ssl: reactivate 0-RTT for AWS-LC
- 2.6, 2.8 - MEDIUM : h3: ensure the ":scheme" pseudo header
is totally valid
- 2.8 - MEDIUM : ssl_sock: fix deadlock in
ssl_sock_load_ocsp() on error path
- 2.8, 2.9, 3.0 - MEDIUM : stconn: Report error on SC on send if
a previous SE error was set
- 2.6, 2.8 - MEDIUM : init: fix fd_hard_limit default in
compute_ideal_maxconn
- 3.0 - MEDIUM : peer: Notify the applet won't consume
data when it waits for sync
- 2.8, 2.9, 3.0 - MEDIUM : clock: also update the date offset on
time jumps
- 2.8 - MEDIUM : stream: Prevent mux upgrades if client
connection is no longer ready
- 2.8, 2.9, 3.0 - MEDIUM : quic: prevent conn freeze on 0RTT
undeciphered content
- 2.6, 2.8 - MEDIUM : queue: deal with a rare TOCTOU in
assign_server_and_queue()
- 2.8 - MEDIUM : mux-h1: Properly handle empty message
when an error is triggered
- 2.8 - MEDIUM : quic: fix race-condition in
quic_get_cid_tid()
- 2.6, 2.8 - MEDIUM : spoe: Be sure to create a SPOE applet
if none on the current thread
- 2.8 - MEDIUM : bwlim: Be sure to never set the
analyze expiration date in past
- 2.8, 2.9, 3.0 - MEDIUM : mux-h2: Propagate term flags to SE on
error in h2s_wake_one_stream
- 2.8 - MEDIUM : debug/cli: fix "show threads" crashing
with low thread counts
- 2.6 - MEDIUM : cli: fix cli_output_msg() regression
- 2.6, 2.8 - MEDIUM : jwt: Clear SSL error queue on error
when checking the signature
- 2.6, 2.8 - MEDIUM : h3: ensure the ":method" pseudo header
is totally valid
- 2.9, 3.0 - MEDIUM : server/addr: fix
tune.events.max-events-at-once event miss and leak
- 2.8 - MEDIUM : quic: fix possible exit from
qc_check_dcid() without unlocking
- 2.8, 2.9, 3.0 - MEDIUM : h2: Only report early HTX EOM for
tunneled streams
- 2.8 - MEDIUM : cli: Always release back endpoint
between two commands on the mcli
- 2.8, 2.9, 3.0 - MEDIUM : mworker/cli: fix pipelined modes on
master CLI
- 3.0 - MEDIUM : ssl: 0-RTT initialized at the wrong
place for AWS-LC
- 2.6, 2.8 - MEDIUM : h1: Reject empty Transfer-encoding
header
- 2.8, 2.9, 3.0 - MEDIUM : trace: fix null deref in lockon
mechanism since TRACE_ENABLED()
- 2.8, 2.9, 3.0 - MEDIUM : http-ana: Report error on write error
waiting for the response
- 2.9, 3.0 - MINOR : pattern: pat_ref_set: return 0 if err
was found
- 3.0 - MINOR : quic: Crash from trace dumping SSL
eary data status (AWS-LC)
- 2.8, 2.9, 3.0 - MINOR : trace/quic: permit to lock on
frontend/connect/session etc
- 2.8, 2.9, 3.0 - MINOR : proto_tcp: keep error msg if listen()
fails
- 2.6, 2.8 - MINOR : h1: Reject empty coding name as last
transfer-encoding value
- 2.6, 2.8 - MINOR : h1: Fail to parse empty transfer
coding names
- 2.6, 2.8 - MINOR : stick-table: fix crash for
src_inc_gpc() without stkcounter
- 2.8 - MINOR : session: Eval L4/L5 rules defined in
the default section
- 2.6, 2.8 - MINOR : quic: fix computed length of emitted
STREAM frames
- 2.9, 3.0 - MINOR : stconn: bs.id and fs.id had their
dependencies incorrect
- 2.8, 2.9, 3.0 - MINOR : mux-quic: do not send too big
MAX_STREAMS ID
- 2.8 - MINOR : stconn: Request to send something to
be woken up when the pipe is full
- 2.8, 2.9, 3.0 - MINOR : proto_tcp: delete fd from fdtab if
listen() fails
- 2.9, 3.0 - MINOR : pattern: pat_ref_set: fix UAF reported
by coverity
- 2.8 - MINOR : proxy: fix header_unique_id leak on
deinit()
- 2.8 - MINOR : proxy: fix dyncookie_key leak on
deinit()
- 2.6, 2.8 - MINOR : quic: Lack of precision when computing
K (cubic only cc)
- 2.6, 2.8 - MINOR : jwt: don't try to load files with HMAC
algorithm
- 3.0 - MINOR : quic: Missing incrementation in
NEW_TOKEN frame builder
- 2.9, 3.0 - MINOR : cfgparse-global: remove
tune.fast-forward from common_kw_list
- 2.6, 2.8 - MINOR : quic: fix BUG_ON() on Tx pkt alloc
failure
- 2.8, 2.9, 3.0 - MINOR : fcgi-app: handle a possible strdup()
failure
- 2.6, 2.8 - MINOR : server: Don't warn fallback IP is used
during init-addr resolution
- 2.6, 2.8 - MINOR : cli: Atomically inc the global request
counter between CLI commands
- 2.8 - MINOR : proxy: fix source interface and usesrc
leaks on deinit()
- 2.8, 2.9, 3.0 - MINOR : quic/trace: make
quic_conn_enc_level_init() emit NEW not CLOSE
- 2.8 - MINOR : proxy: fix log_tag leak on deinit()
- 2.8 - MINOR : h3: fix crash on STOP_SENDING receive
after GOAWAY emission
- 2.8, 2.9, 3.0 - MINOR : trace/quic: enable conn/session
pointer recovery from quic_conn
- 2.8 - MINOR : quic: fix race-condition on trace for
CID retrieval
- 2.6, 2.8 - MINOR : hlua: report proper context upon error
in hlua_cli_io_handler_fct()
- 2.6, 2.8 - MINOR : mux-quic: fix crash on qcs SD alloc
failure
- 2.8, 2.9, 3.0 - MINOR : trace/quic: make "qconn" selectable as
a lockon criterion
- 2.8, 2.9, 3.0 - MINOR : proto_uxst: delete fd from fdtab if
listen() fails
- 2.8, 2.9, 3.0 - MINOR : trace: automatically start in waiting
mode with "start
- 2.8 - MINOR : quic: fix race condition in
qc_check_dcid()
- 2.8, 2.9, 3.0 - MINOR : h3: properly reject too long header
responses
- 2.8 - MINOR : proxy: fix check_{command,path} leak
on deinit()
- 2.6, 2.8 - MINOR : jwt: fix variable initialisation
- 2.8 - MINOR : proxy: fix server_id_hdr_name leak on
deinit()
- 3.0 - MINOR : quic: Too short datagram during packet
building failures (aws-lc only)
--
The haproxy stable-bot is freely provided by HAProxy Technologies to help
improve the quality of each HAProxy release. If you have any issue with these
emails or if you want to suggest some improvements, please post them on the
list so that the solutions suiting the most users can be found.
