Hi,
This is a friendly bot that watches fixes pending for the next haproxy-stable
release! One such e-mail is sent periodically once patches are waiting in the
last maintenance branch, and an ideal release date is computed based on the
severity of these fixes and their merge date. Responses to this mail must be
sent to the mailing list.
Last release 3.3.10 was issued on 2026-05-11. There are currently 96
patches in the queue cut down this way:
- 36 MEDIUM, first one merged on 2026-05-13
- 60 MINOR, first one merged on 2026-05-21
Thus the computed ideal release date for 3.3.11 would be 2026-06-12, which was
three weeks ago.
Last release 3.2.19 was issued on 2026-05-11. There are currently 83
patches in the queue cut down this way:
- 31 MEDIUM, first one merged on 2026-05-11
- 52 MINOR, first one merged on 2026-05-21
Thus the computed ideal release date for 3.2.20 would be 2026-07-10, which is
in one week or less.
Last release 3.0.23 was issued on 2026-05-11. There are currently 67
patches in the queue cut down this way:
- 25 MEDIUM, first one merged on 2026-05-21
- 42 MINOR, first one merged on 2026-05-21
Thus the computed ideal release date for 3.0.24 would be 2026-08-13, which is
in six weeks or less.
The current list of patches in the queue is:
- 3.3 - MEDIUM : limits: properly account for
global.maxpipes in compute_ideal_maxconn()
- 3.0, 3.2, 3.3 - MEDIUM : quic: handle ECONNREFUSED on RX side
- 3.0, 3.2, 3.3 - MEDIUM : resolvers: Fix test on dn label size
in resolv_dn_label_to_str()
- 3.0, 3.2, 3.3 - MEDIUM : h1-htx: Sanitize parsing to properly
handle upgrade requests
- 3.3 - MEDIUM : regex: allocate a large enough pcre2
match for all matches
- 3.0, 3.2, 3.3 - MEDIUM : h3: reject client push stream
- 3.0, 3.2, 3.3 - MEDIUM : applet: Properly handle receives of
size 0
- 3.0, 3.2, 3.3 - MEDIUM : dns: fix long loops in additional
records parse on name failure
- 3.0, 3.2, 3.3 - MEDIUM : log-forward: make sure the month is
unsigned
- 3.0, 3.2, 3.3 - MEDIUM : dict: hold lock while decrementing
refcount in dict_entry_unref
- 3.0, 3.2, 3.3 - MEDIUM : cache: fix a refcount leak for missed
secondary entries
- 3.2, 3.3 - MEDIUM : cpu-topo: Enforce thread-hard-limit on
policy
- 3.3 - MEDIUM : servers: Don't forget to set srv_hash
when needed
- 3.0, 3.2, 3.3 - MEDIUM : applet: Fix transfer of HTX data to
the applet
- 3.0, 3.2, 3.3 - MEDIUM : dns: fix memory leak of sockaddr in
dns_session_init() error path
- 3.3 - MEDIUM : h3: fix MAX_PUSH_ID handling
- 3.3 - MEDIUM : http-client: Only consume input buffer
when hc one is empty
- 3.0, 3.2, 3.3 - MEDIUM : cache: always verify the primary hash
in get_secondary_entry()
- 3.2, 3.3 - MEDIUM : acme: protect against risk of
null-deref on connection failure
- 3.0, 3.2, 3.3 - MEDIUM : hlua: Fix integer underflow when
receiving line from lua cosocket
- 3.2, 3.3 - MEDIUM : quic: reset consecutive_losses on exit
from recovery period (cubic)
- 3.0, 3.2, 3.3 - MEDIUM : mux-h1: Dup connection/upgrade value
to parse it when making headers
- 3.2, 3.3 - MEDIUM : h1: drop headers whose names contain
invalid chars
- 3.0, 3.2, 3.3 - MEDIUM : resolvers: Wait a bit before calling
the xprt prepare_srv
- 3.0, 3.2, 3.3 - MEDIUM : mux-fcgi: reject stream ID 0 for
application records
- 3.0, 3.2 - MEDIUM : mux_quic: adjust qcc_is_dead() to
account detached streams
- 3.0, 3.2, 3.3 - MEDIUM : resolvers: fix name compression
pointer validation in resolv_read_name()
- 3.0, 3.2, 3.3 - MEDIUM : dict: hold read lock while
incrementing refcount in dict_insert
- 3.0, 3.2, 3.3 - MEDIUM : ssl-gencert: Unlock LRU cache if
failing to generate certificate
- 3.2, 3.3 - MEDIUM : tcpcheck/spoe: bound the SPOP error
code to valid values
- 3.0, 3.2, 3.3 - MEDIUM : server/cli: unlock server lock on
failure in cli_parse_set_server
- 3.0, 3.2, 3.3 - MEDIUM : auth: fix unconfigured password NULL
deref
- 3.2, 3.3 - MEDIUM : h1: limit status codes to 3 digits by
default
- 3.3 - MEDIUM : servers: Store the connection hash
with the parameter cache
- 3.0, 3.2, 3.3 - MEDIUM : dns: fix long loops in additional
records parse on name failure"
- 3.0, 3.2, 3.3 - MEDIUM : h1: Skip all h2c values from Upgrade
headers during parsing
- 3.0, 3.2, 3.3 - MEDIUM : quic: reset cwnd in slow_start on
persistent congestion (cubic)
- 3.2, 3.3 - MINOR : session/trace: use distinct flags for
SESS_EV_END and _ERR
- 3.0, 3.2, 3.3 - MINOR : resolvers: fix room for trailing zero
in resolv_dn_label_to_str()
- 3.2, 3.3 - MINOR : jws: Add missing return value check
(EVP_PKEY_get_bn_param)
- 3.0, 3.2, 3.3 - MINOR : http-fetch: check against the whole
token in get_http_auth()
- 3.3 - MINOR : h3: reject server push stream
- 3.0, 3.2, 3.3 - MINOR : log: look for the end of priority
before the end of the buffer
- 3.0, 3.2, 3.3 - MINOR : httpclient-cli: Destroy http-client
context if failing to start it
- 3.3 - MINOR : httpclient-cli: fix uninit variable in
error label
- 3.2, 3.3 - MINOR : server: Properly handle init-state
value during haproxy startup
- 3.0, 3.2, 3.3 - MINOR : mux-h2: Count padding for connection
flow control on error path
- 3.3 - MINOR : h3: reject server MAX_PUSH_ID frame
- 3.3 - MINOR : server: accept server IDs above 2^31
and clarify error message
- 3.0, 3.2, 3.3 - MINOR : sample: limit the be2hex converter's
chunk size
- 3.0, 3.2, 3.3 - MINOR : mux-h2: validate HEADERS frame length
before reading stream dep
- 3.3 - MINOR : mux_quic: do not exceed
stream.max-concurrent on backend side
- 3.0, 3.2, 3.3 - MINOR : check: properly report errno in
chk_report_conn_err()
- 3.0, 3.2, 3.3 - MINOR : init: use more than ha_random64() for
the cluster secret
- 3.0, 3.2, 3.3 - MINOR : cache: fix cache tree iteration
- 3.0, 3.2, 3.3 - MINOR : cache: Fix copy of value when parsing
maxage
- 3.0, 3.2, 3.3 - MINOR : qpack: fix potential null-pointer
dereference in qpack_dht_insert()
- 3.0, 3.2, 3.3 - MINOR : mux-fcgi: Use relative offset to
compute contig data in demux buf
- 3.0, 3.2, 3.3 - MINOR : http-ext: always check remaining data
when reading rfc7239 nodeport
- 3.0, 3.2, 3.3 - MINOR : quic: fix ack range node pool_free
call passing wrong pointer type
- 3.2, 3.3 - MINOR : jws: fix OpenSSL 3.0 version check
from > to >=
- 3.0, 3.2, 3.3 - MINOR : resolvers: switch to a better PRNG for
query IDs
- 3.2, 3.3 - MINOR : servers: use proper source of
pool_conn_name in srv_settings_cpy()
- 3.0, 3.2, 3.3 - MINOR : qpack: fix sign bit mask in
qpack_decode_fs_pfx()
- 3.0, 3.2, 3.3 - MINOR : dns: fix dangling dgram pointer on
dns_dgram_init() failure path
- 3.0, 3.2, 3.3 - MINOR : tcpcheck: Check LDAP response to not
read more data than available
- 3.0, 3.2, 3.3 - MINOR : resolvers: relax size checks in
authority record parsing
- 3.0, 3.2, 3.3 - MINOR : resolvers: report the expression error
in the do-resolve() action parser
- 3.0, 3.2, 3.3 - MINOR : resolvers: fix leaked dgram and
dns_ring struct in parse_resolve_conf()
- 3.0, 3.2, 3.3 - MINOR : ocsp: Manage date too far away in the
future
- 3.0, 3.2, 3.3 - MINOR : ssl-hello: make use of the
null-terminated servername
- 3.3 - MINOR : h3: add missing break on rcv_buf()
- 3.0, 3.2, 3.3 - MINOR : payload: fix the handshake length
bounds check smp_client_hello_parse()
- 3.2, 3.3 - MINOR : mux-spop: Use relative offset to
compute contig data in demux buf
- 3.0, 3.2, 3.3 - MINOR : h3: reject client CANCEL_PUSH frame
- 3.0, 3.2, 3.3 - MINOR : backend: fix balance hash calculation
when using hash-type none
- 3.0, 3.2, 3.3 - MINOR : tcpchecks: Limit parsing of
agent-check reply to the buffer
- 3.0, 3.2, 3.3 - MINOR : resolvers: fix risk of appending
garbage past the domain name
- 3.0, 3.2, 3.3 - MINOR : jwt: fix possible memory leak in
convert_ecdsa_sig() error path
- 3.2, 3.3 - MINOR : cache: also recognize directives in
the form "token="
- 3.0, 3.2, 3.3 - MINOR : quic: fix ODCID lookup from derived
value
- 3.0, 3.2, 3.3 - MINOR : addons/51d: NUL-terminate headers
before passing them to Trie API
- 3.0, 3.2, 3.3 - MINOR : qpack: Fix index calculation in debug
functions
- 3.2, 3.3 - MINOR : quic: update drs->lost before calling
on_ack_recv
- 3.0, 3.2, 3.3 - MINOR : ssl-gencert: validate SNI characters
to prevent SAN certificate injection
- 3.0, 3.2, 3.3 - MINOR : qpack: fix huff_dec() error handling
in qpack_decode_fs()
- 3.2, 3.3 - MINOR : resolvers: fix dangling list pointer
in resolvers_new() error paths
- 3.0, 3.2, 3.3 - MINOR : h1: Don't mask websocket protocol if
multiple protocols used
- 3.0, 3.2, 3.3 - MINOR : backend: correct parameter value
validation in get_server_ph_post()
- 3.3 - MINOR : mux_quic: open an idle QCS on reset on
BE side
- 3.0, 3.2, 3.3 - MINOR : base64: return empty string for empty
input in base64dec()
- 3.3 - MINOR : h3: adjust error on PUSH_PROMISE frame
reception
- 3.2, 3.3 - MINOR : threads: set at least grp_max when
mtpg is too small
- 3.0, 3.2, 3.3 - MINOR : hlua: prevent Lua from passing
CR/LF/NUL in HTTP headers
- 3.0, 3.2, 3.3 - MINOR : quic: reject packet too short for HP
decryption
- 3.0, 3.2, 3.3 - MINOR : config/dns: properly fail on duplicate
nameserver name detection
- 3.0, 3.2, 3.3 - MINOR : dict: fix refcount race on insert
collision
--
The haproxy stable-bot is freely provided by HAProxy Technologies to help
improve the quality of each HAProxy release. If you have any issue with these
emails or if you want to suggest some improvements, please post them on the
list so that the solutions suiting the most users can be found.