commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-11-10 13:39:10
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.11331 (New)
Package is "haproxy"
Tue Nov 10 13:39:10 2020 rev:94 rq:846512 version:2.3.0+git4.689d98154
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-11-03
15:15:57.344004825 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new.11331/haproxy.changes
2020-11-10 13:40:10.888386702 +0100
@@ -1,0 +2,103 @@
+Fri Nov 06 16:14:26 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.3.0+git4.689d98154:
+ * BUG/MEDIUM: ssl/crt-list: correctly insert crt-list line if crt already
loaded
+
+---
+Fri Nov 06 13:10:28 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.3.0+git3.7a50763d1:
+ * DOC: config: Fix a typo on ssl_c_chain_der
+ * MINOR: http-htx: Add understandable errors for the errorfiles parsing
+ * BUG/MINOR: ssl: don't report 1024 bits DH param load error when it's higher
+
+---
+Thu Nov 5 18:56:00 UTC 2020 - Marcus Rueckert
+
+- apparmor: do not limit to tcp sockets. haproxy can do udp as
+ well.
+
+---
+Thu Nov 05 16:43:01 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.3.0+git0.1c0a722a8:
+ https://www.haproxy.com/blog/announcing-haproxy-2-3/
+
+ for all the details see
+ /usr/share/doc/packages/haproxy/CHANGELOG
+
+---
+Thu Nov 05 14:49:02 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.2.5+git0.34b2b1066:
+ * [RELEASE] Released version 2.2.5
+ * BUG/MEDIUM: server: make it possible to kill last idle connections
+ * CLEANUP: mux-h2: Remove the h1 parser state from the h2 stream
+ * BUG/MEDIUM: stick-table: limit the time spent purging old entries
+ * BUG/MINOR: filters: Skip disabled proxies during startup only
+ * BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade
+ * MINOR: server: Copy configuration file and line for server templates
+ * BUG/MINOR: server: Set server without addr but with dns in RMAINT on
startup
+ * BUG/MINOR: checks: Report a socket error before any connection attempt
+ * BUG/MINOR: proxy/server: Skip per-proxy/server post-check for disabled
proxies
+ * BUG/MEDIUM: filters: Don't try to init filters for disabled proxies
+ * BUG/MINOR: cache: Inverted variables in http_calc_maxage function
+ * BUG/MINOR: cache: Manage multiple values in cache-control header value
+ * MINOR: ist: Add a case insensitive istmatch function
+ * BUG/MINOR: lua: initialize sample before using it
+ * BUG/MINOR: server: fix down_time report for stats
+ * BUG/MINOR: server: fix srv downtime calcul on starting
+ * BUG/MINOR: log: fix risk of null deref on error path
+ * BUG/MINOR: log: fix memory leak on logsrv parse error
+ * BUG/MINOR: extcheck: add missing checks on extchk_setenv()
+ * BUG/MEDIUM: ssl: OCSP must work with BoringSSL
+ * Revert "MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate
extension"
+ * BUG/MAJOR: mux-h2: Don't try to send data if we know it is no longer
possible
+ * BUG/MINOR: http-ana: Don't send payload for internal responses to HEAD
requests
+ * BUG/MEDIUM: server: support changing the slowstart value from state-file
+ * BUG/MINOR: queue: properly report redistributed connections
+ * MINOR: ssl: 'ssl-load-extra-del-ext' removes the certificate extension
+ * BUILD: ssl: make BoringSSL use its own version numbers
+ * BUG/MINOR: disable dynamic OCSP load with BoringSSL
+ * BUG/MINOR: peers: Possible unexpected peer seesion reset after collisions.
+ * DOC: fix typo in MAX_SESS_STKCTR
+ * BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn
+ * BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad
messages
+ * BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided
+ * BUG/MEDIUM: task: bound the number of tasks picked from the wait queue at
once
+ * BUG/MINOR: connection: fix loop iter on connection takeover
+ * MINOR: fd: report an error message when failing initial allocations
+ * BUG/MINOR: mux-h2: do not stop outgoing connections on stopping
+ * BUG/MINOR: init: only keep rlim_fd_cur if max is unlimited
+ * BUILD: connection: fix build on clang after the VAR_ARRAY cleanup
+ * CLEANUP: tree-wide: use VAR_ARRAY instead of [0] in various definitions
+ * BUG/MINOR: http-htx: Expect no body for 204/304 internal HTTP responses
+ * BUG/MINOR: http: Fix content-length of the default 500 error
+ * DOC: Fix typos in configuration.txt
+ * BUG/MEDIUM: mux-h2: Don't handle pending read0
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-11-03 15:15:45
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.3463 (New)
Package is "haproxy"
Tue Nov 3 15:15:45 2020 rev:93 rq:845120 version:2.2.4+git0.de456726d
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-10-08
13:09:00.110999563 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.3463/haproxy.changes
2020-11-03 15:15:57.344004825 +0100
@@ -1,0 +2,10 @@
+Sat Oct 24 01:18:29 UTC 2020 - Marcus Rueckert
+
+- apparmor profile fixes:
+ - include abstractions that give access to the openssl config,
+ssl certs and ssl keys
+ - include local configs only with "if exists" so they do not have
+to exist.
+- move local files to %ghost
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.VVbcj8/_old 2020-11-03 15:15:58.476005915 +0100
+++ /var/tmp/diff_new_pack.VVbcj8/_new 2020-11-03 15:15:58.476005915 +0100
@@ -203,6 +203,7 @@
install -D -m 0644 doc/%{pkg_name}.1
%{buildroot}%{_mandir}/man1/%{pkg_name}.1
%if %{with apparmor}
install -D -m 0644 %{S:2}
%{buildroot}/etc/apparmor.d/usr.sbin.haproxy
+install -D -m 0644 %{S:3}
%{buildroot}/etc/apparmor.d/local/haproxy
install -D -m 0644 %{S:3}
%{buildroot}/etc/apparmor.d/local/usr.sbin.haproxy
%endif
@@ -282,7 +283,8 @@
%dir /etc/apparmor.d/local/
%endif
%config(noreplace) /etc/apparmor.d/usr.sbin.haproxy
-%config(noreplace) /etc/apparmor.d/local/usr.sbin.haproxy
+%config(noreplace) %ghost /etc/apparmor.d/local/haproxy
+%config(noreplace) %ghost /etc/apparmor.d/local/usr.sbin.haproxy
%endif
%changelog
++ usr.sbin.haproxy.apparmor ++
--- /var/tmp/diff_new_pack.VVbcj8/_old 2020-11-03 15:15:58.632006065 +0100
+++ /var/tmp/diff_new_pack.VVbcj8/_new 2020-11-03 15:15:58.632006065 +0100
@@ -2,6 +2,9 @@
profile haproxy /usr/sbin/haproxy {
#include
+ #include
+ #include
+ #include
#include
capability net_bind_service,
capability setgid,
@@ -29,5 +32,6 @@
/{,var/}run/haproxy-master.sock* rwlk,
# Site-specific additions and overrides. See local/README for details.
- #include
+ #include if exists
+ #include if exists
}
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-10-08 13:07:38
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.4249 (New)
Package is "haproxy"
Thu Oct 8 13:07:38 2020 rev:92 rq:839173 version:2.2.4+git0.de456726d
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-09-14
12:00:42.979464795 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.4249/haproxy.changes
2020-10-08 13:09:00.110999563 +0200
@@ -1,0 +2,36 @@
+Fri Oct 2 14:38:51 UTC 2020 - Marcus Rueckert
+
+- use parallel build
+
+---
+Fri Oct 02 14:37:00 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.2.4+git0.de456726d:
+ * [RELEASE] Released version 2.2.4
+ * REGTEST: make map_regm_with_backref require 1.7
+ * REGTEST: make abns_socket.vtc require 1.8
+ * REGTEST: make agent-check.vtc require 1.8
+ * REGTEST: fix host part in balance-uri-path-only.vtc
+ * BUG/MINOR: ssl/crt-list: exit on warning out of crtlist_parse_line()
+ * DOC: agent-check: fix typo in "fail" word expected reply
+ * REGTESTS: use "command" instead of "which" for better POSIX compatibility
+ * BUILD: trace: include tools.h
+ * BUG/MEDIUM: listeners: do not pause foreign listeners
+ * REGTESTS: add a few load balancing tests
+ * MINOR: backend: add a new "path-only" option to "balance uri"
+ * MINOR: backend: make the "whole" option of balance uri take only one bit
+ * MINOR: h2/trace: also display the remaining frame length in traces
+ * BUG/MINOR: Fix memory leaks cfg_parse_peers
+ * BUG/MEDIUM: h2: report frame bits only for handled types
+ * BUG/MINOR: config: Fix memory leak on config parse listen
+ * BUG/MINOR: http-fetch: Don't set the sample type during the htx prefetch
+ * BUG/MINOR: h2/trace: do not display "stream error" after a frame ACK
+ * BUG/MINOR: ssl/crt-list: crt-list could end without a \n
+ * BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly.
+ * BUG/MINOR: server: report correct error message for invalid port on
"socks4"
+ * BUG/MINOR: ssl: verifyhost is case sensitive
+ * BUG/MINOR: Fix type passed of sizeof() for calloc()
+ * BUG/MEDIUM: pattern: Renew the pattern expression revision when it is
pruned
+ * BUILD: threads: better workaround for late loading of libgcc_s
+
+---
Old:
haproxy-2.2.3+git0.0e58a340d.tar.gz
New:
haproxy-2.2.4+git0.de456726d.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.4uFzt7/_old 2020-10-08 13:09:01.903001186 +0200
+++ /var/tmp/diff_new_pack.4uFzt7/_new 2020-10-08 13:09:01.907001189 +0200
@@ -53,7 +53,7 @@
%endif
Name: haproxy
-Version:2.2.3+git0.0e58a340d
+Version:2.2.4+git0.de456726d
Release:0
#
#
@@ -138,7 +138,7 @@
%patch3 -p1
%build
-make \
+make %{?_smp_mflags} \
TARGET=linux-glibc \
CPU="%{_target_cpu}" \
USE_PCRE=1 \
++ _service ++
--- /var/tmp/diff_new_pack.4uFzt7/_old 2020-10-08 13:09:01.943001222 +0200
+++ /var/tmp/diff_new_pack.4uFzt7/_new 2020-10-08 13:09:01.943001222 +0200
@@ -6,7 +6,7 @@
@PARENT_TAG@+git@TAG_OFFSET@.%h
v(.*)
\1
-v2.2.3
+v2.2.4
enable
++ _servicedata ++
--- /var/tmp/diff_new_pack.4uFzt7/_old 2020-10-08 13:09:01.971001247 +0200
+++ /var/tmp/diff_new_pack.4uFzt7/_new 2020-10-08 13:09:01.971001247 +0200
@@ -5,4 +5,4 @@
http://git.haproxy.org/git/haproxy-2.2.git
- 0e58a340da6ba142338cd6941ca87187b993e85e
\ No newline at end of file
+ de456726db6a9e71c1d917c6214b468d62fe8285
\ No newline at end of file
++ haproxy-2.2.3+git0.0e58a340d.tar.gz ->
haproxy-2.2.4+git0.de456726d.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-2.2.3+git0.0e58a340d/CHANGELOG
new/haproxy-2.2.4+git0.de456726d/CHANGELOG
--- old/haproxy-2.2.3+git0.0e58a340d/CHANGELOG 2020-09-08 15:56:30.0
+0200
+++ new/haproxy-2.2.4+git0.de456726d/CHANGELOG 2020-09-30 06:50:05.0
+0200
@@ -1,6 +1,33 @@
ChangeLog :
===
+2020/09/30 : 2.2.4
+- BUILD: threads: better workaround for late loading of libgcc_s
+- BUG/MEDIUM: pattern: Renew the pattern expression revision when it is
pruned
+- BUG/MINOR: Fix type passed of sizeof() for calloc()
+- BUG/MINOR: ssl: verifyhost is case sensitive
+- BUG/MINOR: server: report correct error message for invalid port on
"socks4"
+- BUG/MEDIUM: ssl: Don't call ssl_sock_io_cb() directly.
+- BUG/MINOR: ssl/crt-list: crt-list
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-09-14 12:00:33 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.4249 (New) Package is "haproxy" Mon Sep 14 12:00:33 2020 rev:91 rq:833032 version:2.2.3+git0.0e58a340d Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-08-03 14:12:32.676328127 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.4249/haproxy.changes 2020-09-14 12:00:42.979464795 +0200 @@ -1,0 +2,66 @@ +Tue Sep 08 15:02:38 UTC 2020 - mrueck...@suse.de + +- Update to version 2.2.3+git0.0e58a340d: + * [RELEASE] Released version 2.2.3 + * BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections + * BUG/MINOR: auth: report valid crypto(3) support depending on build options + * DOC: ssl-load-extra-files only applies to certificates on bind lines + * MINOR: server: Improve log message sent when server address is updated + * BUG/MEDIUM: dns: Be sure to renew IP address for already known servers + * BUG/MEDIUM: dns: Don't store additional records in a linked-list + * CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response() + * CLEANUP: Update .gitignore + * MINOR: Commit .gitattributes + * BUILD: thread: limit the libgcc_s workaround to glibc only + * BUG/MINOR: threads: work around a libgcc_s issue with chrooting + * BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate + * MINOR: arg: Use chunk_destroy() to release string arguments + * BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp() + * REGTEST: Add a test for request path manipulations, with and without the QS + * MINOR: http-fetch: Add pathq sample fetch + * MINOR: http-rules: Add set-pathq and replace-pathq actions + * BUG/MEDIUM: doc: Fix replace-path action description + * Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action" + * BUG/MINOR: startup: haproxy -s cause 100% cpu + * BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address + * BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure + * BUG/MINOR: contrib/spoa-server: Do not free reference to NULL + * BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed + * BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak + * BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1 + * BUILD: tools: include auxv a bit later + * MINOR: cache: Reject duplicate cache names + * DOC: cache: Use '' instead of '' in error message + * BUG/MEDIUM: ssl: crt-list negative filters don't work + * BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action + * MINOR: http-htx: Add an option to eval query-string when the path is replaced + * BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers + * BUG/MINOR: reload: do not fail when no socket is sent + * BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards + * BUG/MEDIUM: ssl: never generates the chain from the verify store + * BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction + * BUG/MINOR: stats: use strncmp() instead of memcmp() on health states + * BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2 + * BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option + * BUG/MINOR: snapshots: leak of snapshots on deinit() + * MEDIUM: lua: Don't filter exported fetches and converters + * BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array + * MINOR: hlua: Don't needlessly copy lua strings in trash during args validation + * BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation + * BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation + * BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters + * BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created + * BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter + * MINOR: arg: Add an argument type to keep a reference on opaque data + * BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime + * BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free() + * BUG/MINOR: ssl: fix memory leak at OCSP loading + * DOC: spoa-server: fix false friends `actually` + * BUG/MINOR: spoa-server: fix size_t format printing + * BUG/MAJOR: dns: disabled servers through SRV records never recover + * CLEANUP: dns: typo in reported error message + * BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send + * SCRIPTS: git-show-backports: emit the shell command to backport a commit + * SCRIPTS: git-show-backports: make -m most only show
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-08-03 14:12:25 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3592 (New) Package is "haproxy" Mon Aug 3 14:12:25 2020 rev:90 rq:823717 version:2.2.2+git0.b8a2763d5 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-07-26 16:17:30.532705313 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3592/haproxy.changes 2020-08-03 14:12:32.676328127 +0200 @@ -1,0 +2,22 @@ +Fri Jul 31 10:56:54 UTC 2020 - mrueck...@suse.de + +- Update to version 2.2.2+git0.b8a2763d5: + * [RELEASE] Released version 2.2.2 + * BUG/MEDIUM: tcp-checks: always attach the transport before installing the mux + * BUG/MEDIUM: backend: always attach the transport before installing the mux + * SCRIPTS: announce-release: add the link to the wiki in the announce messages + * MINOR: stream-int: Be sure to have a mux to do sends and receives + * MINOR: connection: Preinstall the mux for non-ssl connect + * BUG/MEDIUM: connection: Be sure to always install a mux for sync connect + * BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields + * BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort + * BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation + * BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation + * MEDIUM: lua: Add support for the Lua 5.4 + * BUG/MAJOR: dns: don't treat Authority records as an error + * BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status + * BUG/MINOR: debug: Don't dump the lua stack if it is not initialized + * BUILD: tools: fix build with static only toolchains + * BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore + +--- Old: haproxy-2.2.1+git0.0ef71a557.tar.gz New: haproxy-2.2.2+git0.b8a2763d5.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.LDIKTz/_old 2020-08-03 14:12:33.728329182 +0200 +++ /var/tmp/diff_new_pack.LDIKTz/_new 2020-08-03 14:12:33.732329186 +0200 @@ -53,7 +53,7 @@ %endif Name: haproxy -Version:2.2.1+git0.0ef71a557 +Version:2.2.2+git0.b8a2763d5 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.LDIKTz/_old 2020-08-03 14:12:33.768329222 +0200 +++ /var/tmp/diff_new_pack.LDIKTz/_new 2020-08-03 14:12:33.768329222 +0200 @@ -6,7 +6,7 @@ @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -v2.2.1 +v2.2.2 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.LDIKTz/_old 2020-08-03 14:12:33.788329242 +0200 +++ /var/tmp/diff_new_pack.LDIKTz/_new 2020-08-03 14:12:33.788329242 +0200 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-2.2.git - 0ef71a55769353c996166a747b77e0d311867639 \ No newline at end of file + b8a2763d59c412207c4838579abd594a9a110a7d \ No newline at end of file ++ haproxy-2.2.1+git0.0ef71a557.tar.gz -> haproxy-2.2.2+git0.b8a2763d5.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.1+git0.0ef71a557/CHANGELOG new/haproxy-2.2.2+git0.b8a2763d5/CHANGELOG --- old/haproxy-2.2.1+git0.0ef71a557/CHANGELOG 2020-07-23 09:04:24.0 +0200 +++ new/haproxy-2.2.2+git0.b8a2763d5/CHANGELOG 2020-07-31 11:54:32.0 +0200 @@ -1,6 +1,24 @@ ChangeLog : === +2020/07/31 : 2.2.2 +- BUG/MINOR: mux-fcgi: Don't url-decode the QUERY_STRING parameter anymore +- BUILD: tools: fix build with static only toolchains +- BUG/MINOR: debug: Don't dump the lua stack if it is not initialized +- BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status +- BUG/MAJOR: dns: don't treat Authority records as an error +- MEDIUM: lua: Add support for the Lua 5.4 +- BUG/MEDIUM: dns: Don't yield in do-resolve action on a final evaluation +- BUG/MINOR: lua: Abort execution of actions that yield on a final evaluation +- BUG/MINOR: tcp-rules: Preserve the right filter analyser on content eval abort +- BUG/MINOR: tcp-rules: Set the inspect-delay when a tcp-response action yields +- BUG/MEDIUM: connection: Be sure to always install a mux for sync connect +- MINOR: connection: Preinstall the mux for non-ssl connect +- MINOR: stream-int: Be sure to have a mux to do sends and receives +- SCRIPTS: announce-release: add the link to the wiki in the announce messages +- BUG/MEDIUM: backend: always attach the transport before installing the mux +-
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-07-26 16:16:06 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3592 (New) Package is "haproxy" Sun Jul 26 16:16:06 2020 rev:89 rq:822445 version:2.2.1+git0.0ef71a557 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-07-15 11:28:38.881812048 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3592/haproxy.changes 2020-07-26 16:17:30.532705313 +0200 @@ -1,0 +2,35 @@ +Thu Jul 23 15:00:50 UTC 2020 - mrueck...@suse.de + +- Update to version 2.2.1+git0.0ef71a557: + * [RELEASE] Released version 2.2.1 + * BUG/MEDIUM: http-ana: Only set CF_EXPECT_MORE flag on data filtering + * BUG/MEDIUM: stream-int: Don't set MSG_MORE flag if no more data are expected + * BUG/MINOR: htx: add two missing HTX_FL_EOI and remove an unexpected one + * MEDIUM: htx: Add a flag on a HTX message when no more data are expected + * BUG/MEDIUM: dns: Release answer items when a DNS resolution is freed + * BUG/MAJOR: dns: Make the do-resolve action thread-safe + * BUG/MAJOR: tasks: don't requeue global tasks into the local queue + * BUG/MEDIUM: resolve: fix init resolving for ring and peers section. + * BUG/MEDIUM: arg: empty args list must be dropped + * DOC: ssl: req_ssl_sni needs implicit TLS + * BUILD: config: fix again bugs gcc warnings on calloc + * BUG/MAJOR: tasks: make sure to always lock the shared wait queue if needed + * BUILD: config: address build warning on raspbian+rpi4 + * BUG/MEDIUM: channel: Be aware of SHUTW_NOW flag when output data are peeked + * BUG/MEDIUM: server: fix possibly uninitialized state file on close + * BUG/MEDIUM: server: resolve state file handle leak on reload + * BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers + * BUG/MEDIUM: log: issue mixing sampled to not sampled log servers. + * BUG/MINOR: mux-fcgi: Set flags on the right stream field for empty FCGI_STDOUT + * BUG/MINOR: mux-fcgi: Set conn state to RECORD_P when skipping the record padding + * BUG/MINOR: mux-fcgi: Handle empty STDERR record + * BUG/MEDIUM: mux-h1: Continue to process request when switching in tunnel mode + * BUG/MEDIUM: mux-fcgi: Don't add private connections in available connection list + * BUG/MEDIUM: mux-h2: Don't add private connections in available connection list + * CONTRIB: da: fix memory leak in dummy function da_atlas_open() + * BUG/MEDIUM: lists: add missing store barrier in MT_LIST_ADD/MT_LIST_ADDQ + * BUG/MEDIUM: lists: add missing store barrier on MT_LIST_BEHEAD() + * BUG/MINOR: sample: Free str.area in smp_check_const_meth + * BUG/MINOR: sample: Free str.area in smp_check_const_bool + +--- Old: haproxy-2.2.0+git0.3a00c915f.tar.gz New: haproxy-2.2.1+git0.0ef71a557.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.SVMLhA/_old 2020-07-26 16:17:31.648706357 +0200 +++ /var/tmp/diff_new_pack.SVMLhA/_new 2020-07-26 16:17:31.648706357 +0200 @@ -53,7 +53,7 @@ %endif Name: haproxy -Version:2.2.0+git0.3a00c915f +Version:2.2.1+git0.0ef71a557 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.SVMLhA/_old 2020-07-26 16:17:31.684706391 +0200 +++ /var/tmp/diff_new_pack.SVMLhA/_new 2020-07-26 16:17:31.684706391 +0200 @@ -6,7 +6,7 @@ @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -v2.2.0 +v2.2.1 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.SVMLhA/_old 2020-07-26 16:17:31.704706410 +0200 +++ /var/tmp/diff_new_pack.SVMLhA/_new 2020-07-26 16:17:31.704706410 +0200 @@ -1,8 +1,8 @@ http://git.haproxy.org/git/haproxy-2.1.git -v2.1.7 +v2.2.0 http://git.haproxy.org/git/haproxy-2.2.git - 3a00c915fd241fc398a080a11ccac9c5c46791ce \ No newline at end of file + 0ef71a55769353c996166a747b77e0d311867639 \ No newline at end of file ++ haproxy-2.2.0+git0.3a00c915f.tar.gz -> haproxy-2.2.1+git0.0ef71a557.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.2.0+git0.3a00c915f/CHANGELOG new/haproxy-2.2.1+git0.0ef71a557/CHANGELOG --- old/haproxy-2.2.0+git0.3a00c915f/CHANGELOG 2020-07-07 16:33:14.0 +0200 +++ new/haproxy-2.2.1+git0.0ef71a557/CHANGELOG 2020-07-23 09:04:24.0 +0200 @@ -1,6 +1,37 @@ ChangeLog : === +2020/07/23 : 2.2.1 +- BUG/MINOR: sample: Free str.area in smp_check_const_bool +- BUG/MINOR: sample: Free str.area in smp_check_const_meth +- BUG/MEDIUM: lists: add missing
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-07-15 11:24:59 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3060 (New) Package is "haproxy" Wed Jul 15 11:24:59 2020 rev:88 rq:819260 version:2.2.0+git0.3a00c915f Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-06-11 09:58:23.321941822 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3060/haproxy.changes 2020-07-15 11:28:38.881812048 +0200 @@ -1,0 +2,21 @@ +Tue Jul 07 15:13:34 UTC 2020 - mrueck...@suse.de + +- Update to version 2.2.0+git0.3a00c915f: + https://www.haproxy.com/blog/announcing-haproxy-2-2/ + + * [RELEASE] Released version 2.2.0 + * MINOR: version: mention that it's an LTS release now + * DOC: minor update to coding style file + * DOC: update INSTALL with new compiler versions + * CLEANUP: ssl: remove unrelevant comment in smp_fetch_ssl_x_keylog() + * DOC: configuration: remove obsolete mentions of H2 being converted to HTTP/1.x + * BUG/MINOR: connection: See new connection as available only on reuse always + * BUG/MEDIUM: connection: Don't consider new private connections as available + * BUG/MINOR: backend: Remove CO_FL_SESS_IDLE if a client remains on the last server + * MINOR: mux-h1: Improve traces about the splicing +- refreshed patches to apply cleanly again: + haproxy-1.6.0-makefile_lib.patch + haproxy-1.6.0-sec-options.patch +- track series file in source rpm + +--- Old: haproxy-2.1.7+git0.8bebf80fb.tar.gz New: haproxy-2.2.0+git0.3a00c915f.tar.gz series Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.CnDVib/_old 2020-07-15 11:28:53.781826794 +0200 +++ /var/tmp/diff_new_pack.CnDVib/_new 2020-07-15 11:28:53.785826798 +0200 @@ -53,7 +53,7 @@ %endif Name: haproxy -Version:2.1.7+git0.8bebf80fb +Version:2.2.0+git0.3a00c915f Release:0 # # @@ -102,6 +102,7 @@ Patch2: haproxy-1.6.0-makefile_lib.patch Patch3: haproxy-1.6.0-sec-options.patch # +Source98: series Source99: haproxy-rpmlintrc # Summary:The Reliable, High Performance TCP/HTTP Load Balancer ++ _service ++ --- /var/tmp/diff_new_pack.CnDVib/_old 2020-07-15 11:28:53.817826830 +0200 +++ /var/tmp/diff_new_pack.CnDVib/_new 2020-07-15 11:28:53.821826834 +0200 @@ -1,12 +1,12 @@ -http://git.haproxy.org/git/haproxy-2.1.git +http://git.haproxy.org/git/haproxy-2.2.git git haproxy @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -v2.1.7 +v2.2.0 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.CnDVib/_old 2020-07-15 11:28:53.853826865 +0200 +++ /var/tmp/diff_new_pack.CnDVib/_new 2020-07-15 11:28:53.853826865 +0200 @@ -1,6 +1,8 @@ http://git.haproxy.org/git/haproxy-2.1.git -8bebf80fb5550f5b32e0bec83d1b819b1bf482d6 +v2.1.7 - \ No newline at end of file + +http://git.haproxy.org/git/haproxy-2.2.git + 3a00c915fd241fc398a080a11ccac9c5c46791ce \ No newline at end of file ++ haproxy-1.6.0-makefile_lib.patch ++ --- /var/tmp/diff_new_pack.CnDVib/_old 2020-07-15 11:28:53.869826881 +0200 +++ /var/tmp/diff_new_pack.CnDVib/_new 2020-07-15 11:28:53.869826881 +0200 @@ -1,8 +1,8 @@ -diff --git a/Makefile b/Makefile -index d62fead7..33fa6338 100644 a/Makefile -+++ b/Makefile -@@ -619,7 +619,7 @@ PCRE_CONFIG:= pcre-config +Index: haproxy-2.2/Makefile +=== +--- haproxy-2.2.orig/Makefile haproxy-2.2/Makefile +@@ -660,7 +660,7 @@ PCRE_CONFIG:= pcre-config PCREDIR := $(shell $(PCRE_CONFIG) --prefix 2>/dev/null || echo /usr/local) ifneq ($(PCREDIR),) PCRE_INC:= $(PCREDIR)/include @@ -11,7 +11,7 @@ endif ifeq ($(USE_STATIC_PCRE),) -@@ -638,7 +638,7 @@ PCRE2_CONFIG := pcre2-config +@@ -679,7 +679,7 @@ PCRE2_CONFIG := pcre2-config PCRE2DIR := $(shell $(PCRE2_CONFIG) --prefix 2>/dev/null || echo /usr/local) ifneq ($(PCRE2DIR),) PCRE2_INC := $(PCRE2DIR)/include ++ haproxy-1.6.0-sec-options.patch ++ --- /var/tmp/diff_new_pack.CnDVib/_old 2020-07-15 11:28:53.881826893 +0200 +++ /var/tmp/diff_new_pack.CnDVib/_new 2020-07-15 11:28:53.881826893 +0200 @@ -4,12 +4,12 @@ SUSE: Makefile sec options -diff --git a/Makefile b/Makefile -index 33fa6338..3777ad6d 100644 a/Makefile -+++ b/Makefile -@@ -675,6 +675,35 @@ endif - endif +Index: haproxy-2.2/Makefile +===
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-06-11 09:58:13 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3606 (New) Package is "haproxy" Thu Jun 11 09:58:13 2020 rev:87 rq:813045 version:2.1.7+git0.8bebf80fb Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-06-03 20:29:44.644666828 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3606/haproxy.changes 2020-06-11 09:58:23.321941822 +0200 @@ -1,0 +2,31 @@ +Tue Jun 09 20:27:50 UTC 2020 - mrueck...@suse.de + +- Update to version 2.1.7+git0.8bebf80fb: + * [RELEASE] Released version 2.1.7 + +--- +Mon Jun 08 22:04:10 UTC 2020 - mrueck...@suse.de + +- Update to version 2.1.6+git1.661c88907: + * BUG/MAJOR: http-htx: Don't forget to copy error messages from defaults sections + +--- +Mon Jun 08 21:58:40 UTC 2020 - mrueck...@suse.de + +- Update to version 2.1.6+git0.34db76106: + * [RELEASE] Released version 2.1.6 + * BUG/MINOR: mworker: fix a memleak when execvp() failed + * BUG/MINOR: ssl: fix a trash buffer leak in some error cases + * BUG/MEDIUM: mworker: fix the reload with an -- option + * BUG/MINOR: init: -S can have a parameter starting with a dash + * BUG/MINOR: init: -x can have a parameter starting with a dash + * BUG/MEDIUM: mworker: fix the copy of options in copy_argv() + * BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics + * BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations + * BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string + * BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action + * BUG/MINOR: peers: fix internal/network key type mapping. + * SCRIPTS: publish-release: pass -n to gzip to remove timestamp + * Revert "BUG/MEDIUM: connections: force connections cleanup on server changes" + +--- Old: haproxy-2.1.5+git0.36e14bd31.tar.gz New: haproxy-2.1.7+git0.8bebf80fb.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.125947620 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.129947633 +0200 @@ -53,7 +53,7 @@ %endif Name: haproxy -Version:2.1.5+git0.36e14bd31 +Version:2.1.7+git0.8bebf80fb Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.177947787 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.181947800 +0200 @@ -6,7 +6,7 @@ @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -v2.1.5 +v2.1.7 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.FohmY0/_old 2020-06-11 09:58:25.225947942 +0200 +++ /var/tmp/diff_new_pack.FohmY0/_new 2020-06-11 09:58:25.225947942 +0200 @@ -1,6 +1,6 @@ http://git.haproxy.org/git/haproxy-2.1.git -36e14bd3189a239a146994e924c0b2fd5f7b6b46 +8bebf80fb5550f5b32e0bec83d1b819b1bf482d6 \ No newline at end of file ++ haproxy-2.1.5+git0.36e14bd31.tar.gz -> haproxy-2.1.7+git0.8bebf80fb.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.1.5+git0.36e14bd31/CHANGELOG new/haproxy-2.1.7+git0.8bebf80fb/CHANGELOG --- old/haproxy-2.1.5+git0.36e14bd31/CHANGELOG 2020-05-29 13:17:23.0 +0200 +++ new/haproxy-2.1.7+git0.8bebf80fb/CHANGELOG 2020-06-09 08:44:30.0 +0200 @@ -1,6 +1,24 @@ ChangeLog : === +2020/06/09 : 2.1.7 +- BUG/MAJOR: http-htx: Don't forget to copy error messages from defaults sections + +2020/06/08 : 2.1.6 +- Revert "BUG/MEDIUM: connections: force connections cleanup on server changes" +- SCRIPTS: publish-release: pass -n to gzip to remove timestamp +- BUG/MINOR: peers: fix internal/network key type mapping. +- BUG/MEDIUM: lua: Reset analyse expiration timeout before executing a lua action +- BUG/MEDIUM: http-htx: Duplicate error messages as raw data instead of string +- BUG/MEDIUM: hlua: Lock pattern references to perform set/add/del operations +- BUG/MEDIUM: contrib/prometheus-exporter: Properly set flags to dump metrics +- BUG/MEDIUM: mworker: fix the copy of options in copy_argv() +- BUG/MINOR: init: -x can have a parameter starting with a dash +- BUG/MINOR: init: -S can have a parameter starting with a dash +- BUG/MEDIUM: mworker: fix the reload with an -- option +- BUG/MINOR: ssl: fix a trash buffer leak
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-06-03 20:29:36
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.3606 (New)
Package is "haproxy"
Wed Jun 3 20:29:36 2020 rev:86 rq:810208 version:2.1.5+git0.36e14bd31
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-04-18
00:27:45.957721274 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.3606/haproxy.changes
2020-06-03 20:29:44.644666828 +0200
@@ -1,0 +2,96 @@
+Fri May 29 11:28:18 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.1.5+git0.36e14bd31:
+ * [RELEASE] Released version 2.1.5
+ * BUG/MINOR: nameservers: fix error handling in parsing of resolv.conf
+ * BUG/MINOR: lua: Add missing string length for lua sticktable lookup
+ * BUG/MEDIUM: logs: fix trailing zeros on log message.
+ * REGTESTS: checks: Fix tls_health_checks when IPv6 addresses are used
+ * BUG/MINOR: logs: prevent double line returns in some events.
+ * DOC: SPOE is no longer experimental
+ * DOC/MINOR: halog: Add long help info for ic flag
+ * DOC: retry-on can only be used with mode http
+ * BUG/MINOR: server: Fix server_finalize_init() to avoid unused variable
+ * BUG/MINOR: checks: Respect check-ssl param when a port or an addr is
specified
+ * BUG/MEDIUM: ring: write-lock the ring while attaching/detaching
+ * BUG/MAJOR: mux-fcgi: Stop sending loop if FCGI stream is blocked for any
reason
+ * BUG/MINOR: cache: Don't needlessly test "cache" keyword in
parse_cache_flt()
+ * BUG/MEDIUM: stream: Only allow L7 retries when using HTTP.
+ * BUG/MEDIUM: streams: Remove SF_ADDR_SET if we're retrying due to L7 retry.
+ * BUILD: select: only declare existing local labels to appease clang
+ * BUG/MINOR: soft-stop: always wake up waiting threads on stopping
+ * BUG/MINOR: pollers: remove uneeded free in global init
+ * BUG/MINOR: pools: use %u not %d to report pool stats in "show pools"
+ * BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x
sequence is encountered
+ * BUG/MEDIUM: http_ana: make the detection of NTLM variants safer
+ * BUG/MINOR: http-ana: fix NTLM response parsing again
+ * BUG/MINOR: config: Make use_backend and use-server post-parsing less obscur
+ * BUG/MEDIUM: lua: Fix dumping of stick table entries for STD_T_DICT
+ * BUG/MINOR: threads: fix multiple use of argument inside
HA_ATOMIC_UPDATE_{MIN,MAX}()
+ * BUG/MINOR: threads: fix multiple use of argument inside HA_ATOMIC_CAS()
+ * BUG/MINOR: sample: Set the correct type when a binary is converted to a
string
+ * CLEANUP: connections: align function declaration
+ * BUG/MEDIUM: ssl: fix the id length check within
smp_fetch_ssl_fc_session_id()
+ * BUG/MEDIUM: h1: Don't compare host and authority if only h1 headers are
parsed
+ * BUG/MEDIUM: connections: force connections cleanup on server changes
+ * BUG/MEDIUM: mux-fcgi: Fix wrong test on FCGI_CF_KEEP_CONN in fcgi_detach()
+ * BUG/MEDIUM: mux_fcgi: Free the FCGI connection at the end of fcgi_release()
+ * BUG/MINOR: checks: Remove a warning about http health checks
+ * BUG/MINOR: checks: Compute the right HTTP request length for HTTP health
checks
+ * BUG/MINOR: checks/server: use_ssl member must be signed
+ * Revert "BUG/MINOR: connection: make sure to correctly tag local PROXY
connections"
+ * Revert "BUG/MINOR: connection: always send address-less LOCAL PROXY
connections"
+ * REGTEST: http-rules: Require PCRE or PCRE2 option to run map_redirect
script
+ * REGTEST: ssl: test the client certificate authentication
+ * BUILD: Makefile: add linux-musl to TARGET
+ * BUILD: tools: rely on __ELF__ not USE_DL to enable use of dladdr()
+ * BUILD: tools: unbreak resolve_sym_name() on non-GNU platforms
+ * MINOR: debug: dump the whole trace if we can't spot the starting point
+ * MINOR: debug: use our own backtrace function on clang+x86_64
+ * MINOR: debug: improve backtrace() on aarch64 and possibly other systems
+ * MINOR: debug: report the number of entries in the backtrace
+ * MINOR: wdt: do not depend on USE_THREAD
+ * BUILD: Makefile: include librt before libpthread
+ * MINOR: debug: call backtrace() once upon startup
+ * MEDIUM: debug: add support for dumping backtraces of stuck threads
+ * MINOR: cli: make "show fd" rely on resolve_sym_name()
+ * MINOR: debug: use resolve_sym_name() to dump task handlers
+ * MINOR: tools: add resolve_sym_name() to resolve function pointers
+ * MINOR: tools: add new function dump_addr_and_bytes()
+ * MINOR: haproxy: export run_poll_loop
+ * MINOR: stream: report the list of active filters on stream crashes
+ * BUG/MEDIUM: shctx: bound the number of loops that can happen around the
lock
+ * BUG/MEDIUM: shctx: really check the lock's value while waiting
+ *
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-04-18 00:27:40
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.2738 (New)
Package is "haproxy"
Sat Apr 18 00:27:40 2020 rev:85 rq:794395 version:2.1.4+git0.3cfc2f1d9
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-04-07
10:23:22.881966561 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.2738/haproxy.changes
2020-04-18 00:27:45.957721274 +0200
@@ -1,0 +2,6 @@
+Wed Apr 15 23:10:28 UTC 2020 - Marcus Rueckert
+
+- use the "profile profilename /path/to/binary" syntax to make
+ "ps aufxZ" more readable
+
+---
Other differences:
--
++ usr.sbin.haproxy.apparmor ++
--- /var/tmp/diff_new_pack.TPZkbr/_old 2020-04-18 00:27:46.957723344 +0200
+++ /var/tmp/diff_new_pack.TPZkbr/_new 2020-04-18 00:27:46.957723344 +0200
@@ -1,6 +1,6 @@
#include
-/usr/sbin/haproxy {
+profile haproxy /usr/sbin/haproxy {
#include
#include
capability net_bind_service,
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-04-07 10:21:37 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3248 (New) Package is "haproxy" Tue Apr 7 10:21:37 2020 rev:84 rq:791753 version:2.1.4+git0.3cfc2f1d9 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-04-04 12:20:58.899704425 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3248/haproxy.changes 2020-04-07 10:23:22.881966561 +0200 @@ -394 +394 @@ -- Update to version 2.0.10+git0.ac198b92: +- Update to version 2.0.10+git0.ac198b92: (bsc#1157712) (bsc#1157714) Other differences: --
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2020-04-04 12:20:54 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.3248 (New) Package is "haproxy" Sat Apr 4 12:20:54 2020 rev:83 rq:790908 version:2.1.4+git0.3cfc2f1d9 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-02-19 12:41:01.971681506 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.3248/haproxy.changes 2020-04-04 12:20:58.899704425 +0200 @@ -1,0 +2,158 @@ +Thu Apr 2 13:24:34 UTC 2020 - Marcus Rueckert + +- Update to version 2.1.4+git0.3cfc2f1d9: (boo#1168023) CVE-2020-11100 + - SCRIPTS: make announce-release executable again + - BUG/MINOR: namespace: avoid closing fd when socket failed in +my_socketat + - BUG/MEDIUM: muxes: Use the right argument when calling the +destroy method. + - BUG/MINOR: mux-fcgi: Forbid special characters when matching +PATH_INFO param + - MINOR: mux-fcgi: Make the capture of the path-info optional in +pathinfo regex + - SCRIPTS: announce-release: use mutt -H instead of -i to include +the draft + - MINOR: http-htx: Add a function to retrieve the headers size of +an HTX message + - MINOR: filters: Forward data only if the last filter forwards +something + - BUG/MINOR: filters: Count HTTP headers as filtered data but +don't forward them + - BUG/MINOR: http-htx: Don't return error if authority is updated +without changes + - BUG/MINOR: http-ana: Matching on monitor-uri should be +case-sensitive + - MINOR: http-ana: Match on the path if the monitor-uri starts by +a / + - BUG/MAJOR: http-ana: Always abort the request when a tarpit is +triggered + - MINOR: ist: add an iststop() function + - BUG/MINOR: http: http-request replace-path duplicates the query +string + - BUG/MEDIUM: shctx: make sure to keep all blocks aligned + - MINOR: compiler: move CPU capabilities definition from config.h +and complete them + - BUG/MEDIUM: ebtree: don't set attribute packed without +unaligned access support + - BUILD: fix recent build failure on unaligned archs + - CLEANUP: cfgparse: Fix type of second calloc() parameter + - BUG/MINOR: sample: fix the json converter's endian-sensitivity + - BUG/MEDIUM: ssl: fix several bad pointer aliases in a few +sample fetch functions + - BUG/MINOR: connection: make sure to correctly tag local PROXY +connections + - MINOR: compiler: add new alignment macros + - BUILD: ebtree: improve architecture-specific alignment + - BUG/MINOR: h2: reject again empty :path pseudo-headers + - BUG/MINOR: sample: Make sure to return stable IDs in the +unique-id fetch + - BUG/MINOR: dns: ignore trailing dot + - BUG/MINOR: http-htx: Do case-insensive comparisons on Host +header name + - MINOR: contrib/prometheus-exporter: Add heathcheck status/code +in server metrics + - MINOR: contrib/prometheus-exporter: Add the last heathcheck +duration metric + - BUG/MEDIUM: random: initialize the random pool a bit better + - MINOR: tools: add 64-bit rotate operators + - BUG/MEDIUM: random: implement a thread-safe and process-safe +PRNG + - MINOR: backend: use a single call to ha_random32() for the +random LB algo + - BUG/MINOR: checks/threads: use ha_random() and not rand() + - BUG/MAJOR: list: fix invalid element address calculation + - MINOR: debug: report the task handler's pointer relative to +main + - BUG/MEDIUM: debug: make the debug_handler check for the thread +in threads_to_dump + - MINOR: haproxy: export main to ease access from debugger + - BUILD: tools: remove obsolete and conflicting trace() from +standard.c + - BUG/MINOR: wdt: do not return an error when the watchdog +couldn't be enabled + - DOC: fix incorrect indentation of http_auth_* + - OPTIM: startup: fast unique_id allocation for acl. + - BUG/MINOR: pattern: Do not pass len = 0 to calloc() + - DOC: configuration.txt: fix various typos + - DOC: assorted typo fixes in the documentation and Makefile + - BUG/MINOR: init: make the automatic maxconn consider the max of +soft/hard limits + - BUG/MAJOR: proxy_protocol: Properly validate TLV lengths + - REGTEST: make the PROXY TLV validation depend on version 2.2 + - BUG/MINOR: filters: Use filter offset to decude the amount of +forwarded data + - BUG/MINOR: filters: Forward everything if no data filters are +called + - MINOR: htx: Add a function to return a block at a specific +offset + - BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the +response payload + - BUG/MEDIUM: compression/filters: Fix loop on HTX blocks +compressing the payload + - BUG/MINOR: http-ana: Reset request analysers on a response side +error + - BUG/MINOR: lua:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-02-19 12:41:00
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.26092 (New)
Package is "haproxy"
Wed Feb 19 12:41:00 2020 rev:82 rq:774671 version:2.1.3+git0.5c020bbdd
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2020-01-27
00:21:44.169470321 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new.26092/haproxy.changes
2020-02-19 12:41:01.971681506 +0100
@@ -1,0 +2,132 @@
+Fri Feb 14 13:23:23 UTC 2020 - Thorsten Kukuk
+
+- Remove unsupported options from example haproxy.cfg
+- Make haproxy useable for containers
+ - Use sysusers.d to create users.
+ - Use systemd_ordering instead of requiring systemd.
+ - Own vim syntax directory instead of requiring vim. This also
+solves the problem the directory got never removed if vim is
+updated before haproxy.
+
+---
+Wed Feb 12 15:42:26 UTC 2020 - mrueck...@suse.de
+
+- Update to version 2.1.3+git0.5c020bbdd:
+ * [RELEASE] Released version 2.1.3
+ * BUG/MINOR: tcp: don't try to set defaultmss when value is negative
+ * BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a
redirect
+ * BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is
reported
+ * MINOR: htx/channel: Add a function to copy an HTX message in a channel's
buffer
+ * MINOR: htx: Add a function to append an HTX message to another one
+ * DOC: word converter ignores delimiters at the start or end of input string
+ * MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs
+ * BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
+ * BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
+ * BUG/MEDIUM: listener: only consider running threads when resuming listeners
+ * BUG/MINOR: dns: allow 63 char in hostname
+ * BUG/MINOR: unix: better catch situations where the unix socket path length
is close to the limit
+ * DOC: schematic of the SSL certificates architecture
+ * BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
+ * SCRIPTS: announce-release: allow the user to force to overwrite old files
+ * SCRIPTS: announce-release: place the send command in the mail's header
+ * CONTRIB: debug: also support reading values from stdin
+ * MINOR: acl: Warn when an ACL is named 'or'
+ * CONTRIB: debug: support reporting multiple values at once
+ * CONTRIB: debug: add the possibility to decode the value as certain types
only
+ * CONTRIB: debug: add missing flags SF_HTX and SF_MUX
+ * BUG/MINOR: ssl: clear the SSL errors on DH loading failure
+ * BUG/MINOR: ssl: we may only ignore the first 64 errors
+ * BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
+ * BUG/MEDIUM: memory: Add a rwlock before freeing memory.
+ * MINOR: memory: Only init the pool spinlock once.
+ * BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
+ * BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
+ * BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
+ * BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
+ * BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
+ * BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
+ * BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
+ * MINOR: lua: Add HLUA_PREPEND_C?PATH build option
+ * MINOR: lua: Add lua-prepend-path configuration option
+ * MINOR: lua: Add hlua_prepend_path function
+ * BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
+ * BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but
"trailers"
+ * BUG/MINOR: stktable: report the current proxy name in error messages
+ * BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
+ * BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
+ * BUG/MINOR: ssl: typo in previous patch
+ * BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
+ * BUG/MINOR: ssl: increment issuer refcount if in chain
+ * CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2
+ * BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
+ * BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
+ * BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
+ * BUG/MINOR: http_act: don't check capture id in backend
+ * MINOR: proxy/http-ana: Add support of extra attributes for the cookie
directive
+ * BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
+ * BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
+ * BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
+ * BUG/MINOR: tcp-rules:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2020-01-27 00:21:21
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.26092 (New)
Package is "haproxy"
Mon Jan 27 00:21:21 2020 rev:81 rq:766597 version:2.1.1+git0.4ae521379
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-12-23
22:42:15.817945767 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new.26092/haproxy.changes
2020-01-27 00:21:44.169470321 +0100
@@ -1,0 +2,6 @@
+Thu Jan 23 13:10:03 UTC 2020 - Dominique Leuenberger
+
+- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
+ shortcut through the -mini flavors.
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.p49E4Q/_old 2020-01-27 00:21:47.157472872 +0100
+++ /var/tmp/diff_new_pack.p49E4Q/_new 2020-01-27 00:21:47.157472872 +0100
@@ -72,7 +72,7 @@
BuildRequires: zlib-devel
BuildRequires: openssl-devel
BuildRequires: pkg-config
-BuildRequires: udev
+BuildRequires: pkgconfig(udev)
%if %{with systemd}
BuildRequires: pkgconfig(systemd)
BuildRequires: pkgconfig(libsystemd)
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-12-23 22:39:22 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.6675 (New) Package is "haproxy" Mon Dec 23 22:39:22 2019 rev:80 rq:757905 version:2.1.1+git0.4ae521379 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-12-11 12:03:05.308791755 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.6675/haproxy.changes 2019-12-23 22:42:15.817945767 +0100 @@ -1,0 +2,60 @@ +Wed Dec 11 17:07:41 UTC 2019 - mrueck...@suse.de + +- Update to version 2.1.1+git0.4ae521379: + * [RELEASE] Released version 2.1.1 + * BUILD/MINOR: unix sockets: silence an absurd gcc warning about strncpy() + * BUG/MINOR: listener: fix off-by-one in state name check + * BUG/MINOR: server: make "agent-addr" work on default-server line + * BUG/MINOR: listener: do not immediately resume on transient error + * BUG/MINOR: mworker: properly pass SIGTTOU/SIGTTIN to workers + * BUG/MINOR: log: fix minor resource leaks on logformat error path + * DOC: remove references to the outdated architecture.txt + * DOC: proxies: HAProxy only supports 3 connection modes + * BUG/MINOR: tasks: only requeue a task if it was already in the queue + * DOC: listeners: add a few missing transitions + +--- +Tue Dec 10 19:29:31 UTC 2019 - mrueck...@suse.de + +- Update to version 2.1.0+git33.8e4a62508: + * BUG/MEDIUM: proto_udp/threads: recv() and send() must not be exclusive. + * BUG/MAJOR: dns: add minimalist error processing on the Rx path + * BUG/MEDIUM: kqueue: Make sure we report read events even when no data. + * DOC: document the listener state transitions + * BUG/MEDIUM: listener/threads: fix a remaining race in the listener's accept() + * BUG/MINOR: listener: also clear the error flag on a paused listener + * BUG/MINOR: listener/threads: always use atomic ops to clear the FD events + * BUG/MINOR: proxy: make soft_stop() also close FDs in LI_PAUSED state + * BUG/MEDIUM: mux-fcgi: Handle cases where the HTX EOM block cannot be inserted + * BUG/MINOR: mux-h1: Be sure to set CS_FL_WANT_ROOM when EOM can't be added + +--- +Fri Dec 06 15:30:10 UTC 2019 - mrueck...@suse.de + +- Update to version 2.1.0+git23.e77b108cd: + * BUG/MEDIUM: checks: Make sure we set the task affinity just before connecting. + * BUG/MEDIUM: tasks: Make sure we switch wait queues in task_set_affinity(). + +--- +Thu Dec 05 15:46:01 UTC 2019 - mrueck...@suse.de + +- Update to version 2.1.0+git21.67ff2112b: + * BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive data + * BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN + * BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending + * BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1 + * BUG/MEDIUM: listener/thread: fix a race when pausing a listener + * BUG/MINOR: ssl/cli: don't overwrite the filters variable + * BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still possible + * BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to flush data + * DOC: move the "group" keyword at the right place + * DOC: Fix ordered list in summary + +--- +Thu Dec 5 15:46:00 UTC 2019 - Marcus Rueckert + +- switch to the 2.1 branch + https://www.haproxy.com/blog/haproxy-2-1/ + https://www.mail-archive.com/haproxy@formilux.org/msg35491.html + +--- Old: haproxy-2.0.10+git14.7caf150a.tar.gz New: haproxy-2.1.1+git0.4ae521379.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.tJR6CD/_old 2019-12-23 22:42:16.449946040 +0100 +++ /var/tmp/diff_new_pack.tJR6CD/_new 2019-12-23 22:42:16.449946040 +0100 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:2.0.10+git14.7caf150a +Version:2.1.1+git0.4ae521379 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.tJR6CD/_old 2019-12-23 22:42:16.473946051 +0100 +++ /var/tmp/diff_new_pack.tJR6CD/_new 2019-12-23 22:42:16.473946051 +0100 @@ -1,12 +1,12 @@ -http://git.haproxy.org/git/haproxy-2.0.git +http://git.haproxy.org/git/haproxy-2.1.git git haproxy @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -7caf150a +v2.1.1 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.tJR6CD/_old
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2019-12-11 12:02:32
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.4691 (New)
Package is "haproxy"
Wed Dec 11 12:02:32 2019 rev:79 rq:754451 version:2.0.10+git14.7caf150a
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-11-26
17:02:24.224047559 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new.4691/haproxy.changes
2019-12-11 12:03:05.308791755 +0100
@@ -1,0 +2,71 @@
+Thu Dec 05 15:37:44 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.10+git14.7caf150a:
+ * BUG/MINOR: mux-h1: Fix conditions to know whether or not we may receive
data
+ * BUG/MINOR: mux-h1: Don't rely on CO_FL_SOCK_RD_SH to set H1C_F_CS_SHUTDOWN
+ * BUG/MEDIUM: mux-h1: Never reuse H1 connection if a shutw is pending
+ * BUG/MINOR: ssl: certificate choice can be unexpected with openssl >= 1.1.1
+ * BUG/MEDIUM: listener/thread: fix a race when pausing a listener
+ * BUG/MINOR: stream-int: avoid calling rcv_buf() when splicing is still
possible
+ * BUG/MEDIUM: stream-int: don't subscribed for recv when we're trying to
flush data
+ * DOC: move the "group" keyword at the right place
+ * DOC: clarify matching strings on binary fetches
+ * DOC: Clarify behavior of server maxconn in HTTP mode
+
+---
+Fri Nov 29 13:44:19 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.10+git4.6d9a455d:
+ * BUG/MINOR: http-htx: Don't make http_find_header() fail if the value is
empty
+
+---
+Thu Nov 28 15:45:58 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.10+git3.200c6215:
+ * BUG/MINOR: contrib/prometheus-exporter: decode parameter and value only
+
+---
+Wed Nov 27 11:52:45 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.10+git2.3a00e5fc:
+ * BUG/MINOR: contrib/prometheus-exporter: Use HTX errors and not legacy ones
+ * BUG/MINOR: stream: init variables when the list is empty
+
+---
+Mon Nov 25 20:11:36 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.10+git0.ac198b92:
+ * [RELEASE] Released version 2.0.10
+ * SCRIPTS: git-show-backports: add "-s" to proposed cherry-pick commands
+ * SCRIPTS: create-release: show the correct origin name in suggested commands
+ * BUG/MAJOR: mux-h2: don't try to decode a response HEADERS frame in idle
state
+ * BUG/MAJOR: h2: make header field name filtering stronger
+ * BUG/MAJOR: h2: reject header values containing invalid chars
+ * MINOR: ist: add ist_find_ctl()
+ * BUG/MINOR: ssl: fix curve setup with LibreSSL
+ * BUG/MINOR: cli: fix out of bounds in -S parser
+ * DOC: Add documentation about the use-service action
+ * DOC: Add missing stats fields in the management manual
+ * BUG/MINOR: mux-h1: Adjust header case when chunked encoding is add to a
message
+ * BUG/MINOR: mux-h1: Fix a UAF in cfg_h1_headers_case_adjust_postparser()
+ * MEDIUM: mux-h1: Add the support of headers adjustment for bogus HTTP/1 apps
+ * REGTEST: vtest can now enable mcli with its own flag
+ * MINOR: stats: Report max times in addition of the averages for sessions
+ * BUG/MINOR: stream-int: Fix si_cs_recv() return value
+ * MINOR: contrib/prometheus-exporter: Add a param to ignore servers in
maintenance
+ * MINOR: contrib/prometheus-exporter: filter exported metrics by scope
+ * MINOR: contrib/prometheus-exporter: report the number of idle conns per
server
+ * BUG/MINOR: contrib/prometheus-exporter: Rename some metrics
+ * MINOR: contrib/prometheus-exporter: Report metrics about max times for
sessions
+ * MINOR: counters: Add fields to store the max observed for {q,c,d,t}_time
+ * MINOR: stream: Remove the lock on the proxy to update time stats
+ * MINOR: freq_ctr: Make the sliding window sums thread-safe
+ * BUG/MINOR: http-ana: Properly catch aborts during the payload forwarding
+ * BUG/MINOR: mux-h1: Fix tunnel mode detection on the response path
+ * BUILD: debug: Avoid warnings in dev mode with -02 because of some BUG_ON
tests
+ * BUG/MEDIUM: stream-int: Don't loose events on the CS when an EOS is
reported
+ * BUILD/MINOR: ssl: fix compiler warning about useless statement
+ * BUG/MINOR: peers: "peer alive" flag not reset when deconnecting.
+ * BUG/MEDIUM: mworker: don't fill the -sf argument with -1 during the reexec
+
+---
Old:
haproxy-2.0.9+git6.26b7b800.tar.gz
New:
haproxy-2.0.10+git14.7caf150a.tar.gz
Other
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-11-26 17:01:56 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.26869 (New) Package is "haproxy" Tue Nov 26 17:01:56 2019 rev:78 rq:750840 version:2.0.9+git6.26b7b800 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-11-24 00:32:32.555241524 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.26869/haproxy.changes 2019-11-26 17:02:24.224047559 +0100 @@ -20 +20 @@ -- Update to version 2.0.9+git0.efac87ee (fixes CVE-2019-14241): +- Update to version 2.0.9+git0.efac87ee (bsc#1154980) (CVE-2019-18277): Other differences: --
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-11-24 00:32:30 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.26869 (New) Package is "haproxy" Sun Nov 24 00:32:30 2019 rev:77 rq:750309 version:2.0.9+git6.26b7b800 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-11-21 12:57:45.242544762 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.26869/haproxy.changes 2019-11-24 00:32:32.555241524 +0100 @@ -20 +20 @@ -- Update to version 2.0.9+git0.efac87ee: +- Update to version 2.0.9+git0.efac87ee (fixes CVE-2019-14241): Other differences: --
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-11-21 12:57:43 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.26869 (New) Package is "haproxy" Thu Nov 21 12:57:43 2019 rev:76 rq:749635 version:2.0.9+git6.26b7b800 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-10-14 12:31:21.864290315 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.26869/haproxy.changes 2019-11-21 12:57:45.242544762 +0100 @@ -1,0 +2,107 @@ +Tue Nov 19 14:16:54 UTC 2019 - mrueck...@suse.de + +- Update to version 2.0.9+git6.26b7b800: + * BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 + * BUG/MINOR: peers: Wrong null "server_name" data field handling. + * MINOR: peers: Add debugging information to "show peers". + * MINOR: peers: Add TX/RX heartbeat counters. + * MINOR: peers: Alway show the table info for disconnected peers. + +--- +Tue Nov 19 13:55:05 UTC 2019 - mrueck...@suse.de + +- Update to version 2.0.9+git1.caf02113: + * BUG/MINOR: init: fix set-dumpable when using uid/gid + +--- +Tue Nov 19 13:54:57 UTC 2019 - mrueck...@suse.de + +- Update to version 2.0.9+git0.efac87ee: + * [RELEASE] Released version 2.0.9 + * BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe + * BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams + * BUG/MINOR: log: limit the size of the startup-logs + * BUILD: contrib/da: remove an "unused" warning + * MINOR: memory: also poison the area on freeing + * CLEANUP: session: slightly simplify idle connection cleanup logic + * BUG/MEDIUM: Make sure we leave the session list in session_free(). + * BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition + * BUG/MINOR: queue/threads: make the queue unlinking atomic + * DOC: management: fix typo on "cache_lookups" stats output + * DOC: management: document cache_hits and cache_lookups in the CSV format + * DOC: management: document reuse and connect counters in the CSV format + * BUG: dns: timeout resolve not applied for valid resolutions + * BUG/MINOR: action: do-resolve now use cached response + * BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams + * MINOR: doc: http-reuse connection pool fix + * BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it + * BUG/MEDIUM: mux-h1: Disable splicing for chunked messages + * BUG/MEDIUM: mux-h2: immediately report connection errors on streams + * BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list + * BUG/MEDIUM: mux-h2: report no available stream on a connection having errors + * BUG/MINOR: config: Update cookie domain warn to RFC6265 + * BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready. + * BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready. + * MINOR: mux: Add a new method to get informations about a mux. + * BUG/MINOR: spoe: fix off-by-one length in UUID format string + * BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached + * BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent + * BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed + * MINOR: tcp: avoid confusion in time parsing init + * BUG/MINOR: mux-h2: do not emit logs on backend connections + * MINOR: config: warn on presence of "\n" in header values/replacements + +--- +Tue Nov 19 13:54:51 UTC 2019 - mrueck...@suse.de + +- Update to version 2.0.8+git0.60e6020c: + * [RELEASE] Released version 2.0.8 + * BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless + * BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion + * BUG/MINOR: ssl: fix memcpy overlap without consequences. + * BUG/MEDIUM: http: unbreak redirects in legacy mode + * BUG/MINOR: mux-h2: also make sure blocked legacy connections may expire + * BUG/MINOR: sample: Make the `field` converter compatible with `-m found` + * BUG/MINOR: cache: alloc shctx after check config + * BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr + * BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed + * BUG/MINOR: mworker/cli: reload fail with inherited FD + * BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 + * CLEANUP: bind: handle warning label on bind keywords parsing. + * CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn + * CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-10-14 12:31:19 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.2352 (New) Package is "haproxy" Mon Oct 14 12:31:19 2019 rev:75 rq:735634 version:2.0.7+git0.1909aa1e Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-09-25 01:50:25.085600808 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.2352/haproxy.changes 2019-10-14 12:31:21.864290315 +0200 @@ -1,0 +2,26 @@ +Mon Oct 07 08:05:46 UTC 2019 - kgronl...@suse.com + +- Update to version 2.0.7+git0.1909aa1e: + * [RELEASE] Released version 2.0.7 + * BUG/MEDIUM: namespace: fix fd leak in master-worker mode + * DOC: Fix documentation about the cli command to get resolver stats + * BUG/MINOR: contrib/prometheus-exporter: Return the time averages in seconds + * MINOR: stats: Add the support of float fields in stats + * MINOR: spoe: Support the async mode with several threads + * MINOR: spoe: Improve generation of the engine-id + * BUG/MEDIUM: spoe: Use a different engine-id per process + * BUG/MINOR: mux-h1: Do h2 upgrade only on the first request + * BUG/MAJOR: mux_h2: Don't consume more payload than received for skipped frames + * BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream + * BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams + * BUG/MEDIUM: namespace: close open namespaces during soft shutdown + * BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready + * BUG/MEDIUM: checks: make sure the connection is ready before trying to recv + * BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends + * BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send() + * BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 + * BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame + * BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe + * BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument + +--- Old: haproxy-2.0.6+git0.58706ab4.tar.gz New: haproxy-2.0.7+git0.1909aa1e.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.cvrGzE/_old 2019-10-14 12:31:22.872287688 +0200 +++ /var/tmp/diff_new_pack.cvrGzE/_new 2019-10-14 12:31:22.888287646 +0200 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:2.0.6+git0.58706ab4 +Version:2.0.7+git0.1909aa1e Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.cvrGzE/_old 2019-10-14 12:31:23.004287344 +0200 +++ /var/tmp/diff_new_pack.cvrGzE/_new 2019-10-14 12:31:23.008287334 +0200 @@ -6,7 +6,7 @@ @PARENT_TAG@+git@TAG_OFFSET@.%h v(.*) \1 -v2.0.6 +v2.0.7 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.cvrGzE/_old 2019-10-14 12:31:23.088287125 +0200 +++ /var/tmp/diff_new_pack.cvrGzE/_new 2019-10-14 12:31:23.092287115 +0200 @@ -1,6 +1,6 @@ http://git.haproxy.org/git/haproxy-2.0.git -58706ab4bdbea3468253eddf07f2d58db43bfcb4 +1909aa1e2f34dc8aaa86c279553eec2c99c14f2e \ No newline at end of file ++ haproxy-2.0.6+git0.58706ab4.tar.gz -> haproxy-2.0.7+git0.1909aa1e.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-2.0.6+git0.58706ab4/CHANGELOG new/haproxy-2.0.7+git0.1909aa1e/CHANGELOG --- old/haproxy-2.0.6+git0.58706ab4/CHANGELOG 2019-09-13 13:46:44.0 +0200 +++ new/haproxy-2.0.7+git0.1909aa1e/CHANGELOG 2019-09-27 14:17:42.0 +0200 @@ -1,6 +1,28 @@ ChangeLog : === +2019/09/27 : 2.0.7 +- BUG/MEDIUM: stick-table: Properly handle "show table" with a data type argument +- BUG/MINOR: mux-h2: Be sure to have a connection to unsubcribe +- BUG/MAJOR: mux-h2: Handle HEADERS frames received after a RST_STREAM frame +- BUG/MEDIUM: check/threads: make external checks run exclusively on thread 1 +- BUG/MINOR: stream-int: Process connection/CS errors first in si_cs_send() +- BUG/MEDIUM: stream-int: Process connection/CS errors during synchronous sends +- BUG/MEDIUM: checks: make sure the connection is ready before trying to recv +- BUG/MINOR: mux-h2: do not wake up blocked streams before the mux is ready +- BUG/MEDIUM: namespace: close open namespaces during soft shutdown +- BUG/MEDIUM: mux-h2: don't reject valid frames on closed streams +- BUG/MINOR: mux-h2: Use the dummy error when decoding headers for a closed stream +- BUG/MAJOR:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2019-09-25 01:50:23
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.7948 (New)
Package is "haproxy"
Wed Sep 25 01:50:23 2019 rev:74 rq:731949 version:2.0.6+git0.58706ab4
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-09-07
11:26:29.438486292 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.7948/haproxy.changes
2019-09-25 01:50:25.085600808 +0200
@@ -1,0 +2,49 @@
+Tue Sep 17 15:41:39 UTC 2019 - kgronl...@suse.com
+
+- Update to version 2.0.6+git0.58706ab4:
+ * [RELEASE] Released version 2.0.6
+ * MINOR: sample: Add UUID-fetch
+ * BUG/MINOR: Missing stat_field_names (since f21d17bb)
+ * BUG/MINOR: backend: Fix a possible null pointer dereference
+ * BUG/MINOR: acl: Fix memory leaks when an ACL expression is parsed
+ * BUG/MINOR: filters: Properly set the HTTP status code on analysis error
+ * BUG/MEDIUM: http: also reject messages where "chunked" is missing from
transfer-enoding
+ * BUG/MINOR: ssl: always check for ssl connection before getting its XPRT
context
+ * BUG/MINOR: listener: Fix a possible null pointer dereference
+ * MINOR: stats: report the number of idle connections for each server
+ * BUG/MEDIUM: connection: don't keep more idle connections than ever needed
+ * BUG/MAJOR: ssl: ssl_sock was not fully initialized.
+ * BUG/MINOR: lb/leastconn: ignore the server weights for empty servers
+ * MINOR: contrib/prometheus-exporter: Report DRAIN/MAINT/NOLB status for
servers
+ * BUG/MINOR: checks: do not uselessly poll for reads before the connection
is up
+ * BUG/MINOR: checks: make __event_chk_srv_r() report success before closing
+ * BUG/MINOR: checks: start sending the request right after connect()
+ * BUG/MINOR: checks: stop polling for write when we have nothing left to send
+ * BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big
+ * BUG/MEDIUM: cache: Properly copy headers splitted on several shctx blocks
+ * BUG/MINOR: mux-h1: Be sure to update the count before adding EOM after
trailers
+ * BUG/MINOR: mux-h1: Don't stop anymore input processing when the max is
reached
+ * BUG/MINOR: mux-h1: Fix size evaluation of HTX messages after headers
parsing
+ * BUG/MINOR: h1: Properly reset h1m when parsing is restarted
+ * BUG/MINOR: http-ana: Reset response flags when 1xx messages are handled
+ * BUG/MEDIUM: peers: local peer socket not bound.
+ * BUG/MEDIUM: proto-http: Always start the parsing if there is no outgoing
data
+ * BUG/MEDIUM: url32 does not take the path part into account in the returned
hash.
+ * BUG/MEDIUM: listener/threads: fix an AB/BA locking issue in
delete_listener()
+ * BUG/MINOR: mworker: disable SIGPROF on re-exec
+ * DOC: fixed typo in management.txt
+ * BUG/MEDIUM: mux-h1: do not report errors on transfers ending on buffer full
+ * BUG/MEDIUM: mux-h1: do not truncate trailing 0CRLF on buffer boundary
+ * MEDIUM: debug: make the thread dump code show Lua backtraces
+ * MINOR: lua: export applet and task handlers
+ * MINOR: tools: add append_prefixed_str()
+ * MINOR: debug: indicate the applet name when the task is task_run_applet()
+
+---
+Thu Aug 22 11:23:04 CEST 2019 - ku...@suse.de
+
+- Use %license instead of %doc [bsc#1082318]
+- Recommend apparmor, it's not required to work (make haproxy
+ useable in a container)
+
+---
Old:
haproxy-2.0.5+git0.d905f49a.tar.gz
New:
haproxy-2.0.6+git0.58706ab4.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.FBSw9i/_old 2019-09-25 01:50:25.969600795 +0200
+++ /var/tmp/diff_new_pack.FBSw9i/_new 2019-09-25 01:50:25.973600795 +0200
@@ -1,7 +1,7 @@
#
# spec file for package haproxy
#
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -47,7 +47,7 @@
%endif
Name: haproxy
-Version:2.0.5+git0.d905f49a
+Version:2.0.6+git0.58706ab4
Release:0
#
#
@@ -55,10 +55,10 @@
%if %{with apparmor}
%if 0%{?suse_version} <= 1315
BuildRequires: apparmor-profiles
-Requires: apparmor-profiles
+Recommends: apparmor-profiles
%else
BuildRequires: apparmor-abstractions
-Requires: apparmor-abstractions
+Recommends: apparmor-abstractions
%endif
%if %{with apparmor_reload}
BuildRequires:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2019-09-07 11:26:26
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new.7948 (New)
Package is "haproxy"
Sat Sep 7 11:26:26 2019 rev:73 rq:726527 version:2.0.5+git0.d905f49a
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-07-31
14:30:39.298025488 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new.7948/haproxy.changes
2019-09-07 11:26:29.438486292 +0200
@@ -1,0 +2,46 @@
+Tue Aug 20 15:05:47 UTC 2019 - Marcus Rueckert
+
+- enable prometheus exporter
+
+---
+Tue Aug 20 14:05:47 UTC 2019 - Marcus Rueckert
+
+- enable verbose make output
+
+---
+Tue Aug 20 14:01:33 UTC 2019 - mrueck...@suse.de
+
+- Update to version 2.0.5+git0.d905f49a:
+ * [RELEASE] Released version 2.0.5
+ * BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
+ * MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
+ * BUG/MINOR: stats: Wait the body before processing POST requests
+ * BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
+ * BUG/MEDIUM: mux_h1: Don't bother subscribing in recv if we're not
connected.
+ * BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
+ * BUG/MINOR: lua: fix setting netfilter mark
+ * BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
+ * BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
+ * BUG/MINOR: buffers/threads: always clear a buffer's head before releasing
it
+ * MINOR: ssl: ssl_fc_has_early should work for BoringSSL
+ * BUG/MINOR: ssl: fix 0-RTT for BoringSSL
+ * BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
+ * [RELEASE] Released version 2.0.4
+ * BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
+ * BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
+ * BUG/MINOR: mux-h2: always send stream window update before connection's
+ * BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
+ * BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
+ * BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
+ * BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another
one
+ * BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
+ * BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to
H2
+ * BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
+ * BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
+ * BUG/MINOR: stream-int: also update analysers timeouts on activity
+ * BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
+ * BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is
increased
+ * MINOR: wdt: also consider that waiting in the thread dumper is normal
+ * BUG/MINOR: debug: fix a small race in the thread dumping code
+
+---
Old:
haproxy-2.0.3+git14.0ff395c1.tar.gz
New:
haproxy-2.0.5+git0.d905f49a.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.1xvBhF/_old 2019-09-07 11:26:29.974486224 +0200
+++ /var/tmp/diff_new_pack.1xvBhF/_new 2019-09-07 11:26:29.974486224 +0200
@@ -47,7 +47,7 @@
%endif
Name: haproxy
-Version:2.0.3+git14.0ff395c1
+Version:2.0.5+git0.d905f49a
Release:0
#
#
@@ -157,7 +157,8 @@
USE_RELRO_NOW=1 \
LIB="%{_lib}" \
PREFIX="%{_prefix}" \
-DEBUG_CFLAGS="%{optflags}"
+EXTRA_OBJS="contrib/prometheus-exporter/service-prometheus.o" \
+DEBUG_CFLAGS="%{optflags}" V=1
%if %{with systemd}
make -C contrib/systemd PREFIX="%{_prefix}"
%endif
++ _service ++
--- /var/tmp/diff_new_pack.1xvBhF/_old 2019-09-07 11:26:29.994486222 +0200
+++ /var/tmp/diff_new_pack.1xvBhF/_new 2019-09-07 11:26:29.994486222 +0200
@@ -6,7 +6,7 @@
@PARENT_TAG@+git@TAG_OFFSET@.%h
v(.*)
\1
-master
+v2.0.5
enable
++ _servicedata ++
--- /var/tmp/diff_new_pack.1xvBhF/_old 2019-09-07 11:26:30.006486220 +0200
+++ /var/tmp/diff_new_pack.1xvBhF/_new 2019-09-07 11:26:30.010486219 +0200
@@ -1,6 +1,6 @@
http://git.haproxy.org/git/haproxy-2.0.git
-0ff395c154ad827c0c30eefc9371ba7f7c171027
+d905f49a0dbf78b69f24ee69df10b873680b92ea
\ No newline at end of file
++ haproxy-2.0.3+git14.0ff395c1.tar.gz ->
haproxy-2.0.5+git0.d905f49a.tar.gz ++
1935 lines of diff
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-07-31 14:30:10 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.4126 (New) Package is "haproxy" Wed Jul 31 14:30:10 2019 rev:72 rq:719848 version:2.0.3+git14.0ff395c1 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-07-11 13:17:19.838787481 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.4126/haproxy.changes 2019-07-31 14:30:39.298025488 +0200 @@ -1,0 +2,55 @@ +Tue Jul 30 13:16:56 UTC 2019 - kgronl...@suse.com + +- Update to version 2.0.3+git14.0ff395c1 (bsc#1142529) (CVE-2019-14241): + * BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in process_srv_queue() + * BUG/MINOR: htx: Fix free space addresses calculation during a block expansion + * BUG/MINOR: hlua: Only execute functions of HTTP class if the txn is HTTP ready + * MINOR: hlua: Add a flag on the lua txn to know in which context it can be used + * MINOR: hlua: Don't set request analyzers on response channel for lua actions + * BUG/MEDIUM: hlua: Check the calling direction in lua functions of the HTTP class + * BUG/MINOR: hlua/htx: Reset channels analyzers when txn:done() is called + * DOC: improve the wording in CONTRIBUTING about how to document a bug fix + * BUG/MINOR: log: make sure writev() is not interrupted on a file output + * BUG/MEDIUM: streams: Don't switch the SI to SI_ST_DIS if we have data to send. + * BUG/MEDIUM: lb-chash: Fix the realloc() when the number of nodes is increased + * BUILD: threads: add the definition of PROTO_LOCK + * BUG/MINOR: proxy: always lock stop_proxy() + * BUG/MEDIUM: protocols: add a global lock for the init/deinit stuff + * [RELEASE] Released version 2.0.3 + * BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by a delimiter + * BUG/MINOR: http_htx: Support empty errorfiles + * BUG/MINOR: http_ana: Be sure to have an allocated buffer to generate an error + * BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream + * BUG/MINOR: mux-h1: Close server connection if input data remains in h1_detach() + * BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction + * BUG/MINOR: checks: do not exit tcp-checks from the middle of the loop + * BUG/MINOR: session: Send a default HTTP error if accept fails for a H1 socket + * BUG/MINOR: session: Emit an HTTP error if accept fails only for H1 connection + * BUG/MINOR: debug: Remove flags CO_FL_SOCK_WR_ENA/CO_FL_SOCK_RD_ENA + * DOC: htx: Update comments in HTX files + * BUG/MINOR: hlua: Make the function txn:done() HTX aware + * BUG/MINOR: cache/htx: Make maxage calculation HTX aware + * BUG/MINOR: http_htx: Initialize HTX error messages for TCP proxies + * BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules + * BUG/MINOR: backend: do not try to install a mux when the connection failed + * BUG/MEDIUM: http/htx: unbreak option http_proxy + * BUG/MEDIUM: checks: Don't attempt to receive data if we already subscribed. + * BUG/MINOR: dns: remove irrelevant dependency on a client connection + * [RELEASE] Released version 2.0.2 + * BUG/MEDIUM: threads: cpu-map designating a single thread/process are ignored + * BUG/MEDIUM: tcp-check: unbreak multiple connect rules again + * BUG/MINOR: mux-pt: do not pretend there's more data after a read0 + * BUG/MEDIUM: streams: Don't redispatch with L7 retries if redispatch isn't set. + * BUG/MEDIUM: streams: Don't give up if we couldn't send the request. + * BUG/MINOR: mux-h1: Correctly report Ti timer when HTX and keepalives are used + * BUG/MEDIUM: mux-h1: Don't release h1 connection if there is still data to send + * BUG/MAJOR: listener: fix thread safety in resume_listener() + * MINOR: task: introduce work lists + * BUG/MEDIUM: servers: Fix a race condition with idle connections. + * DOC: Fix typos and grammer in configuration.txt + * BUG/MEDIUM: da: cast the chunk to string. + * BUG/MEDIUM: checks: Don't attempt to read if we destroyed the connection. + * BUG/MINOR: server: Be really able to keep "pool-max-conn" idle connections + * BUG/MEDIUM: fd/threads: fix excessive CPU usage on multi-thread accept + +--- Old: haproxy-2.0.1+git27.5db881ff.tar.gz New: haproxy-2.0.3+git14.0ff395c1.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.u2Vl2X/_old 2019-07-31 14:30:42.226023475 +0200 +++ /var/tmp/diff_new_pack.u2Vl2X/_new 2019-07-31 14:30:42.230023472 +0200 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:2.0.1+git27.5db881ff
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-07-11 13:17:17 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.4615 (New) Package is "haproxy" Thu Jul 11 13:17:17 2019 rev:71 rq:714254 version:2.0.1+git27.5db881ff Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-05-06 21:17:19.793084989 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.4615/haproxy.changes 2019-07-11 13:17:19.838787481 +0200 @@ -1,0 +2,175 @@ +Tue Jul 09 11:48:41 UTC 2019 - kgronl...@suse.com + +- Update to version 2.0.1+git27.5db881ff: + * BUG/MINOR: ssl: revert empty handshake detection in OpenSSL <= 1.0.2 + * BUG/MEDIUM: servers: Don't forget to set srv_cs to NULL if we can't reuse it. + * BUG/MEDIUM: stream-int: Don't rely on CF_WRITE_PARTIAL to unblock opposite si + * MINOR: stream-int: Factorize processing done after sending data in si_cs_send() + * BUG/MINOR: mux-h1: Don't process input or ouput if an error occurred + * BUG/MEDIUM: mux-h1: Handle TUNNEL state when outgoing messages are formatted + * BUG/MEDIUM: lb_fas: Don't test the server's lb_tree from outside the lock + * BUG/MEDIUM: http/applet: Finish request processing when a service is registered + * MINOR: action: Add the return code ACT_RET_DONE for actions + * BUG/MINOR: contrib/prometheus-exporter: Don't try to add empty data blocks + * MINOR: server: Add "no-tfo" option. + * BUG/MEDIUM: sessions: Don't keep an extra idle connection in sessions. + * BUG/MEDIUM: servers: Authorize tfo in default-server. + * BUG/MEDIUM: connections: Make sure we're unsubscribe before upgrading the mux. + * BUG/MINOR: contrib/prometheus-exporter: Respect the reserve when data are sent + * BUG/MINOR: hlua/htx: Respect the reserve when HTX data are sent + * BUG/MEDIUM: channel/htx: Use the total HTX size in channel_htx_recv_limit() + * BUG/MINOR: hlua: Don't use channel_htx_recv_max() + * BUG/MINOR: contrib/prometheus-exporter: Don't use channel_htx_recv_max() + * BUG/MEDIUM: checks: Make sure the tasklet won't run if the connection is closed. + * BUG/MEDIUM: connections: Always call shutdown, with no linger. + * BUG/MINOR: mux-h1: Don't return the empty chunk on HEAD responses + * BUG/MINOR: mux-h1: Skip trailers for non-chunked outgoing messages + * BUG/MEDIUM: checks: unblock signals in external checks + * BUG/MEDIUM: mux-h1: Always release H1C if a shutdown for writes was reported + * BUG/MEDIUM: ssl: Don't attempt to set alpn if we're not using SSL. + * BUG/MINOR: mworker/cli: don't output a \n before the response + * BUG/MINOR: mux-h1: Make format errors during output formatting fatal + * BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages + * BUG/MEDIUM: proto_htx: Don't add EOM on 1xx informational messages + * BUG/MINOR: log: Detect missing sampling ranges in config + * BUG/MINOR: memory: Set objects size for pools in the per-thread cache + * BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing message is formatted + * BUG/MINOR: htx: Save hdrs_bytes when the HTX start-line is replaced + * BUG/MEDIUM: ssl: Don't do anything in ssl_subscribe if we have no ctx. + * BUG/MEDIUM: connections: Always add the xprt handshake if needed. + * BUG/MEDIUM: stream_interface: Don't add SI_FL_ERR the state is < SI_ST_CON. + * BUG/MINOR: spoe: Fix memory leak if failing to allocate memory + * BUG/MEDIUM: mworker/cli: command pipelining doesn't work anymore + * BUG/MEDIUM: mworker: don't call the thread and fdtab deinit + * BUG/MINOR: mworker-prog: Fix segmentation fault during cfgparse + * BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL condition. + * BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock + * BUG/MEDIUM: mux-h2: Remove the padding length when a DATA frame size is checked + * BUG/MEDIUM: mux-h2: Reset padlen when several frames are demux + +--- +Sun Jun 30 10:24:18 UTC 2019 - Jan Engelhardt + +- Correct version line, which should be 2.0.0+git6. + +--- +Tue Jun 18 12:09:15 UTC 2019 - Marcus Rueckert + +- allow the new master socket path in the apparmor profile + +--- +Tue Jun 18 12:04:20 UTC 2019 - mrueck...@suse.de + +- Update to version 2.0.0~git6.41dc8432: + * BUG/MEDIUM: htx: Fully update HTX message when the block value is changed + * MINOR: htx: Add the function htx_change_blk_value_len() + * BUG/MEDIUM: compression: Set Vary: Accept-Encoding for compressed responses + * BUG/MINOR: mux-h1: Add the header connection in lower case in outgoing messages + *
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-05-06 21:17:18 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.5148 (New) Package is "haproxy" Mon May 6 21:17:18 2019 rev:70 rq:701060 version:1.8.20~git0.6fb9fadc Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-02-14 14:32:42.543670397 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.5148/haproxy.changes 2019-05-06 21:17:19.793084989 +0200 @@ -1,0 +2,54 @@ +Fri May 03 12:56:13 UTC 2019 - kgronl...@suse.com + +- Update to version 1.8.20~git0.6fb9fadc: + * [RELEASE] Released version 1.8.20 + * BUG/MINOR: spoe: Don't systematically wakeup SPOE stream in the applet handler + * BUG/MINOR: da: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() + * BUG/MINOR: 51d: Get the request channel to call CHECK_HTTP_MESSAGE_FIRST() + * BUG/MEDIUM: thread/http: Add missing locks in set-map and add-acl HTTP rules + * BUG/MINOR: acl: properly detect pattern type SMP_T_ADDR + * BUG/MEDIUM: maps: only try to parse the default value when it's present + * BUG/MAJOR: http_fetch: Get the channel depending on the keyword used + * MINOR: skip get_gmtime where tm is unused + * BUILD/MINOR: listener: Silent a few signedness warnings. + * BUG/MEDIUM: listener: make sure the listener never accepts too many conns + * BUG/MEDIUM: listener: use a self-locked list for the dequeue lists + * MAJOR: listener: do not hold the listener lock in listener_accept() + * BUG/MEDIUM: list: fix incorrect pointer unlocking in LIST_DEL_LOCKED() + * BUG/MEDIUM: list: fix again LIST_ADDQ_LOCKED + * BUG/MEDIUM: list: correct fix for LIST_POP_LOCKED's removal of last element + * MINOR: list: make the delete and pop operations idempotent + * BUG/MEDIUM: list: add missing store barriers when updating elements and head + * BUG/MEDIUM: list: fix LIST_POP_LOCKED's removal of the last pointer + * BUG/MEDIUM: list: fix the rollback on addq in the locked liss + * BUG/MEDIUM: lists: Properly handle the case we're removing the first elt. + * MINOR: lists: Implement locked variations. + * BUG/MINOR: threads: fix the process range of thread masks + * BUG/MEDIUM: spoe: Return an error if nothing is encoded for fragmented messages + * BUG/MEDIUM: spoe: Queue message only if no SPOE applet is attached to the stream + * BUG/MEDIUM: pattern: assign pattern IDs after checking the config validity + * BUILD: connection: fix naming of ip_v field + * BUILD: use inttypes.h instead of stdint.h + * BUG/MEDIUM: peers: fix a case where peer session is not cleanly reset on release. + * MINOR: cli: start addresses by a prefix in 'show cli sockets' + * BUG/MINOR: cli: correctly handle abns in 'show cli sockets' + * BUILD: Makefile: disable shared cache on AIX 5.1 + * BUILD: makefile: add _LINUX_SOURCE_COMPAT to build on AIX-51 + * BUILD: makefile: fix build of IPv6 header on aix51 + * MINOR: tools: make memvprintf() never pass a NULL target to vsnprintf() + * BUILD: makefile: work around an old bug in GNU make-3.80 + * BUG/MAJOR: checks: segfault during tcpcheck_main + * DOC: The option httplog is no longer valid in a backend. + * BUG/MEDIUM: ssl: ability to set TLS 1.3 ciphers using ssl-default-server-ciphersuites + * BUG/MINOR: http/counters: fix missing increment of fe->srv_aborts + * BUG/MAJOR: stats: Fix how huge POST data are read from the channel + * BUG/MAJOR: spoe: Fix initialization of thread-dependent fields + * BUG/MEDIUM: threads/fd: do not forget to take into account epoll_fd/pipes + * MEDIUM: threads: Use __ATOMIC_SEQ_CST when using the newer atomic API. + * BUG/MINOR: ssl: fix warning about ssl-min/max-ver support + * BUG/MEDIUM: 51d: fix possible segfault on deinit_51degrees() + * BUG/MEDIUM: logs: Only attempt to free startup_logs once. + * BUG/MINOR: listener: keep accept rate counters accurate under saturation + * BUG/MAJOR: listener: Make sure the listener exist before using it. + +--- Old: haproxy-1.8.19~git0.ebf033b4.tar.gz New: haproxy-1.8.20~git0.6fb9fadc.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.EakfGE/_old 2019-05-06 21:17:20.433086653 +0200 +++ /var/tmp/diff_new_pack.EakfGE/_new 2019-05-06 21:17:20.437086664 +0200 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:1.8.19~git0.ebf033b4 +Version:1.8.20~git0.6fb9fadc Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.EakfGE/_old 2019-05-06 21:17:20.457086715 +0200 +++ /var/tmp/diff_new_pack.EakfGE/_new 2019-05-06 21:17:20.457086715 +0200
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-02-14 14:32:25 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.28833 (New) Package is "haproxy" Thu Feb 14 14:32:25 2019 rev:69 rq:674410 version:1.8.19~git0.ebf033b4 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2019-01-11 14:05:24.199805224 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.28833/haproxy.changes 2019-02-14 14:32:42.543670397 +0100 @@ -1,0 +2,55 @@ +Mon Feb 11 15:16:38 UTC 2019 - kgronl...@suse.com + +- Update to version 1.8.19~git0.ebf033b4: + * [RELEASE] Released version 1.8.19 + * BUG/MINOR: config: Reinforce validity check when a process number is parsed + * BUG/MAJOR: stream: avoid double free on unique_id + * BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck + * BUG/MEDIUM: server: initialize the idle conns list after parsing the config + * BUG/MEDIUM: spoe: initialization depending on nbthread must be done last + * BUG/MINOR: lua: initialize the correct idle conn lists for the SSL sockets + * BUG/MINOR: spoe: do not assume agent->rt is valid on exit + * DOC: ssl: Stop documenting ciphers example to use + * DOC: ssl: Clarify when pre TLSv1.3 cipher can be used + * [RELEASE] Released version 1.8.18 + * BUG/MINOR: config: make sure to count the error on incorrect track-sc/stick rules + * BUG/MAJOR: spoe: verify that backends used by SPOE cover all their callers' processes + * BUG/MAJOR: config: verify that targets of track-sc and stick rules are present + * BUG/MINOR: config: fix bind line thread mask validation + * BUG/MEDIUM: stream: Don't forget to free s->unique_id in stream_free(). + * BUG/MEDIUM: mux-h2: do not close the connection on aborted streams + * MINOR: connstream: have a new flag CS_FL_KILL_CONN to kill a connection + * MINOR: stream-int: add a new flag to mention that we want the connection to be killed + * MINOR: stream-int: expand the flags to 32-bit + * BUG/MEDIUM: mux-h2: wait for the mux buffer to be empty before closing the connection + * BUG/MEDIUM: mux-h2: make sure never to send GOAWAY on too old streams + * BUG/MEDIUM: mux-h2: fix two half-closed to closed transitions + * BUG/MEDIUM: mux-h2: wake up flow-controlled streams on initial window update + * MINOR: xref: Add missing barriers. + * BUG/MINOR: stream: don't close the front connection when facing a backend error + * SCRIPTS: add the issue tracker URL to the announce script + * SCRIPTS: add the slack channel URL to the announce script + * BUG/MINOR: deinit: tcp_rep.inspect_rules not deinit, add to deinit + * BUG/MINOR: spoe: corrected fragmentation string size + * DOC: nbthread is no longer experimental. + * BUG/MINOR: hpack: return a compression error on invalid table size updates + * BUG/MINOR: mux-h2: make it possible to set the error code on an already closed stream + * BUG/MINOR: mux-h2: headers-type frames in HREM are always a connection error + * BUG/MINOR: mux-h2: CONTINUATION in closed state must always return GOAWAY + * MINOR: h2: declare new sets of frame types + * MINOR: h2: add a bit-based frame type representation + * DOC: mention the effect of nf_conntrack_tcp_loose on src/dst + * BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages + * BUG/MINOR: check: Wake the check task if the check is finished in wake_srv_chk() + * BUG/MINOR: server: don't always trust srv_check_health when loading a server state + * BUG/MINOR: stick_table: Prevent conn_cur from underflowing + * BUG/MINOR: backend: BE_LB_LKUP_CHTREE is a value, not a bit + * BUG/MINOR: backend: balance uri specific options were lost across defaults + * BUG/MINOR: backend: don't use url_param_name as a hint for BE_LB_ALGO_PH + * BUG/MEDIUM: ssl: missing allocation failure checks loading tls key file + * DOC: Be a bit more explicit about allow-0rtt security implications. + * BUG/MEDIUM: ssl: Disable anti-replay protection and set max data with 0RTT. + * BUG/MAJOR: cache: fix confusion between zero and uninitialized cache key + * DOC: http-request cache-use / http-response cache-store expects cache name + +--- Old: haproxy-1.8.17~git0.e89d25b2.tar.gz New: haproxy-1.8.19~git0.ebf033b4.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.KJJk9a/_old 2019-02-14 14:32:44.251669618 +0100 +++ /var/tmp/diff_new_pack.KJJk9a/_new 2019-02-14 14:32:44.251669618 +0100 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:1.8.17~git0.e89d25b2 +Version:1.8.19~git0.ebf033b4 Release:0 # #
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2019-01-11 14:04:56 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.28833 (New) Package is "haproxy" Fri Jan 11 14:04:56 2019 rev:68 rq:664293 version:1.8.17~git0.e89d25b2 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-12-18 15:00:13.386085808 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new.28833/haproxy.changes 2019-01-11 14:05:24.199805224 +0100 @@ -1,0 +2,20 @@ +Thu Jan 10 08:42:33 UTC 2019 - kgronl...@suse.com + +- Update to version 1.8.17~git0.e89d25b2 (bsc#1121283) (CVE-2018-20615): + * BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used + * BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred + * BUG/MINOR: lua: bad args are returned for Lua actions + * BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything + * BUG/MEDIUM: cli: make "show sess" really thread-safe + * MINOR: stream/cli: report more info about the HTTP messages on "show sess all" + * MINOR: stream/cli: fix the location of the waiting flag in "show sess all" + * MINOR: lb: allow redispatch when using consistent hash + * BUG/MEDIUM: server: Also copy "check-sni" for server templates. + * BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max + * MINOR: mux-h2: only increase the connection window with the first update + * BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() + * BUG/MEDIUM: dns: overflowed dns name start position causing invalid dns error + * BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload in dns_validate_response() + * BUG/MINOR: logs: leave startup-logs global and not per-thread + +--- Old: haproxy-1.8.15~git0.6b6a350a.tar.gz New: haproxy-1.8.17~git0.e89d25b2.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.LbTRLE/_old 2019-01-11 14:05:24.831804588 +0100 +++ /var/tmp/diff_new_pack.LbTRLE/_new 2019-01-11 14:05:24.835804584 +0100 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:1.8.15~git0.6b6a350a +Version:1.8.17~git0.e89d25b2 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.LbTRLE/_old 2019-01-11 14:05:24.855804564 +0100 +++ /var/tmp/diff_new_pack.LbTRLE/_new 2019-01-11 14:05:24.855804564 +0100 @@ -6,7 +6,7 @@ @PARENT_TAG@~git@TAG_OFFSET@.%h v(.*) \1 -v1.8.15 +v1.8.17 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.LbTRLE/_old 2019-01-11 14:05:24.871804548 +0100 +++ /var/tmp/diff_new_pack.LbTRLE/_new 2019-01-11 14:05:24.871804548 +0100 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - 6b6a350afe3b08a1a60c80fe9120a1c9d10448ef \ No newline at end of file + e89d25b22da1eefa88ef5aa8ad6fa21e1bd4c801 \ No newline at end of file ++ haproxy-1.8.15~git0.6b6a350a.tar.gz -> haproxy-1.8.17~git0.e89d25b2.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.15~git0.6b6a350a/CHANGELOG new/haproxy-1.8.17~git0.e89d25b2/CHANGELOG --- old/haproxy-1.8.15~git0.6b6a350a/CHANGELOG 2018-12-13 00:59:21.0 +0100 +++ new/haproxy-1.8.17~git0.e89d25b2/CHANGELOG 2019-01-08 14:11:02.0 +0100 @@ -1,6 +1,25 @@ ChangeLog : === +2019/01/08 : 1.8.17 +- BUG/MAJOR: stream-int: Update the stream expiration date in stream_int_notify() +- MINOR: mux-h2: only increase the connection window with the first update +- BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than the max +- BUG/MEDIUM: server: Also copy "check-sni" for server templates. +- MINOR: lb: allow redispatch when using consistent hash +- MINOR: stream/cli: fix the location of the waiting flag in "show sess all" +- MINOR: stream/cli: report more info about the HTTP messages on "show sess all" +- BUG/MEDIUM: cli: make "show sess" really thread-safe +- BUG/MINOR: lua: Return an error if a legacy HTTP applet doesn't send anything +- BUG/MINOR: lua: bad args are returned for Lua actions +- BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred +- BUG/CRITICAL: mux-h2: re-check the frame length when PRIORITY is used + +2018/12/21 : 1.8.16 +- BUG/MINOR: logs: leave startup-logs global and not per-thread +- BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-12-18 14:58:57 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new.28833 (New) Package is "haproxy" Tue Dec 18 14:58:57 2018 rev:67 rq:658885 version:1.8.15~git0.6b6a350a Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-09-28 08:53:17.437738610 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new.28833/haproxy.changes 2018-12-18 15:00:13.386085808 +0100 @@ -1,0 +2,55 @@ +Mon Dec 17 09:42:18 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.15~git0.6b6a350a: (bsc#1119419) (CVE-2018-20103) (VUL-0) (bsc#1119368) (CVE-2018-20102) + * DOC: Update configuration doc about the maximum number of stick counters. + * BUG: dns: Fix off-by-one write in dns_validate_dns_response() + * BUG: dns: Fix out-of-bounds read via signedness error in dns_validate_dns_response() + * BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response() + * BUG: dns: Prevent out-of-bounds read in dns_read_name() + * BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name + * DOC: refer to check-sni in the documentation of sni + * DOC: clarify that check-sni needs an argument. + * MINOR: servers: Free [idle|safe|priv]_conns on exit. + * MINOR: stats: report the number of active jobs and listeners in "show info" + * BUG/MINOR: mux-h2: advertise a larger connection window size + * BUG/MINOR: mux-h2: refrain from muxing during the preface + * BUG/MINOR: hpack: fix off-by-one in header name encoding length calculation + * BUG/MEDIUM: sample: Don't treat SMP_T_METH as SMP_T_STR. + * BUG/MINOR: lb-map: fix unprotected update to server's score + * BUG/MINOR: cfgparse: Fix the call to post parser of the last sections parsed + * BUG/MINOR: cfgparse: Fix transition between 2 sections with the same name + * BUG/MINOR: ssl: ssl_sock_parse_clienthello ignores session id + * BUG/MEDIUM: hpack: fix encoding of "accept-ranges" field + * BUG/MINOR: config: Copy default error messages when parsing of a backend starts + * BUG/MEDIUM: Make sure stksess is properly aligned. + * BUG/MINOR: config: better detect the presence of the h2 pattern in npn/alpn + * BUG/MEDIUM: auth/threads: use of crypt() is not thread-safe + * BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer + * BUG/MINOR: only auto-prefer last server if lb-alg is non-deterministic + * BUG/MINOR: only mark connections private if NTLM is detected + * DOC: cache: Missing information about "total-max-size" + * BUG/MINOR: ssl: Wrong usage of shctx_init(). + * BUG/MINOR: cache: Wrong usage of shctx_init(). + * BUG/MINOR: cache: Crashes with "total-max-size" > 2047(MB). + * BUG/MEDIUM: h2: Close connection if no stream is left an GOAWAY was sent. + * BUG/MEDIUM: pools: Fix the usage of mmap()) with DEBUG_UAF. + * DOC: fix reference to map files in MAINTAINERS + * MINOR: peers: use defines instead of enums to appease clang. + * MINOR: cfgparse: Write 130 as 128 as 0x82 and 0x80. + * MINOR: server: Use memcpy() instead of strncpy(). + * CLEANUP: stick-tables: Remove unneeded double (()) around conditional clause + * MINOR: lua: all functions calling lua_yieldk() may return + * BUG/MEDIUM: threads: make sure threads_want_sync is marked volatile + * BUG/MEDIUM: threads: fix thread_release() at the end of the rendez-vous point + * BUG/MEDIUM: stream: don't crash on out-of-memory + * BUG/MEDIUM: mworker: segfault receiving SIGUSR1 followed by SIGTERM. + * BUG/MINOR: checks: queues null-deref + * BUG/MEDIUM: Cur/CumSslConns counters not threadsafe. + * MEDIUM: ssl: add support for ciphersuites option for TLSv1.3 + * BUG/MEDIUM: buffers: Make sure we don't wrap in buffer_insert_line2/replace2. + * BUG/MINOR: backend: check that the mux installed properly + * BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2 + * DOC: clarify force-private-cache is an option + * MINOR: threads: Make sure threads_sync_pipe is initialized before using it. + +--- Old: haproxy-1.8.14~git0.52e4d43b.tar.gz New: haproxy-1.8.15~git0.6b6a350a.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.HmCtcq/_old 2018-12-18 15:00:13.926084996 +0100 +++ /var/tmp/diff_new_pack.HmCtcq/_new 2018-12-18 15:00:13.930084991 +0100 @@ -47,7 +47,7 @@ %endif Name: haproxy -Version:1.8.14~git0.52e4d43b +Version:1.8.15~git0.6b6a350a Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.HmCtcq/_old 2018-12-18 15:00:13.958084948 +0100 +++
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-09-28 08:53:14 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Fri Sep 28 08:53:14 2018 rev:66 rq:638409 version:1.8.14~git0.52e4d43b Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-08-22 14:22:35.294669268 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-09-28 08:53:17.437738610 +0200 @@ -1,0 +2,68 @@ +Thu Sep 20 13:03:31 UTC 2018 - Marcus Rueckert + +- also fix the systemd case for the apparmor_reload change + +--- +Thu Sep 20 12:50:35 UTC 2018 - Marcus Rueckert + +- only reload the apparmor profile on newer distros, seems older + distros do not have apparmor-rpm-macros yet + +--- +Thu Sep 20 12:45:57 UTC 2018 - Marcus Rueckert + +- only use network namespaces on 12.x and newer, failed to build on + sle11 + +--- +Thu Sep 20 12:39:42 UTC 2018 - Marcus Rueckert + +- guard all parts referring to systemd to fix build on sle 11 + +--- +Thu Sep 20 12:34:47 UTC 2018 - mrueck...@suse.de + +- Update to version 1.8.14~git0.52e4d43b: (bsc#1108683) (CVE-2018-14645) + * [RELEASE] Released version 1.8.14 + * BUG/CRITICAL: hpack: fix improper sign check on the header index value + * BUG/MINOR: cli: make sure the "getsock" command is only called on connections + * BUG/MINOR: tools: fix set_net_port() / set_host_port() on IPv4 + * BUG/MEDIUM: patterns: fix possible double free when reloading a pattern list + * DOC: Fix typos in lua documentation + * BUG/MINOR: server: Crash when setting FQDN via CLI. + * BUG/MAJOR: kqueue: Don't reset the changes number by accident. + * BUG/MEDIUM: snapshot: take the proxy's lock while dumping errors + * BUG/MINOR: http/threads: atomically increment the error snapshot ID + * BUG/MINOR: dns: check and link servers' resolvers right after config parsing + * BUG/MEDIUM: h2: fix risk of memory leak on malformated wrapped frames + * BUG/MEDIUM: session: fix reporting of handshake processing time in the logs + * BUG/MINOR: stream: use atomic increments for the request counter + * MINOR: thread: implement HA_ATOMIC_XADD() + * BUG/MEDIUM: ECC cert should work with TLS < v1.2 and openssl >= 1.1.1 + * BUG/MEDIUM: dns/server: fix incomatibility between SRV resolution and server state file + * BUG/MEDIUM: hlua: Don't call RESET_SAFE_LJMP if SET_SAFE_LJMP returns 0. + * BUG/MAJOR: thread: lua: Wrong SSL context initialization. + * BUG/MEDIUM: hlua: Make sure we drain the output buffer when done. + * BUG/MEDIUM: lua: reset lua transaction between http requests + * BUG/MEDIUM: mux_pt: dereference the connection with care in mux_pt_wake() + * BUG/MINOR: lua: Bad HTTP client request duration. + * BUG/MEDIUM: unix: provide a ->drain() function + * DOC: Fix spelling error in configuration doc + * BUG/MEDIUM: cli/threads: protect some server commands against concurrent operations + * BUG/MEDIUM: cli/threads: protect all "proxy" commands against concurrent updates + * BUG/MEDIUM: lua: socket timeouts are not applied + * DOC: ssl: Use consistent naming for TLS protocols + * DOC: dns: explain set server ... fqdn requires resolver + * BUG/MINOR: map: fix map_regm with backref + * BUG/MEDIUM: ssl: loading dh param from certifile causes unpredictable error. + * BUG/MEDIUM: ssl: fix missing error loading a keytype cert from a bundle. + * BUG/MINOR: ssl: empty connections reported as errors. + * BUG/MEDIUM: cli: make "show fd" thread-safe + * MEDIUM: hathreads: implement a more flexible rendez-vous point + * BUG/MEDIUM: threads: fix the no-thread case after the change to the sync point + * MINOR: threads: add more consistency between certain variables in no-thread case + * BUG/MEDIUM: threads: fix the double CAS implementation for ARMv7 + * MINOR: threads: Introduce double-width CAS on x86_64 and arm. + * BUG/MEDIUM: lua: possible CLOSE-WAIT state with '\n' headers + +--- @@ -93 +161 @@ - * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) + * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) (CVE-2018-11469) Old: haproxy-1.8.13~git4.c1bfcd00.tar.gz New: haproxy-1.8.14~git0.52e4d43b.tar.gz Other differences: -- ++ haproxy.spec ++ ---
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-08-22 14:22:32
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Wed Aug 22 14:22:32 2018 rev:65 rq:630825 version:1.8.13~git4.c1bfcd00
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-08-18
00:06:26.891496554 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-08-22
14:22:35.294669268 +0200
@@ -1,0 +2,5 @@
+Fri Aug 17 11:41:35 UTC 2018 - kgronl...@suse.com
+
+- Require apparmor-abstractions to reduce dependencies (bsc#1100787)
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.A2otRQ/_old 2018-08-22 14:22:36.070671105 +0200
+++ /var/tmp/diff_new_pack.A2otRQ/_new 2018-08-22 14:22:36.070671105 +0200
@@ -46,8 +46,13 @@
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with apparmor}
+%if 0%{?suse_version} <= 1315
BuildRequires: apparmor-profiles
Requires: apparmor-profiles
+%else
+BuildRequires: apparmor-abstractions
+Requires: apparmor-abstractions
+%endif
%if 0%{?suse_version} >= 1315
BuildRequires: apparmor-rpm-macros
%endif
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-08-18 00:06:17 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Sat Aug 18 00:06:17 2018 rev:64 rq:629892 version:1.8.13~git4.c1bfcd00 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-07-06 10:48:20.434801390 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-08-18 00:06:26.891496554 +0200 @@ -1,0 +2,35 @@ +Thu Aug 16 07:08:12 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.13~git4.c1bfcd00: + * MINOR: dns: new DNS options to allow/prevent IP address duplication + * MINOR: dns: fix wrong score computation in dns_get_ip_from_response + * BUG/MEDIUM: queue: prevent a backup server from draining the proxy's connections + * BUG/MEDIUM: servers: check the queues once enabling a server + * MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed + * BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number + * MINOR: threads: move "nbthread" parsing to hathreads.c + * BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS + * BUG/MINOR: threads: Handle nbthread == MAX_THREADS. + * BUG/MINOR: config: stick-table is not supported in defaults section + * BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever + * BUG/MEDIUM: threads/sync: use sched_yield when available + * BUG/MINOR: servers: Don't make "server" in a frontend fatal. + * BUG/MEDIUM: stats: don't ask for more data as long as we're responding + * BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full + * MINOR: h2: add the error code and the max/last stream IDs to "show fd" + * BUG/MEDIUM: threads: Fix the exit condition of the thread barrier + * MINOR: debug: Add checks for conn_stream flags + * MINOR: debug: Add check for CO_FL_WILL_UPDATE + * BUG/MINOR: http: Set brackets for the unlikely macro at the right place + * BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout + * BUG/MEDIUM: h2: never leave pending data in the output buffer on close + * BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess + * MINOR: h2: add the mux and demux buffer lengths on "show fd" + * MINOR: h2: keep a count of the number of conn_streams attached to the mux + * BUG/MINOR: h2: remove accidental debug code introduced with show_fd function + * MINOR: h2: implement a basic "show_fd" function + * MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" + * BUG/MINOR: ssl: properly ref-count the tls_keys entries + * MINOR: systemd: consider exit status 143 as successful + +--- Old: haproxy-1.8.12~git0.8a200c71.tar.gz New: haproxy-1.8.13~git4.c1bfcd00.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.89jpTK/_old 2018-08-18 00:06:27.495498364 +0200 +++ /var/tmp/diff_new_pack.89jpTK/_new 2018-08-18 00:06:27.499498376 +0200 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.12~git0.8a200c71 +Version:1.8.13~git4.c1bfcd00 Release:0 # # ++ _servicedata ++ --- /var/tmp/diff_new_pack.89jpTK/_old 2018-08-18 00:06:27.539498495 +0200 +++ /var/tmp/diff_new_pack.89jpTK/_new 2018-08-18 00:06:27.539498495 +0200 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - 8a200c71bd0848752b71a1aed5727563962b3a1a \ No newline at end of file + c1bfcd002f54d1d84a99282d13f875c2649f3d70 \ No newline at end of file ++ haproxy-1.8.12~git0.8a200c71.tar.gz -> haproxy-1.8.13~git4.c1bfcd00.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.12~git0.8a200c71/CHANGELOG new/haproxy-1.8.13~git4.c1bfcd00/CHANGELOG --- old/haproxy-1.8.12~git0.8a200c71/CHANGELOG 2018-06-27 16:27:32.0 +0200 +++ new/haproxy-1.8.13~git4.c1bfcd00/CHANGELOG 2018-08-09 05:59:42.0 +0200 @@ -1,6 +1,36 @@ ChangeLog : === +2018/07/30 : 1.8.13 +- MINOR: systemd: consider exit status 143 as successful +- BUG/MINOR: ssl: properly ref-count the tls_keys entries +- MINOR: mux: add a "show_fd" function to dump debugging information for "show fd" +- MINOR: h2: implement a basic "show_fd" function +- BUG/MINOR: h2: remove accidental debug code introduced with show_fd function +- MINOR: h2: keep a
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-07-06 10:47:48 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Fri Jul 6 10:47:48 2018 rev:63 rq:621110 version:1.8.12~git0.8a200c71 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-06-27 10:21:32.323781056 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-07-06 10:48:20.434801390 +0200 @@ -1,0 +2,14 @@ +Wed Jun 27 17:33:49 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.12~git0.8a200c71: + * MINOR: stick-tables: make stktable_release() do nothing on NULL + * BUG/MAJOR: stick_table: Complete incomplete SEGV fix + +--- +Wed Jun 27 08:36:29 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.11~git0.1d6ef58d: + * BUG/BUILD: threads: unbreak build without threads + * BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table + +--- Old: haproxy-1.8.10~git0.ec17d7a9.tar.gz New: haproxy-1.8.12~git0.8a200c71.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.XRT4G5/_old 2018-07-06 10:48:21.018800693 +0200 +++ /var/tmp/diff_new_pack.XRT4G5/_new 2018-07-06 10:48:21.018800693 +0200 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.10~git0.ec17d7a9 +Version:1.8.12~git0.8a200c71 Release:0 # # ++ _servicedata ++ --- /var/tmp/diff_new_pack.XRT4G5/_old 2018-07-06 10:48:21.046800660 +0200 +++ /var/tmp/diff_new_pack.XRT4G5/_new 2018-07-06 10:48:21.046800660 +0200 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - ec17d7a98f30326918219ba876fcfc56f6ad6823 \ No newline at end of file + 8a200c71bd0848752b71a1aed5727563962b3a1a \ No newline at end of file ++ haproxy-1.8.10~git0.ec17d7a9.tar.gz -> haproxy-1.8.12~git0.8a200c71.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG new/haproxy-1.8.12~git0.8a200c71/CHANGELOG --- old/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG 2018-06-22 15:58:22.0 +0200 +++ new/haproxy-1.8.12~git0.8a200c71/CHANGELOG 2018-06-27 16:27:32.0 +0200 @@ -1,6 +1,14 @@ ChangeLog : === +2018/06/27 : 1.8.12 +- BUG/MAJOR: stick_table: Complete incomplete SEGV fix +- MINOR: stick-tables: make stktable_release() do nothing on NULL + +2018/06/26 : 1.8.11 +- BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table +- BUG/BUILD: threads: unbreak build without threads + 2018/06/22 : 1.8.10 - BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. - BUG/MEDIUM: spoe: Flags are not encoded in network order diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.10~git0.ec17d7a9/README new/haproxy-1.8.12~git0.8a200c71/README --- old/haproxy-1.8.10~git0.ec17d7a9/README 2018-06-22 15:58:22.0 +0200 +++ new/haproxy-1.8.12~git0.8a200c71/README 2018-06-27 16:27:32.0 +0200 @@ -3,7 +3,7 @@ -- version 1.8 willy tarreau - 2018/06/22 + 2018/06/27 1) How to build it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.10~git0.ec17d7a9/VERDATE new/haproxy-1.8.12~git0.8a200c71/VERDATE --- old/haproxy-1.8.10~git0.ec17d7a9/VERDATE2018-06-22 15:58:22.0 +0200 +++ new/haproxy-1.8.12~git0.8a200c71/VERDATE2018-06-27 16:27:32.0 +0200 @@ -1,2 +1,2 @@ $Format:%ci$ -2018/06/22 +2018/06/27 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.10~git0.ec17d7a9/VERSION new/haproxy-1.8.12~git0.8a200c71/VERSION --- old/haproxy-1.8.10~git0.ec17d7a9/VERSION2018-06-22 15:58:22.0 +0200 +++ new/haproxy-1.8.12~git0.8a200c71/VERSION2018-06-27 16:27:32.0 +0200 @@ -1 +1 @@ -1.8.10 +1.8.12 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.10~git0.ec17d7a9/doc/configuration.txt new/haproxy-1.8.12~git0.8a200c71/doc/configuration.txt ---
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-06-27 10:21:30
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Wed Jun 27 10:21:30 2018 rev:62 rq:618961 version:1.8.10~git0.ec17d7a9
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-05-29
16:53:36.352880201 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-06-27
10:21:32.323781056 +0200
@@ -1,0 +2,34 @@
+Mon Jun 25 05:16:57 UTC 2018 - kgronl...@suse.com
+
+- Update to version 1.8.10~git0.ec17d7a9:
+ * MINOR: threads: Be sure to remove threads from all_threads_mask on exit
+ * BUG/MEDIUM: threads: Use the sync point to check active jobs and exit
+ * BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
+ * BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
+ * BUG/MAJOR: ssl: Random crash with cipherlist capture
+ * BUG/MINOR: lua: Segfaults with wrong usage of types.
+ * BUG/MAJOR: map: fix a segfault when using http-request set-map
+ * MINOR: lua: Increase debug information
+ * BUG/MINOR: signals: ha_sigmask macro for multithreading
+ * BUG/MINOR: don't ignore SIG{BUS,FPE,ILL,SEGV} during signal processing
+ * BUG/MEDIUM: threads: handle signal queue only in thread 0
+ * BUG/MINOR: unix: Make sure we can transfer abns sockets on seamless reload.
+ * BUG/MINOR: contrib/modsecurity: update pointer on the end of the frame
+ * BUG/MINOR: contrib/mod_defender: update pointer on the end of the frame
+ * BUG/MINOR: contrib/modsecurity: Don't reset the status code during
disconnect
+ * BUG/MINOR: contrib/mod_defender: Don't reset the status code during
disconnect
+ * BUG/MINOR: contrib/spoa_example: Don't reset the status code during
disconnect
+ * MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
+ * BUG/MEDIUM: lua/socket: Buffer error, may segfault
+ * BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
+ * BUG/MEDIUM: lua/socket: Notification error
+ * BUG/MAJOR: lua: Dead lock with sockets
+ * BUG/MEDIUM: lua/socket: wrong scheduling for sockets
+ * MINOR: task/notification: Is notifications registered ?
+ * BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync
mode
+ * BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
+ * BUG/MEDIUM: lua/socket: Length required read doesn't work
+ * BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
+ * BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
+
+---
Old:
haproxy-1.8.9~git9.6d82e611.tar.gz
New:
haproxy-1.8.10~git0.ec17d7a9.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.mA7fTx/_old 2018-06-27 10:21:32.975757276 +0200
+++ /var/tmp/diff_new_pack.mA7fTx/_new 2018-06-27 10:21:32.975757276 +0200
@@ -40,7 +40,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.8.9~git9.6d82e611
+Version:1.8.10~git0.ec17d7a9
Release:0
#
#
++ _servicedata ++
--- /var/tmp/diff_new_pack.mA7fTx/_old 2018-06-27 10:21:33.043754796 +0200
+++ /var/tmp/diff_new_pack.mA7fTx/_new 2018-06-27 10:21:33.047754651 +0200
@@ -5,4 +5,4 @@
http://git.haproxy.org/git/haproxy-1.7.git
640d526f8cdad00f7f5043b51f6a34f3f6ebb49f
http://git.haproxy.org/git/haproxy-1.8.git
- 6d82e6114f393a764aa5cf423bf3782e36cebe54
\ No newline at end of file
+ ec17d7a98f30326918219ba876fcfc56f6ad6823
\ No newline at end of file
++ haproxy-1.8.9~git9.6d82e611.tar.gz ->
haproxy-1.8.10~git0.ec17d7a9.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.8.9~git9.6d82e611/CHANGELOG
new/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG
--- old/haproxy-1.8.9~git9.6d82e611/CHANGELOG 2018-05-23 20:02:04.0
+0200
+++ new/haproxy-1.8.10~git0.ec17d7a9/CHANGELOG 2018-06-22 15:58:22.0
+0200
@@ -1,6 +1,48 @@
ChangeLog :
===
+2018/06/22 : 1.8.10
+- BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1
arguments.
+- BUG/MEDIUM: spoe: Flags are not encoded in network order
+- BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode
flags
+- BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
+- BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn
computation
+- BUG/MEDIUM: cache: don't cache when an Authorization header is present
+- BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-05-29 16:53:35 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Tue May 29 16:53:35 2018 rev:61 rq:612871 version:1.8.9~git9.6d82e611 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-05-08 13:38:45.978464236 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-05-29 16:53:36.352880201 +0200 @@ -1,0 +2,32 @@ +Tue May 29 07:09:26 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.9~git9.6d82e611: + * BUG/MEDIUM: cache: don't cache when an Authorization header is present (VUL-1) (bsc#1094846) + * BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure. + * BUG/MINOR: ssl/lua: prevent lua from affecting automatic maxconn computation + * BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags + * BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags + * BUG/MEDIUM: spoe: Flags are not encoded in network order + * BUG/MINOR: lua: Socket.send threw runtime error: 'close' needs 1 arguments. + * BUG/MINOR: spoe: Mistake in error message about SPOE configuration + * BUG/MEDIUM: ssl: properly protect SSL cert generation + * BUG/MEDIUM: pollers: Use a global list for fd shared between threads. + * BUG/MEDIUM: http: don't always abort transfers on CF_SHUTR + * BUG/MINOR: lua: ensure large proxy IDs can be represented + * BUG/MINOR: lua: schedule socket task upon lua connect() + * BUG/MEDIUM: task: Don't free a task that is about to be run. + * BUG/MINOR: map: correctly track reference to the last ref_elt being dumped + * DOC/MINOR: clean up LUA documentation re: servers & array/table. + * BUG/MINOR: lua: Put tasks to sleep when waiting for data + * BUG/MEDIUM: threads: Fix the sync point for more than 32 threads + * BUG/MINOR: checks: Fix check->health computation for flapping servers + * BUG/MINOR: config: disable http-reuse on TCP proxies + * BUG/MINOR: lua/threads: Make lua's tasks sticky to the current thread + * BUG/MEDIUM: h2: implement missing support for chunked encoded uploads + * MINOR: h2: detect presence of CONNECT and/or content-length + * BUG/MEDIUM: lua: Fix segmentation fault if a Lua task exits + * BUG/MINOR: log: t_idle (%Ti) is not set for some requests + * BUG/MAJOR: channel: Fix crash when trying to read from a closed socket + * BUG/MINOR: pattern: Add a missing HA_SPIN_INIT() in pat_ref_newid() + +--- Old: haproxy-1.8.8.tar.gz New: haproxy-1.8.9~git9.6d82e611.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.xM8GFf/_old 2018-05-29 16:53:38.124815011 +0200 +++ /var/tmp/diff_new_pack.xM8GFf/_new 2018-05-29 16:53:38.128814863 +0200 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.8 +Version:1.8.9~git9.6d82e611 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.xM8GFf/_old 2018-05-29 16:53:38.172813245 +0200 +++ /var/tmp/diff_new_pack.xM8GFf/_new 2018-05-29 16:53:38.172813245 +0200 @@ -3,8 +3,10 @@ http://git.haproxy.org/git/haproxy-1.8.git git haproxy -1.8.8 -v1.8.8 +@PARENT_TAG@~git@TAG_OFFSET@.%h +v(.*) +\1 +master enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.xM8GFf/_old 2018-05-29 16:53:38.200812214 +0200 +++ /var/tmp/diff_new_pack.xM8GFf/_new 2018-05-29 16:53:38.200812214 +0200 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - cd117685f0cff4f2f5577ef6a21eaae96ebd9f28 \ No newline at end of file + 6d82e6114f393a764aa5cf423bf3782e36cebe54 \ No newline at end of file
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-05-08 13:38:45 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Tue May 8 13:38:45 2018 rev:60 rq:605117 version:1.8.8 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-03-28 10:30:01.491972780 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-05-08 13:38:45.978464236 +0200 @@ -1,0 +2,44 @@ +Mon May 07 12:57:54 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.8: + * BUG/CRITICAL: h2: fix incorrect frame length check (VUL-0) (bsc#1089837) + * MINOR: cli: Ensure the CLI always outputs an error when it should + * BUG/MINOR: cli: Guard against NULL messages when using CLI_ST_PRINT_FREE + * BUG/MEDIUM: kqueue: When adding new events, provide an output to get errors. + * BUG/MINOR: http: Return an error in proxy mode when url2sa fails + * BUG/MEDIUM: connection: Make sure we have a mux before calling detach(). + * BUG/MEDIUM: threads: Fix the max/min calculation because of name clashes + +--- +Sat Apr 07 00:15:13 UTC 2018 - mrueck...@suse.de + +- Update to version 1.8.7: + * [RELEASE] Released version 1.8.7 + * MINOR: servers: Support alphanumeric characters for the server templates names + * BUG/MAJOR: cache: always initialize newly created objects + * [RELEASE] Released version 1.8.6 + * BUG/MINOR: spoe: Don't release the context buffer in .check_timeouts callbaclk + * BUG/MINOR: spoe: Initialize variables used during conf parsing before any check + * BUG/MAJOR: cache: fix random crashes caused by incorrect delete() on non-first blocks + * BUG/MINOR: fd: Don't clear the update_mask in fd_insert. + * BUG/MINOR: cache: fix "show cache" output + * BUG/MINOR: email-alert: Set the mailer port during alert initialization + * BUG/MINOR: checks: check the conn_stream's readiness and not the connection + * BUG/MEDIUM: h2: always add a stream to the send or fctl list when blocked + * BUILD/MINOR: threads: always export thread_sync_io_handler() + * BUG/MEDIUM: h2: don't consider pending data on detach if connection is in error + * BUG/MEDIUM: h2/threads: never release the task outside of the task handler + * MINOR: h2: fuse h2s_detach() and h2s_free() into h2s_destroy() + * MINOR: h2: always call h2s_detach() in h2_detach() + * BUG/MAJOR: h2: remove orphaned streams from the send list before closing + * MINOR: h2: provide and use h2s_detach() and h2s_free() + * CLEANUP: h2: rename misleading h2c_stream_close() to h2s_close() + * BUG/MINOR: hpack: fix harmless use of uninitialized value in hpack_dht_insert + * BUILD/MINOR: cli: fix a build warning introduced by last commit + * MINOR: cli: make "show fd" report the mux and mux_ctx pointers when available + * MINOR: cli/threads: make "show fd" report thread_sync_io_handler instead of "unknown" + * BUILD/MINOR: fix build when USE_THREAD is not defined + * BUG/MINOR: lua funtion hlua_socket_settimeout don't check negative values + * BUG/MINOR: lua: the function returns anything + +--- Old: haproxy-1.8.5.tar.gz New: haproxy-1.8.8.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.PwITkv/_old 2018-05-08 13:38:46.746436516 +0200 +++ /var/tmp/diff_new_pack.PwITkv/_new 2018-05-08 13:38:46.750436372 +0200 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.5 +Version:1.8.8 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.PwITkv/_old 2018-05-08 13:38:46.790434928 +0200 +++ /var/tmp/diff_new_pack.PwITkv/_new 2018-05-08 13:38:46.790434928 +0200 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.8.git git haproxy -1.8.5 -v1.8.5 +1.8.8 +v1.8.8 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.PwITkv/_old 2018-05-08 13:38:46.814434062 +0200 +++ /var/tmp/diff_new_pack.PwITkv/_new 2018-05-08 13:38:46.818433918 +0200 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - 9a083d1428b655c0079b4355d764cc08d66757f2 \ No newline at end of file + cd117685f0cff4f2f5577ef6a21eaae96ebd9f28 \ No newline at end of file ++ haproxy-1.8.5.tar.gz -> haproxy-1.8.8.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.5/CHANGELOG
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-03-28 10:29:54 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Wed Mar 28 10:29:54 2018 rev:59 rq:590972 version:1.8.5 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-03-11 15:25:04.019611972 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-03-28 10:30:01.491972780 +0200 @@ -1,0 +2,49 @@ +Mon Mar 26 06:53:19 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.5: + * BUG/MINOR: listener: Don't decrease actconn twice when a new session is rejected + * BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an RST_STREAM + * BUG/MEDIUM: h2: properly account for DATA padding in flow control + * DOC: don't suggest using http-server-close + * DOC: log: more than 2 log servers are allowed + * BUILD/BUG: enable -fno-strict-overflow by default + * MINOR: log: stop emitting alerts when it's not possible to write on the socket + * BUG/MEDIUM: threads/queue: wake up other threads upon dequeue + * BUG/MINOR: tcp-check: use the server's service port as a fallback + * BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers + * BUG/MINOR: lua: return bad error messages + * BUG/MINOR: spoa-example: unexpected behavior for more than 127 args + * BUG/MINOR: cli: Fix a crash when sending a command with too many arguments + * BUG/MINOR: seemless reload: Fix crash when an interface is specified. + * BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically + * BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues management + * BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily disabled + * BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is stopping + * BUG/MINOR: force-persist and ignore-persist only apply to backends + * BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc + * BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage + * BUG/MINOR: cli: Fix a crash when passing a negative or too large value to "show fd" + * BUG/MEDIUM: h2: also arm the h2 timeout when sending + * BUG/MINOR: unix: Don't mess up when removing the socket from the xfer_sock_list. + * BUG/MINOR: session: Fix tcp-request session failure if handshake. + * MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file + * MINOR: systemd: Add SystemD's Protect*= options to the unit file + * MINOR: systemd: Add section for SystemD sandboxing to unit file + * BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk + * BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk + * BUG/MEDIUM: h2: always consume any trailing data after end of output buffers + * MINOR: stats: display the number of threads in the statistics. + * BUG/MINOR: h2: Set the target of dbuf_wait to h2c + * MINOR: debug/pools: make DEBUG_UAF also detect underflows + * BUG/MINOR: debug/pools: properly handle out-of-memory when building with DEBUG_UAF + * DOC: cfgparse: Warn on option (tcp|http)log in backend + * DOC: lua: new prototype for function "register_action()" + * BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. + * BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as possible + * BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files thread-safe + * BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st + * BUG/MEDIUM: ssl: Shutdown the connection for reading on SSL_ERROR_SYSCALL + * BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. + * BUG/MINOR: threads: fix missing thread lock labels for 1.8 + +--- Old: haproxy-1.8.4.tar.gz New: haproxy-1.8.5.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.Y1shwG/_old 2018-03-28 10:30:03.271908769 +0200 +++ /var/tmp/diff_new_pack.Y1shwG/_new 2018-03-28 10:30:03.275908625 +0200 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.4 +Version:1.8.5 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.Y1shwG/_old 2018-03-28 10:30:03.351905892 +0200 +++ /var/tmp/diff_new_pack.Y1shwG/_new 2018-03-28 10:30:03.367905317 +0200 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.8.git git haproxy -1.8.4 -v1.8.4 +1.8.5 +v1.8.5 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.Y1shwG/_old 2018-03-28 10:30:03.571897981 +0200 +++ /var/tmp/diff_new_pack.Y1shwG/_new 2018-03-28 10:30:03.587897405
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-03-11 15:25:02
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Sun Mar 11 15:25:02 2018 rev:58 rq:584998 version:1.8.4
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-03-07
10:40:08.742644212 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-03-11
15:25:04.019611972 +0100
@@ -1,0 +2,6 @@
+Thu Mar 8 19:19:06 UTC 2018 - mrueck...@suse.de
+
+- if we lock down the permissions the home directory has to be
+ owned by haproxy (bsc#1077716)
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.eSnLKJ/_old 2018-03-11 15:25:05.195569786 +0100
+++ /var/tmp/diff_new_pack.eSnLKJ/_new 2018-03-11 15:25:05.195569786 +0100
@@ -226,7 +226,7 @@
%{_sbindir}/haproxy
%{_sbindir}/haproxy-halog
%{_sbindir}/rchaproxy
-%{pkg_home}
+%dir %attr(-,root,haproxy) %{pkg_home}
%{_mandir}/man1/%{pkg_name}.1.gz
%{vim_data_dir}/syntax/%{pkg_name}.vim
%if %{with apparmor}
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-03-07 10:40:00
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Wed Mar 7 10:40:00 2018 rev:57 rq:583731 version:1.8.4
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-03-04
12:53:11.858292996 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-03-07
10:40:08.742644212 +0100
@@ -1,0 +2,6 @@
+Sun Mar 4 08:36:21 UTC 2018 - jeng...@inai.de
+
+- Avoid %__-type macro indirections. Remove redundant %clean
+ section. Do not ignore errors from useradd.
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.FbCmhP/_old 2018-03-07 10:40:09.698609731 +0100
+++ /var/tmp/diff_new_pack.FbCmhP/_new 2018-03-07 10:40:09.702609586 +0100
@@ -114,7 +114,7 @@
%patch3
%build
-%{__make} \
+make \
TARGET=linux2628 \
CPU="%{_target_cpu}" \
USE_PCRE=1 \
@@ -160,7 +160,7 @@
ln -sf /sbin/service %{buildroot}%{_sbindir}/rc%{pkg_name}
%else
install -D -m 0755 %{S:1}
%{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
-%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name}
%{buildroot}%{_sbindir}/rc%{pkg_name}
+ln -fs %{_sysconfdir}/init.d/%{pkg_name} %{buildroot}%{_sbindir}/rc%{pkg_name}
%endif
install -d -m 0750 %{buildroot}%{pkg_home}
@@ -173,14 +173,11 @@
rm examples/haproxy.spec examples/*init* examples/haproxy.vim
-%if 0%{?suse_version} < 1230
-%clean
-%{?buildroot:%{__rm} -rf %{buildroot}}
-%endif
-
%pre
-/usr/sbin/groupadd -r %{pkg_name} >/dev/null 2>&1 ||:
-/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c "user for %{pkg_name}"
-d %{pkg_home} %{pkg_name} >/dev/null 2>&1 || :
+getent group %{pkg_name} >/dev/null || /usr/sbin/groupadd -r %{pkg_name}
+getent passwd %{pkg_name} >/dev/null || \
+ /usr/sbin/useradd -g %{pkg_name} -s /bin/false -r \
+ -c "user for %{pkg_name}" -d %{pkg_home} %{pkg_name}
%if %{with systemd}
%service_add_pre %{pkg_name}.service
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2018-03-04 12:52:48
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Sun Mar 4 12:52:48 2018 rev:56 rq:582332 version:1.8.4
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-02-09
15:51:23.679098193 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-03-04
12:53:11.858292996 +0100
@@ -1,0 +2,5 @@
+Fri Mar 2 16:37:25 UTC 2018 - kgronl...@suse.com
+
+- Ensure haproxy home directory is not world readable (bsc#1077716)
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.fJ8MAE/_old 2018-03-04 12:53:12.466270842 +0100
+++ /var/tmp/diff_new_pack.fJ8MAE/_new 2018-03-04 12:53:12.470270696 +0100
@@ -163,7 +163,7 @@
%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name}
%{buildroot}%{_sbindir}/rc%{pkg_name}
%endif
-install -d -m 0755 %{buildroot}%{pkg_home}
+install -d -m 0750 %{buildroot}%{pkg_home}
install -D -m 0644 examples/haproxy.vim
%{buildroot}%{vim_data_dir}/syntax/%{pkg_name}.vim
install -D -m 0644 doc/%{pkg_name}.1
%{buildroot}%{_mandir}/man1/%{pkg_name}.1
%if %{with apparmor}
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-02-09 15:51:18 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Fri Feb 9 15:51:18 2018 rev:55 rq:574250 version:1.8.4 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2018-01-17 21:57:17.878063647 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-02-09 15:51:23.679098193 +0100 @@ -1,0 +2,59 @@ +Thu Feb 08 13:15:17 UTC 2018 - kgronl...@suse.com + +- Update to version 1.8.4 (bsc#1080069): + * BUG/MINOR: config: don't emit a warning when global stats is incompletely configured + * DOC: Mention -Ws in the list of available options + * DOC: Describe routing impact of using interface keyword on bind lines + * MINOR: init: emit warning when -sf/-sd cannot parse argument + * BUG/MEDIUM: standard: Fix memory leak in str2ip2() + * BUG/MINOR: time/threads: ensure the adjusted time is always correct + * BUG/MEDIUM: spoe: Allow producer to read and to forward shutdown on request side + * BUG/MEDIUM: spoe: Always try to receive or send the frame to detect shutdowns + * BUG/MINOR: epoll/threads: only call epoll_ctl(DEL) on polled FDs + * BUG/MINOR: threads: Update labels array because of changes in lock_label enum + * BUG/MINOR: cli: use global.maxsock and not maxfd to list all FDs + * CLEANUP: Fix typo in ARGT_MSK6 comment + * BUG/MINOR: sample: Fix output type of c_ipv62ip + * CLEANUP: sample: Fix outdated comment about sample casts functions + * CLEANUP: sample: Fix comment encoding of sample.c + * BUILD: kqueue/threads: Add test on MAX_THREADS to avoid warnings when complied without threads + * BUILD: epoll/threads: Add test on MAX_THREADS to avoid warnings when complied without threads + * MINOR: threads: Use __decl_hathreads instead of #ifdef/#endif + * BUG/MINOR: kqueue/threads: Don't forget to close kqueue_fd[tid] on each thread + * BUG/MEDIUM: checks: Don't try to release undefined conn_stream when a check is freed + * BUG/MEDIUM: threads/server: Fix deadlock in srv_set_stopping/srv_set_admin_flag + * BUG/MINOR: threads: always set an owner to the thread_sync pipe + * MINOR: threads: Fix build when we're not compiling with threads. + * BUG/MINOR: mworker: only write to pidfile if it exists + * BUG/MEDIUM: threads/mworker: fix a race on startup + * BUG/MEDIUM: kqueue/threads: use one kqueue_fd per thread + * BUG/MEDIUM: epoll/threads: use one epoll_fd per thread + * MINOR: fd: add a bitmask to indicate that an FD is known by the poller + * BUG/MEDIUM: fd: maintain a per-thread update mask + * BUG/MEDIUM: threads/polling: Use fd_cache_mask instead of fd_cache_num + * MINOR: threads/fd: Use a bitfield to know if there are FDs for a thread in the FD cache + * MINOR: global: add some global activity counters to help debugging + * MINOR: threads: add a MAX_THREADS define instead of LONGBITS + * MINOR: global/threads: move cpu_map at the end of the global struct + * MINOR: servers: Don't report duplicate dyncookies for disabled servers. + * BUG/MEDIUM: peers: fix expire date wasn't updated if entry is modified remotely. + * BUG/MINOR: poll: too large size allocation for FD events + * CONTRIB: debug: fix a few flags definitions + * DOC: clarify the scope of ssl_fc_is_resumed + * BUG/MEDIUM: stream: properly handle client aborts during redispatch + * BUILD/MINOR: ancient gcc versions atomic fix + * BUG/MEDIUM: mworker: execvp failure depending on argv[0] + * MINOR: dns: Handle SRV record weight correctly. + * BUG/MINOR: lua: Fix return value of Socket.settimeout + * BUG/MEDIUM: lua: Fix IPv6 with separate port support for Socket.connect + * DOC: lua: Fix typos in comments of hlua_socket_receive + * BUG/MINOR: lua: Fix default value for pattern in Socket.receive + * BUG/MEDIUM: ssl: cache doesn't release shctx blocks + * BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames + +--- +Thu Feb 8 07:21:58 UTC 2018 - kgronl...@suse.com + +- Add dependency on apparmor-profiles (bsc#1079985) + +--- Old: haproxy-1.8.3.tar.gz New: haproxy-1.8.4.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.vvza4t/_old 2018-02-09 15:51:24.927053371 +0100 +++ /var/tmp/diff_new_pack.vvza4t/_new 2018-02-09 15:51:24.931053228 +0100 @@ -40,13 +40,14 @@ %bcond_without apparmor Name: haproxy -Version:1.8.3 +Version:1.8.4 Release:0 # # BuildRoot:
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2018-01-17 21:57:09 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Wed Jan 17 21:57:09 2018 rev:54 rq:565889 version:1.8.3 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-12-05 01:30:32.324643232 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2018-01-17 21:57:17.878063647 +0100 @@ -1,0 +2,85 @@ +Sun Dec 31 02:26:13 UTC 2017 - mrueck...@suse.de + +- Update to version 1.8.3: + * [RELEASE] Released version 1.8.3 + * MEDIUM: h2: prepare a graceful shutdown when the frontend is stopped + * BUG/MAJOR: hpack: don't return direct references to the dynamic headers table + * BUG/MEDIUM: http: don't automatically forward request close + * MINOR: don't close stdio anymore + * BUG/MEDIUM: mworker: don't close stdio several time + * BUG/MEDIUM: h2: ensure we always know the stream before sending a reset + * DOC/MINOR: configuration: typo, formatting fixes + * BUG/MEDIUM: h2: improve handling of frames received on closed streams + * BUG/MEDIUM: h2: properly handle and report some stream errors + +--- +Sun Dec 24 23:30:31 UTC 2017 - mrueck...@suse.de + +- Update to version 1.8.2: + * [RELEASE] Released version 1.8.2 + * BUG/MEDIUM: checks: properly set servers to stopping state on 404 + * BUG/MAJOR: connection: refine the situations where we don't send shutw() + * BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie" + * BUG/MEDIUM: cache: respect the request cache-control header + * BUG/MEDIUM: cache: replace old object on store + * BUG/MEDIUM: cache: do not try to retrieve host-less requests from the cache + * MINOR: http: add a function to check request's cache-control header field + * BUG/MINOR: cache: do not force the TX_CACHEABLE flag before checking cacheability + * BUG/MINOR: http: properly detect max-age=0 and s-maxage=0 in responses + * BUG/MINOR: http: do not ignore cache-control: public + * MINOR: http: start to compute the transaction's cacheability from the request + * MINOR: http: update the list of cacheable status codes as per RFC7231 + * MINOR: http: adjust the list of supposedly cacheable methods + * BUG/MEDIUM: lua: fix crash when using bogus mode in register_service() + * BUG/MEDIUM: checks: a server passed in maint state was not forced down. + * MEDIUM: netscaler: add support for standard NetScaler CIP protocol + * MEDIUM: netscaler: do not analyze original IP packet size + * MINOR: netscaler: check in one-shot if buffer is large enough for IP and TCP header + * BUG/MEDIUM: stream: don't consider abortonclose on muxes which close cleanly + * MINOR: stream-int: set flag SI_FL_CLEAN_ABRT when mux supports clean aborts + * MINOR: mux: add flags to describe a mux's capabilities + * BUG/MINOR: h2: properly report a stream error on RST_STREAM + * CONTRIB: halog: Fix compiler warnings in halog.c + * CONTRIB: iprange: Fix compiler warning in iprange.c + * BUG/MAJOR: netscaler: address truncated CIP header detection + * BUG/MEDIUM: netscaler: use the appropriate IPv6 header size + * MINOR: netscaler: rename cip_len to clarify its uage + * MINOR: netscaler: remove the use of cip_magic only used once + * MINOR: netscaler: respect syntax + * DOC/MINOR: intro: typo, wording, formatting fixes + * BUG/MEDIUM: mworker: Set FD_CLOEXEC flag on log fd + * BUILD/MINOR: Makefile : enabling USE_CPU_AFFINITY + * BUG: MINOR: http: don't check http-request capture id when len is provided + * BUG: MAJOR: lb_map: server map calculation broken + * BUG/MINOR: stream-int: don't try to receive again after receiving an EOS + * BUG/MEDIUM: h2: fix stream limit enforcement + * BUG/MEDIUM: http: don't disable lingering on requests with tunnelled responses + * BUG/MEDIUM: h2: don't close after the first DATA frame on tunnelled responses + * BUG/MEDIUM: h2: don't switch the state to HREM before end of DATA frame + * MINOR: h2: don't demand that a DATA frame is complete before processing it + * BUG/MEDIUM: h2: support uploading partial DATA frames + * MINOR: h2: store the demux padding length in the h2c struct + * BUG/MEDIUM: h2: debug incoming traffic in h2_wake() + * BUG/MEDIUM: h2: work around a connection API limitation + * BUG/MEDIUM: h2: enable recv polling whenever demuxing is possible + * BUG/MEDIUM: h2: automatically set CS_FL_RCV_MORE when the output buffer is full + * BUG/MEDIUM: stream-int: always set SI_FL_WAIT_ROOM on CS_FL_RCV_MORE + * MINOR: conn_stream: add new flag CS_FL_RCV_MORE to indicate pending data + * BUG/MEDIUM: lua/notification: memory leak + * DOC: notifications: add precisions
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-12-05 01:30:30 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Tue Dec 5 01:30:30 2017 rev:53 rq:548086 version:1.8.1 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-11-29 10:54:39.184311592 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-12-05 01:30:32.324643232 +0100 @@ -1,0 +2,37 @@ +Mon Dec 04 10:33:40 UTC 2017 - kgronl...@suse.com + +- Update to version 1.8.1 (bsc#1069954): + * BUG/MAJOR: h2: correctly check the request length when building an H1 request + * BUG/MAJOR: thread: Be sure to request a sync between threads only once at a time + * BUG/MAJOR: thread/peers: fix deadlock on peers sync. + * BUG/MEDIUM: h2: do not accept upper case letters in request header names + * BUG/MEDIUM: h2: remove connection-specific headers from request + * BUG/MEDIUM: h2: enforce the per-connection stream limit + * BUG/MEDIUM: checks: Be sure we have a mux if we created a cs. + * BUG/MEDIUM: peers: fix some track counter rules dont register entries for sync. + * BUG/MEDIUM: h2: don't report an error after parsing a 100-continue response + * BUG/MEDIUM: threads/peers: decrement, not increment jobs on quitting + * BUG/MEDIUM: stream: fix session leak on applet-initiated connections + * BUG/MEDIUM: cache: bad computation of the remaining size + * BUG/MEDIUM: ssl: don't allocate shctx several time + * BUG/MEDIUM: tcp-check: Don't lock the server in tcpcheck_main + * BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. + * BUG/MINOR: h2: use the H2_F_DATA_* macros for DATA frames + * BUG/MINOR: h2: reject response pseudo-headers from requests + * BUG/MINOR: h2: properly check PRIORITY frames + * BUG/MINOR: h2: reject incorrect stream dependencies on HEADERS frame + * BUG/MINOR: h2: do not accept SETTINGS_ENABLE_PUSH other than 0 or 1 + * BUG/MINOR: h2: the TE header if present may only contain trailers + * BUG/MINOR: h2: fix a typo causing PING/ACK to be responded to + * BUG/MINOR: h2: ":path" must not be empty + * BUG/MINOR: h2: try to abort closed streams as soon as possible + * BUG/MINOR: h2: immediately close if receiving GOAWAY after the last stream + * BUG/MINOR: hpack: dynamic table size updates are only allowed before headers + * BUG/MINOR: hpack: reject invalid header index + * BUG/MINOR: hpack: must reject huffman literals padded with more than 7 bits + * BUG/MINOR: hpack: fix debugging output of pseudo header names + * BUG/MINOR: mworker: detach from tty when in daemon mode + * BUG/MINOR: mworker: fix validity check for the pipe FDs + * BUG/MINOR: ssl: CO_FL_EARLY_DATA removal is managed by stream + +--- Old: haproxy-1.8.0.tar.gz New: haproxy-1.8.1.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.HWnwbk/_old 2017-12-05 01:30:33.336606468 +0100 +++ /var/tmp/diff_new_pack.HWnwbk/_new 2017-12-05 01:30:33.336606468 +0100 @@ -40,7 +40,7 @@ %bcond_without apparmor Name: haproxy -Version:1.8.0 +Version:1.8.1 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.HWnwbk/_old 2017-12-05 01:30:33.392604434 +0100 +++ /var/tmp/diff_new_pack.HWnwbk/_new 2017-12-05 01:30:33.392604434 +0100 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.8.git git haproxy -1.8.0 -v1.8.0 +1.8.1 +v1.8.1 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.HWnwbk/_old 2017-12-05 01:30:33.436602835 +0100 +++ /var/tmp/diff_new_pack.HWnwbk/_new 2017-12-05 01:30:33.436602835 +0100 @@ -5,4 +5,4 @@ http://git.haproxy.org/git/haproxy-1.7.git 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f http://git.haproxy.org/git/haproxy-1.8.git - 0b78792bbe61fec420e4e7298d145ec7d498f8f2 \ No newline at end of file + bc1f797c2dcfe8a6b82697725e161f87b2d6c386 \ No newline at end of file ++ haproxy-1.8.0.tar.gz -> haproxy-1.8.1.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.8.0/CHANGELOG new/haproxy-1.8.1/CHANGELOG --- old/haproxy-1.8.0/CHANGELOG 2017-11-26 19:25:23.0 +0100 +++ new/haproxy-1.8.1/CHANGELOG 2017-12-03 22:19:05.0 +0100 @@ -1,6 +1,47 @@ ChangeLog : === +2017/12/03 : 1.8.1 +- BUG/MEDIUM: kqueue: Don't bother closing the kqueue after fork. +- DOC: cache: update sections and fix some typos +- BUILD/MINOR: deviceatlas: enable thread
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2017-11-29 10:54:23
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Wed Nov 29 10:54:23 2017 rev:52 rq:546232 version:1.8.0
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-08-24
18:56:08.485802338 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-11-29
10:54:39.184311592 +0100
@@ -1,0 +2,25 @@
+Tue Nov 28 13:54:07 UTC 2017 - kgronl...@suse.com
+
+- License is now GPL-3.0+ and LGPL-2.1+
+
+---
+Mon Nov 27 13:40:32 UTC 2017 - mrueck...@suse.de
+
+- [apparmor]: allow haproxy to restart itself. needed for seamless
+ restart. also reload the apparmor profile on update.
+
+---
+Mon Nov 27 13:31:07 UTC 2017 - mrueck...@suse.de
+
+- enable network namespaces on 42.3
+- Enabled systemd notify mode: new BR: pkgconfig(libsystemd)
+ This fixes problems with starting 1.8 on 42.3.
+- apply build option changes as adviced by upstream
+
+---
+Mon Nov 27 13:30:30 UTC 2017 - mrueck...@suse.de
+
+- Update to version 1.8.0 (bsc#1069954):
+ https://www.mail-archive.com/haproxy@formilux.org/msg28004.html
+
+---
Old:
haproxy-1.7.9.tar.gz
New:
haproxy-1.8.0.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.5OkK7L/_old 2017-11-29 10:54:40.416266896 +0100
+++ /var/tmp/diff_new_pack.5OkK7L/_new 2017-11-29 10:54:40.424266605 +0100
@@ -19,12 +19,11 @@
%bcond_with tcp_fast_open
%endif
+%bcond_without network_namespace
%if 0%{?suse_version} > 1320
%bcond_without lua
-%bcond_without network_namespace
%else
%bcond_with lua
-%bcond_with network_namespace
%endif
%if 0%{?suse_version} >= 1310
@@ -41,13 +40,16 @@
%bcond_without apparmor
Name: haproxy
-Version:1.7.9
+Version:1.8.0
Release:0
#
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with apparmor}
BuildRequires: apparmor-profiles
+%if 0%{?suse_version} >= 1315
+BuildRequires: apparmor-rpm-macros
+%endif
%endif
BuildRequires: libgcrypt-devel
%if %{with lua}
@@ -60,13 +62,14 @@
BuildRequires: udev
%if %{with systemd}
BuildRequires: pkgconfig(systemd)
+BuildRequires: pkgconfig(libsystemd)
%endif
BuildRequires: vim
%define pkg_name haproxy
%define pkg_home /var/lib/%{pkg_name}
#
Url:http://www.haproxy.org/
-Source:
http://www.haproxy.org/download/1.7/src/haproxy-%{version}.tar.gz
+Source:
http://www.haproxy.org/download/1.8/src/haproxy-%{version}.tar.gz
Source1:%{pkg_name}.init
Source2:usr.sbin.haproxy.apparmor
Source3:local.usr.sbin.haproxy.apparmor
@@ -78,7 +81,7 @@
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
-License:GPL-2.0+ and LGPL-2.1+
+License:GPL-3.0+ and LGPL-2.1+
Group: Productivity/Networking/Web/Proxy
Provides: %{name}-doc = %{version}
Obsoletes: %{name}-doc < %{version}
@@ -110,39 +113,32 @@
%build
%{__make} \
-TARGET=linux26 \
+TARGET=linux2628 \
CPU="%{_target_cpu}" \
USE_PCRE=1 \
%if %{with pcre_jit}
USE_PCRE_JIT=1 \
%endif
-USE_LIBCRYPT=1 \
-USE_OPENSSL=1 \
-USE_ZLIB=1 \
-USE_NETFILTER=1 \
+USE_PTHREAD_PSHARED=1 \
%ifarch %ix86
USE_REGPARM=1 \
%endif
-USE_PTHREAD_PSHARED=1 \
+USE_GETADDRINFO=1 \
+USE_OPENSSL=1 \
%if %{with lua}
USE_LUA=1 \
%endif
-USE_TPROXY=1 \
-USE_LINUX_TPROXY=1 \
-USE_LINUX_SPLICE=1 \
-USE_ACCEPT4=1 \
-USE_CPU_AFFINITY=1 \
-USE_GETADDRINFO=1 \
-USE_GETSOCKNAME=1 \
-USE_PIE=1 \
-USE_STACKPROTECTOR=1 \
-USE_RELRO_NOW=1 \
+USE_ZLIB=1 \
%if %{with tcp_fast_open}
USE_TFO=1 \
%endif
%if %{with network_namespace}
USE_NS=1 \
%endif
+USE_SYSTEMD=1 \
+USE_PIE=1 \
+USE_STACKPROTECTOR=1 \
+USE_RELRO_NOW=1 \
LIB="%{_lib}" \
PREFIX="%{_prefix}" \
DEBUG_CFLAGS="%{optflags}"
@@ -158,7 +154,6 @@
install -D -m 0755 contrib/halog/halog %{buildroot}%{_sbindir}/haproxy-halog
%if %{with systemd}
-install -D -m 0755 haproxy-systemd-wrapper
%{buildroot}%{_sbindir}/haproxy-systemd-wrapper
install -D -m 0644 contrib/systemd/%{pkg_name}.service
%{buildroot}%{_unitdir}/%{pkg_name}.service
ln -sf /sbin/service
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-08-24 18:55:41 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Thu Aug 24 18:55:41 2017 rev:51 rq:518364 version:1.7.9 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-08-10 14:11:41.279960693 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-08-24 18:56:08.485802338 +0200 @@ -1,0 +2,21 @@ +Wed Aug 23 06:52:05 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.9: + * BUG/MINOR: peers: peer synchronization issue (with several peers sections). + * BUG/MINOR: lua: In error case, the safe mode is not removed + * BUG/MINOR: lua: executes the function destroying the Lua session in safe mode + * BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted + * BUG/MEDIUM: lua: bad memory access + * DOC: update the list of OpenSSL versions in the README + * DOC: Updated 51Degrees git URL to point to a stable version. + * BUG/MINOR: http: Set the response error state in http_sync_res_state + * MINOR: http: Reorder/rewrite checks in http_resync_states + * MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags + * BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined + * BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state + * BUG/MINOR: lua: Fix Server.get_addr() port values + * BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() + * BUG/MINOR: lua: always detach the tcp/http tasks before freeing them + * BUG/MINOR: lua: Fix bitwise logic for hlua_server_check_* functions. + +--- Old: haproxy-1.7.8.tar.gz New: haproxy-1.7.9.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.VexKgf/_old 2017-08-24 18:56:09.205700972 +0200 +++ /var/tmp/diff_new_pack.VexKgf/_new 2017-08-24 18:56:09.209700409 +0200 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.7.8 +Version:1.7.9 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.VexKgf/_old 2017-08-24 18:56:09.265692525 +0200 +++ /var/tmp/diff_new_pack.VexKgf/_new 2017-08-24 18:56:09.269691961 +0200 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.7.git git haproxy -1.7.8 -v1.7.8 +1.7.9 +v1.7.9 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.VexKgf/_old 2017-08-24 18:56:09.305686893 +0200 +++ /var/tmp/diff_new_pack.VexKgf/_new 2017-08-24 18:56:09.305686893 +0200 @@ -3,4 +3,4 @@ http://git.haproxy.org/git/haproxy-1.6.git 864bf78c3b6898eb12ece5f0a44032090f26f57f http://git.haproxy.org/git/haproxy-1.7.git - 298376c4a77bae10aa6043cf1f8558001a004064 \ No newline at end of file + 640d526f8cdad00f7f5043b51f6a34f3f6ebb49f \ No newline at end of file ++ haproxy-1.7.8.tar.gz -> haproxy-1.7.9.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.7.8/CHANGELOG new/haproxy-1.7.9/CHANGELOG --- old/haproxy-1.7.8/CHANGELOG 2017-07-07 11:49:34.0 +0200 +++ new/haproxy-1.7.9/CHANGELOG 2017-08-18 08:33:20.0 +0200 @@ -1,6 +1,27 @@ ChangeLog : === +2017/08/18 : 1.7.9 +- BUG/MINOR: peers: peer synchronization issue (with several peers sections). +- BUG/MINOR: lua: In error case, the safe mode is not removed +- BUG/MINOR: lua: executes the function destroying the Lua session in safe mode +- BUG/MAJOR: lua/socket: resources not detroyed when the socket is aborted +- BUG/MEDIUM: lua: bad memory access +- DOC: update CONTRIBUTING regarding optional parts and message format +- DOC: update the list of OpenSSL versions in the README +- MINOR: tools: add a portable timegm() alternative +- BUILD: lua: replace timegm() with my_timegm() to fix build on Solaris 10 +- DOC: Updated 51Degrees git URL to point to a stable version. +- BUG/MINOR: http: Set the response error state in http_sync_res_state +- MINOR: http: Reorder/rewrite checks in http_resync_states +- MINOR: http: Switch requests/responses in TUNNEL mode only by checking txn flags +- BUG/MEDIUM: http: Switch HTTP responses in TUNNEL mode when body length is undefined +- BUG/MAJOR: http: Fix possible infinity loop in http_sync_(req|res)_state +- BUG/MINOR: lua: Fix Server.get_addr() port values +- BUG/MINOR: lua: Correctly use INET6_ADDRSTRLEN in Server.get_addr() +- BUG/MINOR: lua:
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-08-10 14:03:08 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Thu Aug 10 14:03:08 2017 rev:50 rq:510184 version:1.7.8 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-05-09 18:03:52.190788877 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-08-10 14:11:41.279960693 +0200 @@ -1,0 +2,63 @@ +Mon Jul 10 12:05:16 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.8: + * BUG/MINOR: stream: flag TASK_WOKEN_RES not set if task in runqueue + * BUG/MAJOR: cli: fix custom io_release was crushed by NULL. + * BUG/MAJOR: map: fix segfault during 'show map/acl' on cli. + * BUG/MAJOR: compression: Be sure to release the compression state in all cases + * DOC: fix references to the section about time format. + * BUG/MEDIUM: map/acl: fix unwanted flags inheritance. + * BUG/MINOR: stream: Don't forget to remove CF_WAKE_ONCE flag on response channel + * BUG/MINOR: http: Don't reset the transaction if there are still data to send + * BUG/MEDIUM: filters: Be sure to call flt_end_analyze for both channels + * BUG/MINOR: http: properly handle all 1xx informational responses + +--- +Mon Jul 10 12:05:07 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.7: + * BUG/MINOR: Wrong peer task expiration handling during synchronization processing. + * BUG/MEDIUM: http: Drop the connection establishment when a redirect is performed + * BUG/MEDIUM: cfgparse: Check if tune.http.maxhdr is in the range 1..32767 + * DOC: fix references to the section about the unix socket + * BUG/MINOR: log: pin the front connection when front ip/ports are logged + +--- +Mon Jun 19 05:09:38 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.6: + * DOC: changed "block"(deprecated) examples to http-request deny + * DOC: add few comments to examples. + * DOC: update sample code for PROXY protocol + * DOC: mention lighttpd 1.4.46 implements PROXY + * DOC: stick-table is available in frontend sections + * BUG/MINOR: dns: Wrong address family used when creating IPv6 sockets. + * BUG/MINOR: config: missing goto out after parsing an incorrect ACL character + * BUG/MINOR: arg: don't try to add an argument on failed memory allocation + * BUG/MEDIUM: arg: ensure that we properly unlink unresolved arguments on error + * BUG/MEDIUM: acl: don't free unresolved args in prune_acl_expr() + * MINOR: lua: ensure the memory allocator is used all the time + * CLEANUP: logs: typo: simgle => single + * BUG/MEDIUM: acl: proprely release unused args in prune_acl_expr() + * BUG/MAJOR: Use -fwrapv. + * BUG/MINOR: server: don't use "proxy" when px is really meant. + * BUG/MINOR: server: missing default server 'resolvers' setting duplication. + * DOC: add layer 4 links/cross reference to "block" keyword. + * DOC: errloc/errorloc302/errorloc303 missing status codes. + * BUG/MEDIUM: lua: memory leak + * MEDIUM: config: don't check config validity when there are fatal errors + * BUG/MINOR: hash-balance-factor isn't effective in certain circumstances + * MINOR/DOC: lua: just precise one thing + * BUG/MINOR: http: Fix conditions to clean up a txn and to handle the next request + * DOC: update RFC references + * BUG/MINOR: checks: don't send proxy protocol with agent checks + * BUG/MEDIUM: lua: segfault if a converter or a sample doesn't return anything + * BUG/MAJOR: http: call manage_client_side_cookies() before erasing the buffer + * BUG/MINOR: buffers: Fix bi/bo_contig_space to handle full buffers + * BUG/MINOR: acls: Set the right refflag when patterns are loaded from a map + * BUG/MINOR: http/filters: Be sure to wait if a filter loops in HTTP_MSG_ENDING + * BUG/MEDIUM: peers: Peers CLOSE_WAIT issue. + * BUG/MAJOR: server: Segfault after parsing server state file. + * BUG/MEDIUM: unix: never unlink a unix socket from the file system + +--- Old: haproxy-1.7.5.tar.gz New: haproxy-1.7.8.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.Y06yc3/_old 2017-08-10 14:11:42.079848072 +0200 +++ /var/tmp/diff_new_pack.Y06yc3/_new 2017-08-10 14:11:42.083847509 +0200 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.7.5 +Version:1.7.8 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.Y06yc3/_old 2017-08-10 14:11:42.179833994 +0200 +++
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-05-09 18:03:51 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Tue May 9 18:03:51 2017 rev:49 rq:493463 version:1.7.5 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-04-11 09:45:41.884547411 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-05-09 18:03:52.190788877 +0200 @@ -1,0 +2,10 @@ +Mon May 08 13:18:54 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.5: + * BUG/MEDIUM: peers: fix buffer overflow control in intdecode. + * BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers + * BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled + * BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze + * MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections + +--- Old: haproxy-1.7.4.tar.gz New: haproxy-1.7.5.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.VDjOfV/_old 2017-05-09 18:03:53.342626109 +0200 +++ /var/tmp/diff_new_pack.VDjOfV/_new 2017-05-09 18:03:53.350624979 +0200 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.7.4 +Version:1.7.5 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.VDjOfV/_old 2017-05-09 18:03:53.394618762 +0200 +++ /var/tmp/diff_new_pack.VDjOfV/_new 2017-05-09 18:03:53.398618198 +0200 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.7.git git haproxy -1.7.4 -v1.7.4 +1.7.5 +v1.7.5 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.VDjOfV/_old 2017-05-09 18:03:53.430613676 +0200 +++ /var/tmp/diff_new_pack.VDjOfV/_new 2017-05-09 18:03:53.434613110 +0200 @@ -3,4 +3,4 @@ http://git.haproxy.org/git/haproxy-1.6.git 864bf78c3b6898eb12ece5f0a44032090f26f57f http://git.haproxy.org/git/haproxy-1.7.git - f9eae1ec92742a0185db00fbcfa566ba09b7e3a2 \ No newline at end of file + 9a6d6eb70105ca1f53f44113e42896e7d43d3b2c \ No newline at end of file ++ haproxy-1.7.4.tar.gz -> haproxy-1.7.5.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.7.4/CHANGELOG new/haproxy-1.7.5/CHANGELOG --- old/haproxy-1.7.4/CHANGELOG 2017-03-27 23:37:58.0 +0200 +++ new/haproxy-1.7.5/CHANGELOG 2017-04-03 10:28:32.0 +0200 @@ -1,6 +1,16 @@ ChangeLog : === +2017/04/03 : 1.7.5 +- BUG/MEDIUM: peers: fix buffer overflow control in intdecode. +- BUG/MEDIUM: buffers: Fix how input/output data are injected into buffers +- BUG/MEDIUM: http: Fix blocked HTTP/1.0 responses when compression is enabled +- BUG/MINOR: filters: Don't force the stream's wakeup when we wait in flt_end_analyze +- DOC: fix parenthesis and add missing "Example" tags +- DOC: update the contributing file +- DOC: log-format/tcplog/httplog update +- MINOR: config parsing: add warning when log-format/tcplog/httplog is overriden in "defaults" sections + 2017/03/27 : 1.7.4 - MINOR: config: warn when some HTTP rules are used in a TCP proxy - BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.7.4/CONTRIBUTING new/haproxy-1.7.5/CONTRIBUTING --- old/haproxy-1.7.4/CONTRIBUTING 2017-03-27 23:37:58.0 +0200 +++ new/haproxy-1.7.5/CONTRIBUTING 2017-04-03 10:28:32.0 +0200 @@ -71,8 +71,10 @@ If your work is very confidential and you can't publicly discuss it, you can also mail wi...@haproxy.org directly about it, but your mail may be waiting -several days in the queue before you get a response. Retransmit if you don't -get a response by one week. +several days in the queue before you get a response, if you get a response at +all. Retransmit if you don't get a response by one week. Please note that +direct sent e-mails to this address for non-confidential subjects may simply +be forwarded to the list or be deleted without notification. If you'd like a feature to be added but you think you don't have the skills to implement it yourself, you should follow these steps : @@ -96,7 +98,9 @@ at the beginning but it's common sense more than anything else and contributors do not think about them anymore after a few patches. -1) Before modifying some code, you have read
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-04-11 09:45:35 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Tue Apr 11 09:45:35 2017 rev:48 rq:485839 version:1.7.4 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-03-02 19:38:35.568961394 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-04-11 09:45:41.884547411 +0200 @@ -1,0 +2,32 @@ +Wed Mar 29 11:53:23 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.4: + * MINOR: config: warn when some HTTP rules are used in a TCP proxy + * BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters + * BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section + * BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file + * BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup + * BUG/MINOR: Fix "get map " CLI command + * BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer + * BUG/MEDIUM: ssl: switchctx should not return SSL_TLSEXT_ERR_ALERT_WARNING + * BUG/MINOR: checks: attempt clean shutw for SSL check + * BUG/MEDIUM: listener: do not try to rebind another process' socket + * BUG/MEDIUM: filters: Fix channels synchronization in flt_end_analyze + * BUG/MAJOR: stream-int: do not depend on connection flags to detect connection + * BUG/MEDIUM: connection: ensure to always report the end of handshakes + * BUG: payload: fix payload not retrieving arbitrary lengths + * BUG/MAJOR: http: fix typo in http_apply_redirect_rule + * BUG/MEDIUM: stream: fix client-fin/server-fin handling + * MINOR: fd: add a new flag HAP_POLL_F_RDHUP to struct poller + * BUG/MINOR: raw_sock: always perfom the last recv if RDHUP is not available + * DOC/MINOR: Fix typos in proxy protocol doc + * DOC: Protocol doc: add checksum, TLV type ranges + * DOC: Protocol doc: add SSL TLVs, rename CHECKSUM + * DOC: Protocol doc: add noop TLV + * MEDIUM: global: add a 'hard-stop-after' option to cap the soft-stop time + * BUG/MINOR: cfgparse: loop in tracked servers lists not detected by check_config_validity(). + * MINOR: server: irrelevant error message with 'default-server' config file keyword. + * MINOR: doc: fix use-server example (imap vs mail) + * BUG/MEDIUM: tcp: don't require privileges to bind to device + +--- Old: haproxy-1.7.3.tar.gz New: haproxy-1.7.4.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.GbiHO8/_old 2017-04-11 09:45:42.824414642 +0200 +++ /var/tmp/diff_new_pack.GbiHO8/_new 2017-04-11 09:45:42.828414077 +0200 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.7.3 +Version:1.7.4 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.GbiHO8/_old 2017-04-11 09:45:42.860409557 +0200 +++ /var/tmp/diff_new_pack.GbiHO8/_new 2017-04-11 09:45:42.864408992 +0200 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.7.git git haproxy -1.7.3 -v1.7.3 +1.7.4 +v1.7.4 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.GbiHO8/_old 2017-04-11 09:45:42.884406167 +0200 +++ /var/tmp/diff_new_pack.GbiHO8/_new 2017-04-11 09:45:42.888405602 +0200 @@ -3,4 +3,4 @@ http://git.haproxy.org/git/haproxy-1.6.git 864bf78c3b6898eb12ece5f0a44032090f26f57f http://git.haproxy.org/git/haproxy-1.7.git - 9cb532a34ae190b350cdeb8bbbae25d524b10949 \ No newline at end of file + f9eae1ec92742a0185db00fbcfa566ba09b7e3a2 \ No newline at end of file ++ haproxy-1.7.3.tar.gz -> haproxy-1.7.4.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.7.3/CHANGELOG new/haproxy-1.7.4/CHANGELOG --- old/haproxy-1.7.3/CHANGELOG 2017-02-28 09:59:23.0 +0100 +++ new/haproxy-1.7.4/CHANGELOG 2017-03-27 23:37:58.0 +0200 @@ -1,6 +1,44 @@ ChangeLog : === +2017/03/27 : 1.7.4 +- MINOR: config: warn when some HTTP rules are used in a TCP proxy +- BUG/MINOR: spoe: Fix soft stop handler using a specific id for spoe filters +- BUG/MINOR: spoe: Fix parsing of arguments in spoe-message section +- BUG/MEDIUM: ssl: Clear OpenSSL error stack after trying to parse OCSP file +- BUG/MEDIUM: cli: Prevent double free in CLI ACL lookup +- BUG/MINOR: Fix "get map " CLI command +- BUG/MAJOR: connection: update CO_FL_CONNECTED before calling the data layer +- BUG/MEDIUM: ssl: switchctx should not return
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-03-02 19:38:34 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Thu Mar 2 19:38:34 2017 rev:47 rq:460861 version:1.7.3 Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2017-02-03 17:42:18.141625423 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-03-02 19:38:35.568961394 +0100 @@ -1,0 +2,20 @@ +Tue Feb 28 11:31:02 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.3: + * BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream + * BUG/MEDIUM: tcp: don't poll for write when connect() succeeds + * BUG/MINOR: unix: fix connect's polling in case no data are scheduled + * BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword + * MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested + * BUG/MAJOR: dns: restart sockets after fork() + * MINOR: chunks: implement a simple dynamic allocator for trash buffers + * BUG/MEDIUM: http: prevent redirect from overwriting a buffer + * BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined + * BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer + * BUG/MINOR: http: Return an error when a replace-header rule failed on the response + * BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested + * BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1' + * BUG/MEDIUM: config: reject anything but "if" or "unless" after a use-backend rule + * MINOR: http: don't close when redirect location doesn't start with "/" + +--- Old: haproxy-1.7.2.tar.gz New: haproxy-1.7.3.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.QrU3j0/_old 2017-03-02 19:38:36.372847639 +0100 +++ /var/tmp/diff_new_pack.QrU3j0/_new 2017-03-02 19:38:36.372847639 +0100 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.7.2 +Version:1.7.3 Release:0 # # ++ _service ++ --- /var/tmp/diff_new_pack.QrU3j0/_old 2017-03-02 19:38:36.404843111 +0100 +++ /var/tmp/diff_new_pack.QrU3j0/_new 2017-03-02 19:38:36.408842545 +0100 @@ -3,8 +3,8 @@ http://git.haproxy.org/git/haproxy-1.7.git git haproxy -1.7.2 -v1.7.2 +1.7.3 +v1.7.3 enable ++ _servicedata ++ --- /var/tmp/diff_new_pack.QrU3j0/_old 2017-03-02 19:38:36.424840281 +0100 +++ /var/tmp/diff_new_pack.QrU3j0/_new 2017-03-02 19:38:36.428839716 +0100 @@ -3,4 +3,4 @@ http://git.haproxy.org/git/haproxy-1.6.git 864bf78c3b6898eb12ece5f0a44032090f26f57f http://git.haproxy.org/git/haproxy-1.7.git - ddb646ee9182df570017ddf280873a1360a28898 \ No newline at end of file + 9cb532a34ae190b350cdeb8bbbae25d524b10949 \ No newline at end of file ++ haproxy-1.7.2.tar.gz -> haproxy-1.7.3.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.7.2/CHANGELOG new/haproxy-1.7.3/CHANGELOG --- old/haproxy-1.7.2/CHANGELOG 2017-01-13 10:03:00.0 +0100 +++ new/haproxy-1.7.3/CHANGELOG 2017-02-28 09:59:23.0 +0100 @@ -1,6 +1,27 @@ ChangeLog : === +2017/02/28 : 1.7.3 +- BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream +- BUILD: ssl: fix build on OpenSSL 1.0.0 +- BUILD: ssl: silence a warning reported for ERR_remove_state() +- BUILD: ssl: eliminate warning with OpenSSL 1.1.0 regarding RAND_pseudo_bytes() +- BUG/MEDIUM: tcp: don't poll for write when connect() succeeds +- BUG/MINOR: unix: fix connect's polling in case no data are scheduled +- DOC: lua: improve links +- BUG/MINOR: lua: Map.end are not reliable because "end" is a reserved keyword +- MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested +- BUG/MAJOR: dns: restart sockets after fork() +- MINOR: chunks: implement a simple dynamic allocator for trash buffers +- BUG/MEDIUM: http: prevent redirect from overwriting a buffer +- BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined +- BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer +- BUG/MINOR: http: Return an error when a replace-header rule failed on the response +- BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested +- BUG/MAJOR: lua segmentation fault when the request is like 'GET ?arg=val HTTP/1.1'
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2017-02-02 15:46:45 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-12-08 00:31:38.0 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2017-02-03 17:42:18.141625423 +0100 @@ -1,0 +2,67 @@ +Mon Jan 30 14:43:01 UTC 2017 - kgronl...@suse.com + +- Update to version 1.7.2 (bsc#1023141): + * BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2) + * BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW + * DOC: lua: documentation about time parser functions + * DOC: lua: section declared twice + * BUG/MINOR: lua/cli: bad error message + * DOC: fix small typo in fe_id (backend instead of frontend) + * BUG/MINOR: Fix the sending function in Lua's cosocket + * BUG/MINOR: lua: memory leak executing tasks + * BUG/MINOR: lua: bad return code + * BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake + * BUG/MEDIUM: ssl: avoid double free when releasing bind_confs + * BUG/MINOR: stats: fix be/sessions/current out in typed stats + * BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled + * BUG/MEDIUM: ssl: for a handshake when server-side SNI changes + * BUG/MINOR: systemd: potential zombie processes + * DOC: Add timings events schemas + * BUG/MINOR: option prefer-last-server must be ignored in some case + * MINOR: stats: Support "select all" for backend actions + * BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc*_get_gpt0 + * BUG/MAJOR: channel: Fix the definition order of channel analyzers + * BUG/MINOR: http: report real parser state in error captures + * BUG/MAJOR: http: fix risk of getting invalid reports of bad requests + * MINOR: http: custom status reason. + * MINOR: connection: add sample fetch "fc_rcvd_proxy" + * BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options + * BUG/MINOR: tools: fix off-by-one in port size check + * BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family + * MEDIUM: server: split the address and the port into two different fields + * MINOR: tools: make str2sa_range() return the port in a separate argument + * MINOR: server: take the destination port from the port field, not the addr + * MEDIUM: server: disable protocol validations when the server doesn't resolve + * BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0 + * BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage + * MINOR: proto_http.c 502 error txt typo. + * DOC: add deprecation notice to "block" + * BUG/MINOR: Reset errno variable before calling strtol(3) + +--- +Sat Dec 24 02:36:10 UTC 2016 - mrueck...@suse.de + +- Update to version 1.7.1: + * BUG/MAJOR: stream: fix session abort on resource shortage + * BUG/MINOR: cli: allow the backslash to be escaped on the CLI + * BUG/MEDIUM: cli: fix "show stat resolvers" and "show tls-keys" + * DOC: Fix map table's format + * DOC: Added 51Degrees conv and fetch functions to documentation. + * BUG/MINOR: http: don't send an extra CRLF after a Set-Cookie in a redirect + * DOC: mention that req_tot is for both frontends and backends + * BUG/MEDIUM: variables: some variable name can hide another ones + * BUG/MINOR: stats: fix be/sessions/max output in html stats + * MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id + * DOC: lua: Documentation about some entry missing + * MINOR: Do not forward the header "Expect: 100-continue" when the option http-buffer-request is set + * DOC: Add undocumented argument of the trace filter + * DOC: Fix some typo in SPOE documentation + * BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full + * MINOR: applet: Count number of (active) applets + * MINOR: task: Rename run_queue and run_queue_cur counters + * BUG/MEDIUM: stream: Save unprocessed events for a stream + * BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled + * BUILD/MEDIUM: Fixing the build using LibreSSL + * [RELEASE] Released version 1.7.1 + +--- Old: haproxy-1.7.0.tar.gz New: haproxy-1.7.2.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.EYkI4O/_old 2017-02-03 17:42:18.837526924 +0100 +++ /var/tmp/diff_new_pack.EYkI4O/_new 2017-02-03 17:42:18.841526357 +0100 @@ -41,7 +41,7 @@ %bcond_without
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2016-12-08 00:31:37
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-11-05
21:26:06.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-12-08
00:31:38.0 +0100
@@ -1,0 +2,33 @@
+Fri Dec 02 07:31:16 UTC 2016 - kgronl...@suse.com
+
+- Update to version 1.7.0:
+ * BUG/MEDIUM: proxy: return "none" and "unknown" for unknown LB algos
+ * BUG/MINOR: stats: make field_str() return an empty string on NULL
+ * BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
+ * BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled
txn
+ * BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and
IS_DATA_FILTER
+ * BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and
XFER_DATA analyzers
+ * BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in
tunnel mode
+
+---
+Fri Dec 02 07:30:49 UTC 2016 - kgronl...@suse.com
+
+- Update to version 1.6.10:
+ * BUG/MEDIUM: systemd-wrapper: return correct exit codes
+ * BUG/MEDIUM: srv-state: properly restore the DRAIN state
+ * BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
+ * BUG/MEDIUM: servers: properly propagate the maintenance states during
startup
+ * BUG: vars: Fix 'set-var' converter because of a typo
+ * BUG/MEDIUM: channel: bad unlikely macro
+ * CLEANUP: lua: move comment
+ * CLEANUP: lua: control executed twice
+ * CLEANUP: ssl: Fix bind keywords name in comments
+ * DOC: ssl: Use correct wording for ca-sign-pass
+ * BUG/MINOR: stick-table: handle out-of-memory condition gracefully
+ * BUG/MEDIUM: connection: check the control layer before stopping polling
+ * BUG/MEDIUM: stick-table: fix regression caused by recent fix for
out-of-memory
+ * CONTRIB: initiate a debugging suite to make debugging easier
+ * BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
+ * BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
+
+---
Old:
haproxy-1.6.9.tar.gz
New:
haproxy-1.7.0.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.9kMGnG/_old 2016-12-08 00:31:39.0 +0100
+++ /var/tmp/diff_new_pack.9kMGnG/_new 2016-12-08 00:31:39.0 +0100
@@ -41,7 +41,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.6.9
+Version:1.7.0
Release:0
#
#
@@ -66,7 +66,7 @@
%define pkg_home /var/lib/%{pkg_name}
#
Url:http://www.haproxy.org/
-Source:
http://www.haproxy.org/download/1.6/src/haproxy-%{version}.tar.gz
+Source:
http://www.haproxy.org/download/1.7/src/haproxy-%{version}.tar.gz
Source1:%{pkg_name}.init
Source2:usr.sbin.haproxy.apparmor
Source3:local.usr.sbin.haproxy.apparmor
++ _service ++
--- /var/tmp/diff_new_pack.9kMGnG/_old 2016-12-08 00:31:39.0 +0100
+++ /var/tmp/diff_new_pack.9kMGnG/_new 2016-12-08 00:31:39.0 +0100
@@ -1,9 +1,9 @@
-http://git.haproxy.org/git/haproxy-1.6.git
+http://git.haproxy.org/git/haproxy-1.7.git
git
haproxy
-1.6.9
+1.7.0
master
enable
++ _servicedata ++
--- /var/tmp/diff_new_pack.9kMGnG/_old 2016-12-08 00:31:39.0 +0100
+++ /var/tmp/diff_new_pack.9kMGnG/_new 2016-12-08 00:31:39.0 +0100
@@ -1,4 +1,6 @@
http://git.haproxy.org/git/haproxy-1.6.git
- ab45181e36b6c4f7d31c5284035937c2d0be37eb
\ No newline at end of file
+ 864bf78c3b6898eb12ece5f0a44032090f26f57f
+http://git.haproxy.org/git/haproxy-1.7.git
+ 5961fb820a9484c0b5ff83583bdeacef0b5d42f0
\ No newline at end of file
++ haproxy-1.6.9.tar.gz -> haproxy-1.7.0.tar.gz ++
56932 lines of diff (skipped)
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-11-05 21:26:05 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-10-18 10:41:22.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-11-05 21:26:06.0 +0100 @@ -1,0 +2,26 @@ +Wed Nov 02 16:56:57 UTC 2016 - kgronl...@suse.com + +- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723) + * BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang + * MINOR: cfgparse: few memory leaks fixes. + * MINOR: build: Allow linking to device-atlas library file + * DOC: Fix typo in description of `-st` parameter in man page + * BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream + * BUG/MEDIUM: peers: fix use after free in peer_session_create() + * BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed + * MINOR: systemd: report it when execve() fails + * BUG/MINOR: systemd: check return value of calloc() + * BUG/MINOR: systemd: always restore signals before execve() + * BUG/MINOR: systemd: make the wrapper return a non-null status code on error + * BUG/MINOR: ssl: prevent multiple entries for the same certificate + * BUG/MINOR: ssl: Check malloc return code + * BUG/MINOR: vars: smp_fetch_var() doesn't depend on HTTP but on the session + * BUG/MINOR: vars: make smp_fetch_var() more robust against misuses + * BUG/MINOR: vars: use sess and not s->sess in action_store() + * MEDIUM: make SO_REUSEPORT configurable + * MINOR: Add fe_req_rate sample fetch + * MINOR: show Running on zlib version + * MINOR: show Built with PCRE version + * BUG/MINOR: displayed PCRE version is running release + +--- New: _service _servicedata Other differences: -- ++ _service ++ http://git.haproxy.org/git/haproxy-1.6.git git haproxy 1.6.9 master enable haproxy*.tar gz haproxy ++ _servicedata ++ http://git.haproxy.org/git/haproxy-1.6.git ab45181e36b6c4f7d31c5284035937c2d0be37eb
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-10-18 10:41:21 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-10-10 16:21:03.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-10-18 10:41:22.0 +0200 @@ -215 +215 @@ -- update to 1.6.4 +- update to 1.6.4 (fate#320607) (bsc#937202) @@ -326 +326 @@ -- update to 1.6.3 +- update to 1.6.3 (fate#320607) Other differences: --
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-10-10 16:21:03 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-09-09 10:20:53.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-10-10 16:21:03.0 +0200 @@ -4 +4 @@ -- Update to 1.6.9 +- Update to 1.6.9 (bsc#1003264) Other differences: --
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-09-09 10:20:52 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-08-03 11:43:12.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-09-09 10:20:53.0 +0200 @@ -1,0 +2,28 @@ +Thu Sep 1 07:16:13 UTC 2016 - kgronl...@suse.com + +- Update to 1.6.9 + - MINOR: cli: allow the semi-colon to be escaped on the CLI + - BUG/MINOR: payload: fix SSLv2 version parser + - BUG/MAJOR: stream: properly mark the server address as unset on connect retry + - DOC: Updated 51Degrees readme. + - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table + - BUG/MINOR: peers: empty chunks after a resync. + - BUG/MINOR: peers: some updates are pushed twice after a resync. + - MINOR: sample: use smp_make_rw() in upper/lower converters + - BUG/MEDIUM: stick-table: properly convert binary samples to keys + - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size + - BUG/MAJOR: server: the "sni" directive could randomly cause trouble + - MINOR: sample: provide smp_is_rw() and smp_make_rw() + - MINOR: sample: implement smp_is_safe() and smp_make_safe() + - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample + - BUG/MAJOR: compression: initialize avail_in/next_in even during flush + - BUILD: make proto_tcp.c compatible with musl library + - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv + - BUG/MEDIUM: stream-int: completely detach connection on connect error + - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests + - DOC: lua: remove old functions + - BUG/MINOR: peers: Fix peers data decoding issue + - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash + - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash + +--- Old: haproxy-1.6.7.tar.gz New: haproxy-1.6.9.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.Ri1yui/_old 2016-09-09 10:20:54.0 +0200 +++ /var/tmp/diff_new_pack.Ri1yui/_new 2016-09-09 10:20:54.0 +0200 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.6.7 +Version:1.6.9 Release:0 # # ++ haproxy-1.6.7.tar.gz -> haproxy-1.6.9.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.6.7/CHANGELOG new/haproxy-1.6.9/CHANGELOG --- old/haproxy-1.6.7/CHANGELOG 2016-07-13 19:57:01.0 +0200 +++ new/haproxy-1.6.9/CHANGELOG 2016-08-30 23:20:16.0 +0200 @@ -1,6 +1,33 @@ ChangeLog : === +2016/08/30 : 1.6.9 +- DOC: Updated 51Degrees readme. +- BUG/MAJOR: stream: properly mark the server address as unset on connect retry +- BUG/MINOR: payload: fix SSLv2 version parser +- MINOR: cli: allow the semi-colon to be escaped on the CLI + +2016/08/14 : 1.6.8 +- BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash +- BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash +- BUG/MINOR: peers: Fix peers data decoding issue +- DOC: lua: remove old functions +- BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests +- BUG/MEDIUM: stream-int: completely detach connection on connect error +- DOC: minor typo fixes to improve HTML parsing by haproxy-dconv +- BUILD: make proto_tcp.c compatible with musl library +- BUG/MAJOR: compression: initialize avail_in/next_in even during flush +- BUG/MEDIUM: samples: make smp_dup() always duplicate the sample +- MINOR: sample: implement smp_is_safe() and smp_make_safe() +- MINOR: sample: provide smp_is_rw() and smp_make_rw() +- BUG/MAJOR: server: the "sni" directive could randomly cause trouble +- BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size +- BUG/MEDIUM: stick-table: properly convert binary samples to keys +- MINOR: sample: use smp_make_rw() in upper/lower converters +- BUG/MINOR: peers: some updates are pushed twice after a resync. +- BUG/MINOR: peers: empty chunks after a resync. +- BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table + 2016/07/13 : 1.6.7 - MINOR: new function my_realloc2 = realloc + free upon failure - CLEANUP: fixed some usages of realloc leading to memory leak diff -urN '--exclude=CVS'
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-08-03 11:43:11 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-06-14 23:07:09.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-08-03 11:43:12.0 +0200 @@ -1,0 +2,76 @@ +Tue Jul 19 01:50:28 UTC 2016 - mrueck...@suse.de + +- update to 1.6.7 + - MINOR: new function my_realloc2 = realloc + free upon failure + - CLEANUP: fixed some usages of realloc leading to memory leak + - Revert "BUG/MINOR: ssl: fix potential memory leak in +ssl_sock_load_dh_params()" + - BUG/MEDIUM: dns: fix alignment issues in the DNS response +parser + - BUG/MINOR: Fix endiness issue in DNS header creation code +- changes from 1.6.6 + - BUG/MAJOR: fix listening IP address storage for frontends + - BUG/MINOR: fix listening IP address storage for frontends +(cont) + - DOC: Fix typo so fetch is properly parsed by Cyril's converter + - BUG/MAJOR: http: fix breakage of "reqdeny" causing random +crashes + - BUG/MEDIUM: stick-tables: fix breakage in table converters + - BUG/MEDIUM: dns: unbreak DNS resolver after header fix + - BUILD: fix build on Solaris 11 + - CLEANUP: connection: fix double negation on memcmp() + - BUG/MEDIUM: stats: show servers state may show an servers from +another backend + - BUG/MEDIUM: fix risk of segfault with "show tls-keys" + - BUG/MEDIUM: sticktables: segfault in some configuration error +cases + - BUG/MEDIUM: lua: converters doesn't work + - BUG/MINOR: http: add-header: header name copied twice + - BUG/MEDIUM: http: add-header: buffer overwritten + - BUG/MINOR: ssl: fix potential memory leak in +ssl_sock_load_dh_params() + - BUG/MINOR: http: url32+src should use the big endian version of +url32 + - BUG/MINOR: http: url32+src should check cli_conn before using +it + - DOC: http: add documentation for url32 and url32+src + - BUG/MINOR: fix http-response set-log-level parsing error + - MINOR: systemd: Use variable for config and pidfile paths + - MINOR: systemd: Perform sanity check on config before reload +(cherry picked from commit +68535bddf305fdd22f1449a039939b57245212e7) + - BUG/MINOR: init: always ensure that global.rlimit_nofile +matches actual limits + - BUG/MINOR: init: ensure that FD limit is raised to the max +allowed + - BUG/MEDIUM: external-checks: close all FDs right after the +fork() + - BUG/MAJOR: external-checks: use asynchronous signal delivery + - BUG/MINOR: external-checks: do not unblock undesired signals + - BUILD/MEDIUM: rebuild everything when an include file is +changed + - BUILD/MEDIUM: force a full rebuild if some build options change + - BUG/MINOR: srv-state: fix incorrect output of state file + - BUG/MINOR: ssl: close ssl key file on error + - BUG/MINOR: http: fix misleading error message for response +captures + - BUG/BUILD: don't automatically run "make" on "make install" + - DOC: add missing doc for +http-request deny [deny_status ] +- drop patches which were pulled from git before + 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch + 0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch + 0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch + 0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch + 0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch + 0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch + 0007-BUILD-fix-build-on-Solaris-11.patch + 0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch + 0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch + 0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch + 0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch + 0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch + 0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch + 0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch + +--- Old: 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch 0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch 0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch 0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch 0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch 0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch 0007-BUILD-fix-build-on-Solaris-11.patch 0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch 0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2016-06-14 23:07:07
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-05-19
12:15:08.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-06-14
23:07:09.0 +0200
@@ -1,0 +2,19 @@
+Thu Jun 9 12:48:27 UTC 2016 - mrueck...@suse.de
+
+- pull patches from git to fix some important issues (bsc#983972) (bsc#983974):
+ 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch
+ 0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch
+ 0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch
+ 0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch
+ 0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch
+ 0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch
+ 0007-BUILD-fix-build-on-Solaris-11.patch
+ 0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch
+ 0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
+ 0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
+ 0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch
+ 0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch
+ 0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch
+ 0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch
+
+---
New:
0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch
0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch
0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch
0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch
0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch
0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch
0007-BUILD-fix-build-on-Solaris-11.patch
0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch
0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch
0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch
0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch
0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.qUmh2P/_old 2016-06-14 23:07:10.0 +0200
+++ /var/tmp/diff_new_pack.qUmh2P/_new 2016-06-14 23:07:10.0 +0200
@@ -74,6 +74,20 @@
Patch1: haproxy-1.6.0_config_haproxy_user.patch
Patch2: haproxy-1.6.0-makefile_lib.patch
Patch3: haproxy-1.6.0-sec-options.patch
+Patch11:0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch
+Patch12:0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch
+Patch13:0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch
+Patch14:0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch
+Patch15:0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch
+Patch16:0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch
+Patch17:0007-BUILD-fix-build-on-Solaris-11.patch
+Patch18:0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch
+Patch19:0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
+Patch20:0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
+Patch21:0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch
+Patch22:0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch
+Patch23:0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch
+Patch24:0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch
#
Source99: haproxy-rpmlintrc
#
@@ -107,6 +121,20 @@
%patch1 -p1
%patch2
%patch3
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
+%patch17 -p1
+%patch18 -p1
+%patch19 -p1
+%patch20 -p1
+%patch21 -p1
+%patch22 -p1
+%patch23 -p1
+%patch24 -p1
%build
%{__make} \
++ 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch ++
>From 66dd99c4c9d828c2c2f7295b7db66f7ff6f2fa8e Mon Sep 17 00:00:00 2001
From: Vincent Bernat
Date: Wed, 18 May 2016 16:17:44 +0200
Subject: [PATCH 01/14] BUG/MAJOR: fix listening IP address storage for
frontends
When compiled with GCC 6, the IP address specified for a frontend was
ignored and HAProxy was listening on all addresses instead. This is
caused by an incomplete copy of a "struct sockaddr_storage".
With the GNU Libc,
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-05-19 12:15:07 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-03-21 12:46:02.0 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-05-19 12:15:08.0 +0200 @@ -1,0 +2,88 @@ +Tue May 10 14:24:24 UTC 2016 - mrueck...@suse.de + +- update to 1.6.5 + - BUG/MINOR: log: Don't use strftime() which can clobber timezone +if chrooted + - BUILD: namespaces: fix a potential build warning in +namespaces.c + - DOC: add encoding to json converter example + - BUG/MINOR: conf: "listener id" expects integer, but its not +checked + - DOC: Clarify tunes.vars.xxx-max-size settings + - BUG/MEDIUM: peers: fix incorrect age in frequency counters + - BUG/MEDIUM: Fix RFC5077 resumption when more than +TLS_TICKETS_NO are present + - BUG/MAJOR: Fix crash in http_get_fhdr with exactly +MAX_HDR_HISTORY headers + - BUG/MINOR: lua: can't load external libraries + - DOC: "addr" parameter applies to both health and agent checks + - DOC: timeout client: pointers to timeout http-request + - DOC: typo on stick-store response + - DOC: stick-table: amend paragraph blaming the loss of table +upon reload + - DOC: typo: ACL subdir match + - DOC: typo: maxconn paragraph is wrong due to a wrong buffer +size + - DOC: regsub: parser limitation about the inability to use +closing square brackets + - DOC: typo: req.uri is now replaced by capture.req.uri + - DOC: name set-gpt0 mismatch with the expected keyword + - BUG/MEDIUM: stick-tables: some sample-fetch doesn't work in the +connection state. + - DOC: fix "needed" typo + - BUG/MINOR: dns: inapropriate way out after a resolution timeout + - BUG/MINOR: dns: trigger a DNS query type change on resolution +timeout + - BUG/MINOR : allow to log cookie for tarpit and denied request + - OPTIM/MINOR: session: abort if possible before connecting to +the backend + - BUG/MEDIUM: trace.c: rdtsc() is defined in two files + - BUG/MEDIUM: channel: fix miscalculation of available buffer +space (2nd try) + - BUG/MINOR: cfgparse: couple of small memory leaks. + - BUG/MEDIUM: sample: initialize the pointer before parse_binary +call. + - DOC: fix discrepancy in the example for http-request redirect + - DOC: Clarify IPv4 address / mask notation rules + - CLEANUP: fix inconsistency between fd->iocb, proto->accept and +accept() + - BUG/MEDIUM: fix maxaccept computation on per-process listeners + - BUG/MINOR: listener: stop unbound listeners on startup + - BUG/MINOR: fix maxaccept computation according to the frontend +process range + - MEDIUM: unblock signals on startup. + - BUG/MEDIUM: channel: don't allow to overwrite the reserve until +connected + - BUG/MEDIUM: channel: incorrect polling condition may delay +event delivery + - BUG/MEDIUM: channel: fix miscalculation of available buffer +space (3rd try) + - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields +in TCP mode + - BUG/MEDIUM: lua: protects the upper boundary of the argument +list for converters/fetches. + - BUG/MINOR: log: fix a typo that would cause %HP to log + - MINOR: channel: add new function channel_congested() + - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined +requests from dead client + - BUG/MAJOR: channel: fix miscalculation of available buffer +space (4th try) + - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly +cleared + - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 +transfers + - BUG/MEDIUM: stats: show servers state may show an empty or +incomplete result + - BUG/MEDIUM: stats: show backend may show an empty or incomplete +result + - MINOR: stats: fix typo in help messages + - MINOR: stats: show stat resolvers missing in the help message + - BUG/MINOR: dns: fix DNS header definition + - BUG/MEDIUM: dns: fix alignment issue when building DNS queries + - CLEANUP/MINOR: stats: fix accidental addition of member "env" +in the applet ctx +- refreshed patches to apply cleanly again + - haproxy-1.6.0-makefile_lib.patch + - haproxy-1.6.0-sec-options.patch + +--- Old: haproxy-1.6.4.tar.gz New: haproxy-1.6.5.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.Rxn2tl/_old 2016-05-19 12:15:09.0 +0200 +++ /var/tmp/diff_new_pack.Rxn2tl/_new 2016-05-19 12:15:09.0 +0200 @@ -41,7 +41,7 @@
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-03-21 12:46:00 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2016-01-11 19:12:22.0 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-03-21 12:46:02.0 +0100 @@ -1,0 +2,111 @@ +Mon Mar 14 02:45:05 UTC 2016 - mrueck...@suse.de + +- update to 1.6.4 + - BUG/MINOR: http: fix several off-by-one errors in the url_param +parser + - BUG/MINOR: http: Be sure to process all the data received from +a server + - BUG/MINOR: chunk: make chunk_dup() always check and set +dst->size + - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero + - MINOR: chunks: add chunk_strcat() and chunk_newstr() + - MINOR: chunk: make chunk_initstr() take a const string + - MINOR: lru: new function to delete least recently used +keys + - DOC: add Ben Shillito as the maintainer of 51d + - BUG/MINOR: 51d: Ensures a unique domain for each configuration + - BUG/MINOR: 51d: Aligns Pattern cache implementation with +HAProxy best practices. + - BUG/MINOR: 51d: Releases workset back to pool. + - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees. + - CLEANUP: 51d: Aligned if statements with HAProxy best practices +and removed casts from malloc. + - DOC: fix a few spelling mistakes (cherry picked from commit +cc123c66c2075add8524a6a9925382927daa6ab0) + - DOC: fix "workaround" spelling + - BUG/MINOR: examples: Fixing haproxy.spec to remove references +to .cfg files + - MINOR: fix the return type for dns_response_get_query_id() +function + - MINOR: server state: missing LF (\n) on error message printed +when parsing server state file + - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided +to the nameserver + - BUG/MAJOR: servers state: server port is erased when dns +resolution is enabled on a server + - BUG/MEDIUM: servers state: server port is used uninitialized + - BUG/MEDIUM: config: Adding validation to stick-table expire +value. + - BUG/MEDIUM: sample: http_date() doesn't provide the right day +of the week + - BUG/MEDIUM: channel: fix miscalculation of available buffer +space. + - MEDIUM: pools: add a new flag to avoid rounding pool size up + - BUG/MEDIUM: buffers: do not round up buffer size during +allocation + - BUG/MINOR: stream: don't force retries if the server is DOWN + - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch +the table + - MINOR: unix: don't mention free ports on EAGAIN + - BUG/CLEANUP: CLI: report the proper field states in "show sess" + - MINOR: stats: send content-length with the redirect to allow +keep-alive + - BUG: stream_interface: Reuse connection even if the output +channel is empty + - DOC: remove old tunnel mode assumptions + - BUG/MAJOR: http-reuse: fix risk of orphaned connections + - BUG/MEDIUM: http-reuse: do not share private connections across +backends + - BUG/MINOR: ssl: Be sure to use unique serial for regenerated +certificates + - BUG/MINOR: stats: fix missing comma in stats on agent drain + - BUG/MINOR: lua: unsafe initialization + - DOC: lua: fix somme errors + - DOC: add server name at rate-limit sessions example + - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation + - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation + - DOC: LUA: fix some typos and syntax errors + - MINOR: cfgparse: warn for incorrect 'timeout retry' keyword +spelling in resolvers + - MINOR: mailers: increase default timeout to 10 seconds + - MINOR: mailers: use for all line endings + - BUG/MAJOR: lua: applets can't sleep. + - BUG/MINOR: server: some prototypes are renamed + - BUG/MINOR: lua: Useless copy + - BUG/MEDIUM: stats: stats bind-process doesn't propagate the +process mask correctly + - BUG/MINOR: server: fix the format of the warning on address +change + - BUG/MEDIUM: chunks: always reject negative-length chunks + - BUG/MINOR: systemd: ensure we don't miss signals + - BUG/MINOR: systemd: report the correct signal in debug message +output + - BUG/MINOR: systemd: propagate the correct signal to haproxy + - MINOR: systemd: ensure a reload doesn't mask a stop + - BUG/MEDIUM: cfgparse: wrong argument offset after parsing +server "sni" keyword + - CLEANUP: stats: Avoid computation with uninitialized bits. + - CLEANUP: pattern: Ignore unknown samples in pat_match_ip(). + - CLEANUP: map: Avoid memory leak in out-of-memory condition. + - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in +failure to load certain configs + - BUG/MAJOR: samples: check
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2016-01-11 19:12:20 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-12-01 09:18:44.0 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2016-01-11 19:12:22.0 +0100 @@ -1,0 +2,22 @@ +Mon Jan 11 14:22:44 UTC 2016 - e.isto...@edss.ee + +- update to 1.6.3 +- BUG/MEDIUM: lua: clean output buffer +- BUG/MEDIUM: http: switch the request channel to no-delay once done. +- BUG/MEDIUM: http: don't enable auto-close on the response side +- BUG/MEDIUM: stream: fix half-closed timeout handling +- BUG/MEDIUM: cli: changing compression rate-limiting must require admin level +- BUG/MEDIUM: sample: urlp can't match an empty value +- BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input. +- BUG/MEDIUM: checks: email-alert not working when declared in defaults +- BUG/MEDIUM: http: fix http-reuse when frontend and backend differ +- BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced +- BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay. +- BUG/MEDIUM: peers: old stick table updates could be repushed +- BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn +- BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets +- BUG/MAJOR: lua: Do not force the HTTP analysers in use-services + +for all the details see /usr/share/doc/packages/haproxy/CHANGELOG +or http://www.haproxy.org/download/1.6/src/CHANGELOG +--- Old: haproxy-1.6.2.tar.gz New: haproxy-1.6.3.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.OKXmft/_old 2016-01-11 19:12:23.0 +0100 +++ /var/tmp/diff_new_pack.OKXmft/_new 2016-01-11 19:12:23.0 +0100 @@ -41,7 +41,7 @@ %bcond_without apparmor Name: haproxy -Version:1.6.2 +Version:1.6.3 Release:0 # # ++ haproxy-1.6.2.tar.gz -> haproxy-1.6.3.tar.gz ++ 3160 lines of diff (skipped)
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-12-01 09:18:42
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-11-12
19:41:15.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-12-01
09:18:44.0 +0100
@@ -1,0 +2,10 @@
+Sat Nov 21 01:36:11 UTC 2015 - mrueck...@suse.de
+
+- on sle11 we still need to own /etc/apparmor.d/local
+
+---
+Sat Nov 21 01:15:07 UTC 2015 - mrueck...@suse.de
+
+- instead of owning the apparmor directories, BR apparmor-profiles.
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.2dDvTm/_old 2015-12-01 09:18:45.0 +0100
+++ /var/tmp/diff_new_pack.2dDvTm/_new 2015-12-01 09:18:45.0 +0100
@@ -46,6 +46,9 @@
#
#
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+%if %{with apparmor}
+BuildRequires: apparmor-profiles
+%endif
BuildRequires: libgcrypt-devel
%if %{with lua}
BuildRequires: lua-devel >= 5.3
@@ -228,8 +231,9 @@
%{_mandir}/man1/%{pkg_name}.1.gz
%{vim_data_dir}/syntax/%{pkg_name}.vim
%if %{with apparmor}
-%dir /etc/apparmor.d/
+%if 0%{?suse_version} == 1110
%dir /etc/apparmor.d/local/
+%endif
%config(noreplace) /etc/apparmor.d/usr.sbin.haproxy
%config(noreplace) /etc/apparmor.d/local/usr.sbin.haproxy
%endif
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-11-12 19:41:05 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-09-27 08:39:44.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-11-12 19:41:15.0 +0100 @@ -1,0 +2,120 @@ +Tue Nov 10 14:50:26 UTC 2015 - mrueck...@suse.de + +- fix link to tarball + +--- +Tue Nov 3 12:02:19 UTC 2015 - mrueck...@suse.de + +- update to 1.6.2 + - BUILD: ssl: fix build error introduced in commit 7969a3 with +OpenSSL < 1.0.0 + - DOC: fix a typo for a "deviceatlas" keyword + - FIX: small typo in an example using the "Referer" header + - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 + - BUG/MAJOR: dns: first DNS response packet not matching queried +hostname may lead to a loop + - BUG/MINOR: dns: unable to parse CNAMEs response + - BUG/MINOR: examples/haproxy.init: missing brace in +quiet_check() + - DOC: deviceatlas: more example use cases. + - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in +install-bin. + - BUG/MAJOR: http: don't requeue an idle connection that is +already queued + - DOC: typo on capture.res.hdr and capture.req.hdr + - BUG/MINOR: dns: check for duplicate nameserver id in a +resolvers section was missing + - CLEANUP: use direction names in place of numeric values + - BUG/MEDIUM: lua: sample fetches based on response doesn't work +- drop haproxy-1.6.0-ssl-098.patch: included upstream + +--- +Thu Oct 22 10:21:00 UTC 2015 - mrueck...@suse.de + +- update to 1.6.1 + - DOC: specify that stats socket doc (section 9.2) is in +management + - BUILD: install only relevant and existing documentation + - CLEANUP: don't ignore debian/ directory if present + - BUG/MINOR: dns: parsing error of some DNS response + - BUG/MEDIUM: namespaces: don't fail if no namespace is used + - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is +disabled + - MEDIUM: dns: Don't use the ANY query type +- drop haproxy-1.6.0-ssl.crash.patch included in update + +--- +Mon Oct 19 16:15:57 UTC 2015 - mrueck...@suse.de + +- add haproxy-1.6.0-ssl-098.patch: + fix building on openssl 0.9.8 + +--- +Fri Oct 16 17:16:40 UTC 2015 - mrueck...@suse.de + +- added haproxy-1.6.0-ssl.crash.patch: fix SNI related crash + +--- +Thu Oct 15 23:19:33 UTC 2015 - mrueck...@suse.de + +- only use network namespace support on distros newer than 13.2 + +--- +Tue Oct 13 19:39:12 UTC 2015 - mrueck...@suse.de + +- update to 1.6.0 + The most user-visible changes, we can cite the simpler handling + of multiple configuration files, the support for quotes and + environment variables in the configuration, a significant + reduction of the memory usage thanks to a new dynamic buffer + allocator, notifications over e-mail, server state keeping across + reloads, dynamic DNS-based server address resolution, new + scripting capabilities thanks to the embedded Lua interpreter, + use of variables in the configuration to manipulate samples, + request body buffering and analysis, support for two third-party + device identification products (DeviceAtlas and 51Degrees), a lot + of new sample converters including arithmetic operators and table + lookups, TLS ticket secret sharing between nodes, TLS SNI to the + server, full tables replication between peers, ability to + instruct the kernel to quickly kill dead connections, support for + Linux namespaces, and a number of other less visible goodies. The + performance has also been improved a lot with support for server + connection multiplexing, much faster and cheaper HTTP compression + via libslz, and the addition of a pattern cache to speed up + certain expensive ACLs. The great flexibility offered by this + version will allow many users to significantly simplify their + configurations. Some users will notice a huge performance boost + after they enable the features designed for them. + + for all the details see /usr/share/doc/packages/haproxy/CHANGELOG +- drop patches we pulled from upstream git: + 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch + 0002-DOC-usesrc-root-privileges-requirements.patch + 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch +
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-09-27 08:40:21 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is "haproxy" Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-09-08 18:11:56.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-09-27 08:39:44.0 +0200 @@ -1,0 +2,5 @@ +Wed Sep 23 19:26:54 UTC 2015 - dmuel...@suse.com + +- fix haproxy status checks (bsc#947204) + +--- Other differences: -- ++ haproxy.init ++ --- /var/tmp/diff_new_pack.KSIfMC/_old 2015-09-27 08:39:45.0 +0200 +++ /var/tmp/diff_new_pack.KSIfMC/_new 2015-09-27 08:39:45.0 +0200 @@ -205,12 +205,13 @@ rc_status -v ;; reload|force-reload) -if checkproc -p $HAPROXY_PID $HAPROXY_BIN; then -haproxy_check -echo -n "Reload service haproxy " -$HAPROXY_BIN -p $HAPROXY_PID -D -f $HAPROXY_CONF -sf $(cat $HAPROXY_PID) -rc_status -v -fi +## Like force-reload, but if daemon does not support +## signaling, do nothing (!) +haproxy_check +# If it supports signaling: +echo -n "Reload service haproxy " +$HAPROXY_BIN -p $HAPROXY_PID -D -f $HAPROXY_CONF -sf $(cat $HAPROXY_PID) +rc_status -v ;; status) echo -n "Checking for service haproxy " @@ -226,7 +227,7 @@ # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.) # NOTE: checkproc returns LSB compliant status values. -/sbin/checkproc $HAPROXY_BIN +/sbin/checkproc -p $HAPROXY_PID $HAPROXY_BIN # NOTE: rc_status knows that we called this init script with # "status" option and adapts its messages accordingly. rc_status -v
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-09-08 17:45:55
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is "haproxy"
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-07-05
18:03:15.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-09-08
18:11:56.0 +0200
@@ -1,0 +2,41 @@
+Tue Sep 8 09:10:02 UTC 2015 - kgronl...@suse.com
+
+- Backport patches from upstream:
+ - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
+ - BUG/MAJOR: http: don't call http_send_name_header() after an error
+- Add 0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
+- Add 0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
+
+---
+Wed Aug 26 22:47:34 UTC 2015 - kgronl...@suse.com
+
+- Backport patches from upstream:
+ - BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
+ - DOC: usesrc root privileges requirements
+ - BUILD: ssl: Allow building against libssl without SSLv3.
+ - DOC/MINOR: fix OpenBSD versions where haproxy works
+ - BUG/MINOR: http/sample: gmtime/localtime can fail
+ - DOC: typo in 'redirect', 302 code meaning
+ - DOC: mention that %ms is left-padded with zeroes.
+ - CLEANUP: .gitignore: ignore more test files
+ - CLEANUP: .gitignore: finally ignore everything but what is known.
+ - MEDIUM: config: emit a warning on a frontend without listener
+ - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing
entry
+ - DOC: ssl: missing LF
+ - DOC: fix example of http-request using ssl_fc_session_id
+
+- Add 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
+- Add 0002-DOC-usesrc-root-privileges-requirements.patch
+- Add 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
+- Add 0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
+- Add 0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
+- Add 0006-DOC-typo-in-redirect-302-code-meaning.patch
+- Add 0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
+- Add 0008-CLEANUP-.gitignore-ignore-more-test-files.patch
+- Add 0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
+- Add 0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
+- Add 0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
+- Add 0012-DOC-ssl-missing-LF.patch
+- Add 0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
+
+---
New:
0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
0002-DOC-usesrc-root-privileges-requirements.patch
0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
0006-DOC-typo-in-redirect-302-code-meaning.patch
0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch
0008-CLEANUP-.gitignore-ignore-more-test-files.patch
0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch
0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch
0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch
0012-DOC-ssl-missing-LF.patch
0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch
0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.nnQYZY/_old 2015-09-08 18:12:02.0 +0200
+++ /var/tmp/diff_new_pack.nnQYZY/_new 2015-09-08 18:12:02.0 +0200
@@ -61,6 +61,36 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5.8-fix-bashisms.patch
+# BUG/MINOR: log: missing some ARGC_* entries in fmt_directives()
+Patch5: 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch
+# DOC: usesrc root privileges requirements
+Patch6: 0002-DOC-usesrc-root-privileges-requirements.patch
+# BUILD: ssl: Allow building against libssl without SSLv3.
+Patch7: 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch
+# DOC/MINOR: fix OpenBSD versions where haproxy works
+Patch8: 0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch
+# BUG/MINOR: http/sample: gmtime/localtime can fail
+Patch9: 0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch
+# DOC: typo in 'redirect', 302 code meaning
+Patch10:0006-DOC-typo-in-redirect-302-code-meaning.patch
+# DOC: mention that %ms is left-padded with zeroes.
+Patch11:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-07-05 18:03:07
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-06-30
10:19:19.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-07-05
18:03:15.0 +0200
@@ -1,0 +2,7 @@
+Fri Jul 3 16:37:55 UTC 2015 - kgronl...@suse.com
+
+- Update to 1.5.14 (CVE-2015-3281) (bsc#937042)
+ + BUILD/MINOR: tools: rename popcount to my_popcountl
+ + BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output
data
+
+---
Old:
haproxy-1.5.13.tar.gz
New:
haproxy-1.5.14.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.zNURpP/_old 2015-07-05 18:03:15.0 +0200
+++ /var/tmp/diff_new_pack.zNURpP/_new 2015-07-05 18:03:15.0 +0200
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.13
+Version:1.5.14
Release:0
#
#
++ haproxy-1.5.13.tar.gz - haproxy-1.5.14.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/CHANGELOG new/haproxy-1.5.14/CHANGELOG
--- old/haproxy-1.5.13/CHANGELOG2015-06-26 12:20:45.0 +0200
+++ new/haproxy-1.5.14/CHANGELOG2015-07-03 17:35:11.0 +0200
@@ -1,6 +1,10 @@
ChangeLog :
===
+2015/07/03 : 1.5.14
+- BUILD/MINOR: tools: rename popcount to my_popcountl
+- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect
output data
+
2015/06/26 : 1.5.13
- BUG/MINOR: check: fix tcpcheck error message
- CLEANUP: deinit: remove codes for cleaning p-block_rules
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/README new/haproxy-1.5.14/README
--- old/haproxy-1.5.13/README 2015-06-26 12:20:45.0 +0200
+++ new/haproxy-1.5.14/README 2015-07-03 17:35:11.0 +0200
@@ -1,9 +1,9 @@
--
HAProxy how-to
--
- version 1.5.13
+ version 1.5.14
willy tarreau
- 2015/06/26
+ 2015/07/02
1) How to build it
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/VERDATE new/haproxy-1.5.14/VERDATE
--- old/haproxy-1.5.13/VERDATE 2015-06-26 12:20:45.0 +0200
+++ new/haproxy-1.5.14/VERDATE 2015-07-03 17:35:11.0 +0200
@@ -1,2 +1,2 @@
$Format:%ci$
-2015/06/23
+2015/07/02
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/VERSION new/haproxy-1.5.14/VERSION
--- old/haproxy-1.5.13/VERSION 2015-06-26 12:20:45.0 +0200
+++ new/haproxy-1.5.14/VERSION 2015-07-03 17:35:11.0 +0200
@@ -1 +1 @@
-1.5.13
+1.5.14
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/doc/configuration.txt
new/haproxy-1.5.14/doc/configuration.txt
--- old/haproxy-1.5.13/doc/configuration.txt2015-06-26 12:20:45.0
+0200
+++ new/haproxy-1.5.14/doc/configuration.txt2015-07-03 17:35:11.0
+0200
@@ -2,9 +2,9 @@
HAProxy
Configuration Manual
--
- version 1.5.13
+ version 1.5.14
willy tarreau
- 2015/06/26
+ 2015/07/02
This document covers the configuration language as implemented in the version
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.13/examples/haproxy.spec
new/haproxy-1.5.14/examples/haproxy.spec
--- old/haproxy-1.5.13/examples/haproxy.spec2015-06-26 12:20:45.0
+0200
+++ new/haproxy-1.5.14/examples/haproxy.spec2015-07-03 17:35:11.0
+0200
@@ -1,6 +1,6 @@
Summary: HA-Proxy is a TCP/HTTP reverse proxy for high availability
environments
Name: haproxy
-Version: 1.5.13
+Version: 1.5.14
Release: 1
License: GPL
Group: System Environment/Daemons
@@ -76,6 +76,9 @@
%attr(0755,root,root) %config %{_sysconfdir}/rc.d/init.d/%{name}
%changelog
+* Fri Jul 3 2015 Willy Tarreau w...@1wt.eu
+- updated to
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-06-30 10:19:18 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-06-02 10:08:17.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-06-30 10:19:19.0 +0200 @@ -1,0 +2,85 @@ +Fri Jun 26 11:45:33 UTC 2015 - kgronl...@suse.com + +- Update to 1.5.13 + - Dropped all patches backported from git, no further changes +than those patches provided. + +- Removed patches: + + Remove 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch + + Remove 0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch + + Remove 0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch + + Remove 0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch + + Remove 0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch + + Remove 0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch + + Remove 0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch + + Remove 0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch + + Remove 0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch + + Remove 0010-DOC-Update-doc-about-weight-act-and-bck-fields-in-th.patch + + Remove 0011-MINOR-ssl-add-a-destructor-to-free-allocated-SSL-res.patch + + Remove 0012-BUG-MEDIUM-ssl-fix-tune.ssl.default-dh-param-value-b.patch + + Remove 0013-BUG-MINOR-cfgparse-fix-typo-in-option-httplog-error-.patch + + Remove 0014-BUG-MEDIUM-cfgparse-segfault-when-userlist-is-misuse.patch + + Remove 0015-MEDIUM-ssl-replace-standards-DH-groups-with-custom-o.patch + + Remove 0016-BUG-MINOR-debug-display-null-in-place-of-meth.patch + + Remove 0017-CLEANUP-deinit-remove-codes-for-cleaning-p-block_rul.patch + + Remove 0018-BUG-MINOR-ssl-fix-smp_fetch_ssl_fc_session_id.patch + + Remove 0019-MEDIUM-init-don-t-stop-proxies-in-parent-process-whe.patch + + Remove 0020-MINOR-peers-store-the-pointer-to-the-signal-handler.patch + + Remove 0021-MEDIUM-peers-unregister-peers-that-were-never-starte.patch + + Remove 0022-MEDIUM-config-propagate-the-table-s-process-list-to-.patch + + Remove 0023-MEDIUM-init-stop-any-peers-section-not-bound-to-the-.patch + + Remove 0024-MEDIUM-config-validate-that-peers-sections-are-bound.patch + + Remove 0025-MAJOR-peers-allow-peers-section-to-be-used-with-nbpr.patch + + Remove 0026-DOC-relax-the-peers-restriction-to-single-process.patch + + Remove 0027-CLEANUP-config-fix-misleading-information-in-error-m.patch + + Remove 0028-MINOR-config-report-the-number-of-processes-using-a-.patch + + Remove 0029-BUG-MEDIUM-config-properly-compute-the-default-numbe.patch + +--- +Thu Jun 25 15:01:34 UTC 2015 - kgronl...@suse.com + +- Backport upstream patches: + + DOC: Update doc about weight, act and bck fields in the statistics + + MINOR: ssl: add a destructor to free allocated SSL ressources + + BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten + + BUG/MINOR: cfgparse: fix typo in 'option httplog' error message + + BUG/MEDIUM: cfgparse: segfault when userlist is misused + + MEDIUM: ssl: replace standards DH groups with custom ones + + BUG/MINOR: debug: display (null) in place of meth + + CLEANUP: deinit: remove codes for cleaning p-block_rules + + BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id + + MEDIUM: init: don't stop proxies in parent process when exiting + + MINOR: peers: store the pointer to the signal handler + + MEDIUM: peers: unregister peers that were never started + + MEDIUM: config: propagate the table's process list to the peers sections + + MEDIUM: init: stop any peers section not bound to the correct process + + MEDIUM: config: validate that peers sections are bound to exactly one process + + MAJOR: peers: allow peers section to be used with nbproc 1 + + DOC: relax the peers restriction to single-process + + CLEANUP: config: fix misleading information in error message. + + MINOR: config: report the number of processes using a peers section in the error case + + BUG/MEDIUM: config: properly compute the default number of processes for a proxy + +- Added patches: + + Add 0010-DOC-Update-doc-about-weight-act-and-bck-fields-in-th.patch + + Add 0011-MINOR-ssl-add-a-destructor-to-free-allocated-SSL-res.patch + + Add 0012-BUG-MEDIUM-ssl-fix-tune.ssl.default-dh-param-value-b.patch + + Add 0013-BUG-MINOR-cfgparse-fix-typo-in-option-httplog-error-.patch + + Add 0014-BUG-MEDIUM-cfgparse-segfault-when-userlist-is-misuse.patch + + Add 0015-MEDIUM-ssl-replace-standards-DH-groups-with-custom-o.patch + + Add
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-06-02 10:08:16
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-05-05
00:55:49.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-06-02
10:08:17.0 +0200
@@ -1,0 +2,31 @@
+Mon May 25 09:34:58 UTC 2015 - kgronl...@suse.com
+
+- BUG/MINOR: check: fix tcpcheck error message
+- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
+- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
+- CLEANUP: checks: simplify the loop processing of tcp-checks
+- BUG/MAJOR: checks: always check for end of list before proceeding
+- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
+- BUG/MEDIUM: peers: apply a random reconnection timeout
+- Add 0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch
+- Add 0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch
+- Add 0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch
+- Add 0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch
+- Add 0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch
+- Add 0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch
+- Add 0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch
+
+---
+Mon May 11 19:27:33 UTC 2015 - mrueck...@suse.de
+
+- added 0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch
+ BUG/MEDIUM: http: don't forward client shutdown without NOLINGER
+ except for tunnels
+
+---
+Mon May 4 22:02:30 UTC 2015 - mrueck...@suse.de
+
+- added first patch from the 1.5 branch after the update:
+ 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch
+
+---
New:
0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch
0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch
0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch
0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch
0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch
0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch
0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch
0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch
0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.y4zu5b/_old 2015-06-02 10:08:18.0 +0200
+++ /var/tmp/diff_new_pack.y4zu5b/_new 2015-06-02 10:08:18.0 +0200
@@ -61,6 +61,23 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5.8-fix-bashisms.patch
+Patch5: 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch
+Patch6: 0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch
+# PATCH-FIX-UPSTREAM: BUG/MINOR: check: fix tcpcheck error message
+Patch7: 0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch
+# PATCH-FIX-UPSTREAM: CLEANUP: checks: fix double usage of cur / current_step
in tcp-checks
+Patch8: 0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch
+# PATCH-FIX-UPSTREAM: BUG/MEDIUM: checks: do not dereference head of a
tcp-check at the end
+Patch9: 0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch
+# PATCH-FIX-UPSTREAM: CLEANUP: checks: simplify the loop processing of
tcp-checks
+Patch10:0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch
+# PATCH-FIX-UPSTREAM: BUG/MAJOR: checks: always check for end of list before
proceeding
+Patch11:0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch
+# PATCH-FIX-UPSTREAM: BUG/MEDIUM: checks: do not dereference a list as a
tcpcheck struct
+Patch12:0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch
+# PATCH-FIX-UPSTREAM: BUG/MEDIUM: peers: apply a random reconnection timeout
+Patch13:0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch
+
#
Source99: haproxy-rpmlintrc
#
@@ -95,6 +112,15 @@
%patch2
%patch3
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
%build
%{__make} \
++ 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch ++
From 0aa5899911bbc765ba16ce52a80fa76230781779 Mon Sep 17 00:00:00 2001
From: Willy Tarreau
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-05-05 00:55:48 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-04-22 01:19:29.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-05-05 00:55:49.0 +0200 @@ -1,0 +2,65 @@ +Sat May 2 22:17:57 UTC 2015 - mrueck...@suse.de + +- update to 1.5.12 + - BUG/MINOR: ssl: Display correct filename in error message + - DOC: Fix L4TOUT typo in documentation + - BUG/MEDIUM: Do not consider an agent check as failed on L7 +error + - BUG/MINOR: pattern: error message missing + - BUG/MEDIUM: pattern: some entries are not deleted with case +insensitive match + - BUG/MEDIUM: buffer: one byte miss in buffer free space check + - BUG/MAJOR: http: don't read past buffer's end in +http_replace_value + - BUG/MEDIUM: http: the function (req|res)-replace-value +doesn't respect the HTTP syntax + - BUG/MEDIUM: peers: correctly configure the client timeout + - BUG/MINOR: compression: consider the expansion factor in init + - BUG/MEDIUM: http: hdr_cnt would not count any header when +called without name + - BUG/MEDIUM: listener: don't report an error when resuming +unbound listeners + - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes +only + - BUG/MEDIUM: stream-int: always reset si-ops when si-end is +nullified + - BUG/MEDIUM: http: remove content-length from chunked messages + - DOC: http: update the comments about the rules for determining +transfer-length + - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding +to HTTP/1.1 + - BUG/MEDIUM: http: incorrect transfer-coding in the request is a +bad request + - BUG/MEDIUM: http: remove content-length form responses with bad +transfer-encoding + - MEDIUM: http: restrict the HTTP version token to 1 digit as per +RFC7230 + - MEDIUM: http: add option-ignore-probes to get rid of the floods +of 408 + - BUG/MINOR: config: clear proxy-table.peers.p for disabled +proxies + - MINOR: stick-table: don't attach to peers in stopped state + - MEDIUM: config: initialize stick-tables after peers, not before + - MEDIUM: peers: add the ability to disable a peers section + - DOC: document option http-ignore-probes + - DOC: fix the comments about the meaning of msg-sol in HTTP + - BUG/MEDIUM: http: wait for the exact amount of body bytes in +wait_for_request_body + - BUG/MAJOR: http: prevent risk of reading past end with balance +url_param + - DOC: update the doc on the proxy protocol +- remove patches that we pulled from the 1.5 tree + 0001-BUG-MINOR-pattern-error-message-missing.patch + 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch + 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch + 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch + 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch + 0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch + 0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch + 0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch + 0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch + 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch + 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch + 0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch + +--- Old: 0001-BUG-MINOR-pattern-error-message-missing.patch 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch 0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch 0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch 0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch 0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch 0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch haproxy-1.5.11.tar.gz New: haproxy-1.5.12.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.diiPLL/_old 2015-05-05 00:55:50.0 +0200 +++ /var/tmp/diff_new_pack.diiPLL/_new 2015-05-05 00:55:50.0 +0200 @@ -33,7 +33,7 @@ %bcond_without
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-04-22 01:19:28
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-04-07
09:29:15.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-04-22
01:19:29.0 +0200
@@ -1,0 +2,8 @@
+Mon Apr 20 10:52:12 UTC 2015 - mrueck...@suse.de
+
+- pull 3 patches from upstream:
+ 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch
+ 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch
+ 0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch
+
+---
New:
0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch
0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch
0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.22exr3/_old 2015-04-22 01:19:30.0 +0200
+++ /var/tmp/diff_new_pack.22exr3/_new 2015-04-22 01:19:30.0 +0200
@@ -70,6 +70,9 @@
Patch11:0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch
Patch12:0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch
Patch13:0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch
+Patch14:0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch
+Patch15:0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch
+Patch16:0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch
#
Source99: haproxy-rpmlintrc
#
@@ -113,6 +116,9 @@
%patch11 -p1
%patch12 -p1
%patch13 -p1
+%patch14 -p1
+%patch15 -p1
+%patch16 -p1
%build
%{__make} \
++ 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch ++
From 37dc94cde496e83e00af0580c1a7bfb06e98aafe Mon Sep 17 00:00:00 2001
From: Alexander Rigbo alexander.ri...@blocket.se
Date: Tue, 7 Apr 2015 14:02:16 +0200
Subject: [PATCH 10/12] BUG/MINOR: ssl: Display correct filename in error
message
This patch should be backported to 1.5.
(cherry picked from commit fc65af0c6180d1682f6bf76cf804cd003541b3e9)
---
src/ssl_sock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2614dd6..d0f4d01 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1569,7 +1569,7 @@ int ssl_sock_prepare_ctx(struct bind_conf *bind_conf,
SSL_CTX *ctx, struct proxy
if (!store || !X509_STORE_load_locations(store,
bind_conf-crl_file, NULL)) {
Alert(Proxy '%s': unable to configure CRL file
'%s' for bind '%s' at [%s:%d].\n,
- curproxy-id, bind_conf-ca_file,
bind_conf-arg, bind_conf-file, bind_conf-line);
+ curproxy-id, bind_conf-crl_file,
bind_conf-arg, bind_conf-file, bind_conf-line);
cfgerr++;
}
else {
--
2.1.4
++ 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch ++
From 06f823d50473c3dc31732b38c81a6010587f01a4 Mon Sep 17 00:00:00 2001
From: Willy Tarreau w...@1wt.eu
Date: Tue, 14 Apr 2015 12:07:16 +0200
Subject: [PATCH 11/12] BUG/MEDIUM: listener: don't report an error when
resuming unbound listeners
Pavlos Parissis reported that a sequence of disable/enable on a frontend
performed on the CLI can result in an error if the frontend has several
bind lines each bound to different processes. This is because the
resume_listener() function returns a failure for frontends not part of
the current process instead of returning a success to pretend there was
no failure.
This fix should be backported to 1.5.
(cherry picked from commit af2fd584f32ec72b3d6d27a915f15df8041b56e7)
---
src/listener.c | 9 +
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/listener.c b/src/listener.c
index 11df69f..21eba52 100644
--- a/src/listener.c
+++ b/src/listener.c
@@ -120,9 +120,10 @@ int pause_listener(struct listener *l)
* may replace enable_listener(). The resulting state will either be LI_READY
* or LI_FULL. 0 is returned in case of failure to resume (eg: dead socket).
* Listeners bound to a different process are not woken up unless we're in
- * foreground mode. If the listener was only in the assigned state, it's
totally
- * rebound. This can happen if a pause() has completely stopped it. If the
- * resume fails, 0 is returned and an error might be displayed.
+ * foreground mode, and are ignored.
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-04-07 09:29:14
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-03-11
09:58:15.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-04-07
09:29:15.0 +0200
@@ -1,0 +2,19 @@
+Thu Apr 2 10:54:29 UTC 2015 - mrueck...@suse.de
+
+- pull 3 patches from upstream:
+ 0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch
+ 0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch
+ 0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch
+
+---
+Mon Mar 16 15:00:13 UTC 2015 - kgronl...@suse.com
+
+- pull 3 patches from upstream:
+ - BUG/MEDIUM: peers: correctly configure the client timeout
+ - BUG/MEDIUM: buffer: one byte miss in buffer free space check
+ - BUG/MAJOR: http: don't read past buffer's end in http_replace_value
+- Add 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch
+- Add 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch
+- Add 0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch
+
+---
New:
0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch
0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch
0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch
0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch
0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch
0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.riNh8q/_old 2015-04-07 09:29:15.0 +0200
+++ /var/tmp/diff_new_pack.riNh8q/_new 2015-04-07 09:29:15.0 +0200
@@ -64,6 +64,12 @@
Patch5: 0001-BUG-MINOR-pattern-error-message-missing.patch
Patch6: 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
Patch7: 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch
+Patch8: 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch
+Patch9: 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch
+Patch10:0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch
+Patch11:0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch
+Patch12:0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch
+Patch13:0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch
#
Source99: haproxy-rpmlintrc
#
@@ -101,6 +107,12 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
+%patch11 -p1
+%patch12 -p1
+%patch13 -p1
%build
%{__make} \
++ 0001-BUG-MINOR-pattern-error-message-missing.patch ++
--- /var/tmp/diff_new_pack.riNh8q/_old 2015-04-07 09:29:15.0 +0200
+++ /var/tmp/diff_new_pack.riNh8q/_new 2015-04-07 09:29:15.0 +0200
@@ -1,7 +1,7 @@
From e338a8741983acc9a4501a03ecd593d89e6fade3 Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:50:55 +0100
-Subject: [PATCH 1/3] BUG/MINOR: pattern: error message missing
+Subject: [PATCH 1/9] BUG/MINOR: pattern: error message missing
This patch must be backported in 1.5 version.
(cherry picked from commit 8aa8384e22dd0b66ded00c70a9c6034278b4bb69)
++ 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch ++
--- /var/tmp/diff_new_pack.riNh8q/_old 2015-04-07 09:29:15.0 +0200
+++ /var/tmp/diff_new_pack.riNh8q/_new 2015-04-07 09:29:15.0 +0200
@@ -1,7 +1,7 @@
From 623401b983185c1e0f6507e96557de3bc46fd41b Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:53:54 +0100
-Subject: [PATCH 2/3] BUG/MEDIUM: pattern: some entries are not deleted with
+Subject: [PATCH 2/9] BUG/MEDIUM: pattern: some entries are not deleted with
case insensitive match
ACL or map entries are not deleted with the command del acl or del map
++ 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch ++
--- /var/tmp/diff_new_pack.riNh8q/_old 2015-04-07 09:29:15.0 +0200
+++ /var/tmp/diff_new_pack.riNh8q/_new 2015-04-07 09:29:15.0 +0200
@@ -1,8 +1,8 @@
From bfb8f885955efa1ef90f79595f16a01e30fd0dcf Mon Sep 17 00:00:00 2001
From: Simon Horman ho...@verge.net.au
Date: Thu, 26 Feb 2015 11:26:17 +0900
-Subject: [PATCH] BUG/MEDIUM: Do not consider an agent check as failed on L7
- error
+Subject: [PATCH 3/9]
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-03-11 09:58:15
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-02-18
12:08:55.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-03-11
09:58:15.0 +0100
@@ -1,0 +2,6 @@
+Thu Mar 5 22:10:56 UTC 2015 - mrueck...@suse.de
+
+- added another fix from upstream:
+ 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch
+
+---
New:
0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.ibLkQ1/_old 2015-03-11 09:58:17.0 +0100
+++ /var/tmp/diff_new_pack.ibLkQ1/_new 2015-03-11 09:58:17.0 +0100
@@ -63,6 +63,7 @@
Patch4: haproxy-1.5.8-fix-bashisms.patch
Patch5: 0001-BUG-MINOR-pattern-error-message-missing.patch
Patch6: 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
+Patch7: 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch
#
Source99: haproxy-rpmlintrc
#
@@ -99,6 +100,7 @@
%patch4 -p1
%patch5 -p1
%patch6 -p1
+%patch7 -p1
%build
%{__make} \
++ 0001-BUG-MINOR-pattern-error-message-missing.patch ++
--- /var/tmp/diff_new_pack.ibLkQ1/_old 2015-03-11 09:58:17.0 +0100
+++ /var/tmp/diff_new_pack.ibLkQ1/_new 2015-03-11 09:58:17.0 +0100
@@ -1,7 +1,7 @@
From e338a8741983acc9a4501a03ecd593d89e6fade3 Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:50:55 +0100
-Subject: [PATCH 1/2] BUG/MINOR: pattern: error message missing
+Subject: [PATCH 1/3] BUG/MINOR: pattern: error message missing
This patch must be backported in 1.5 version.
(cherry picked from commit 8aa8384e22dd0b66ded00c70a9c6034278b4bb69)
++ 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch ++
--- /var/tmp/diff_new_pack.ibLkQ1/_old 2015-03-11 09:58:17.0 +0100
+++ /var/tmp/diff_new_pack.ibLkQ1/_new 2015-03-11 09:58:17.0 +0100
@@ -1,7 +1,7 @@
From 623401b983185c1e0f6507e96557de3bc46fd41b Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:53:54 +0100
-Subject: [PATCH 2/2] BUG/MEDIUM: pattern: some entries are not deleted with
+Subject: [PATCH 2/3] BUG/MEDIUM: pattern: some entries are not deleted with
case insensitive match
ACL or map entries are not deleted with the command del acl or del map
++ 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch ++
From bfb8f885955efa1ef90f79595f16a01e30fd0dcf Mon Sep 17 00:00:00 2001
From: Simon Horman ho...@verge.net.au
Date: Thu, 26 Feb 2015 11:26:17 +0900
Subject: [PATCH] BUG/MEDIUM: Do not consider an agent check as failed on L7
error
As failure to connect to the agent check is not sufficient to mark it as
failed it stands to reason that an L7 error shouldn't either.
Without this fix if an L7 error occurs, for example of connectivity to the
agent is lost immediately after establishing a connection to it, then the
agent check will be considered to have failed and thus may end up with zero
health. Once this has occurred if the primary health check also reaches
zero health, which is likely if connectivity to the server is lost, then
the server will be marked as down and not be marked as up again until a
successful agent check occurs regardless of the success of any primary
health checks.
This behaviour is not correct as a failed agent check should never cause a
server to be marked as down or by extension continue to be marked as down.
Signed-off-by: Simon Horman ho...@verge.net.au
(cherry picked from commit eaabd52e29a29187f9829fe727028a6ca530cbf9)
---
src/checks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/checks.c b/src/checks.c
index b9048da..71debb6 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -246,7 +246,7 @@ static void set_server_check_status(struct check *check,
short status, const cha
* cause the server to be marked down.
*/
if ((!(check-state CHK_ST_AGENT) ||
- (check-status = HCHK_STATUS_L7TOUT))
+ (check-status = HCHK_STATUS_L57DATA))
(check-health = check-rise)) {
s-counters.failed_checks++;
report = 1;
--
2.3.0
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail:
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-02-18 11:39:34
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-02-03
15:35:28.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-02-18
12:08:55.0 +0100
@@ -1,0 +2,13 @@
+Wed Feb 11 12:38:06 GMT 2015 - aspi...@suse.com
+
+- haproxy.init: fix reload and force-reload not to start a stopped
+ service
+
+---
+Fri Feb 6 18:47:17 UTC 2015 - mrueck...@suse.de
+
+- pulled 2 patches from upstream:
+ 0001-BUG-MINOR-pattern-error-message-missing.patch
+ 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
+
+---
New:
0001-BUG-MINOR-pattern-error-message-missing.patch
0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.GTKmz3/_old 2015-02-18 12:08:56.0 +0100
+++ /var/tmp/diff_new_pack.GTKmz3/_new 2015-02-18 12:08:56.0 +0100
@@ -61,6 +61,8 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5.8-fix-bashisms.patch
+Patch5: 0001-BUG-MINOR-pattern-error-message-missing.patch
+Patch6: 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
#
Source99: haproxy-rpmlintrc
#
@@ -95,6 +97,8 @@
%patch2
%patch3
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
%build
%{__make} \
++ 0001-BUG-MINOR-pattern-error-message-missing.patch ++
From e338a8741983acc9a4501a03ecd593d89e6fade3 Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:50:55 +0100
Subject: [PATCH 1/2] BUG/MINOR: pattern: error message missing
This patch must be backported in 1.5 version.
(cherry picked from commit 8aa8384e22dd0b66ded00c70a9c6034278b4bb69)
---
src/pattern.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/pattern.c b/src/pattern.c
index 208e33a..a6fc52d 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -989,8 +989,10 @@ int pat_idx_list_ptr(struct pattern_expr *expr, struct
pattern *pat, char **err)
/* allocate pattern */
patl = calloc(1, sizeof(*patl));
- if (!patl)
+ if (!patl) {
+ memprintf(err, out of memory while indexing pattern);
return 0;
+ }
/* duplicate pattern */
memcpy(patl-pat, pat, sizeof(*pat));
--
2.1.4
++ 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch ++
From 623401b983185c1e0f6507e96557de3bc46fd41b Mon Sep 17 00:00:00 2001
From: Thierry FOURNIER tfourn...@exceliance.fr
Date: Fri, 6 Feb 2015 17:53:54 +0100
Subject: [PATCH 2/2] BUG/MEDIUM: pattern: some entries are not deleted with
case insensitive match
ACL or map entries are not deleted with the command del acl or del map
if the case insentive flag is set.
This is because the the case insensitive string are stored in a list and the
default delete function associated with string looks in a tree. I add a check
of the case insensitive flag and execute the delete function for lists if it
is set.
This patch must be backported in 1.5 version.
(cherry picked from commit 73bc285be194f443dc7eab9c949e87e1dbe8f70c)
---
src/pattern.c | 4
1 file changed, 4 insertions(+)
diff --git a/src/pattern.c b/src/pattern.c
index a6fc52d..b19ffe2 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -1308,6 +1308,10 @@ void pat_del_tree_str(struct pattern_expr *expr, struct
pat_ref_elt *ref)
struct ebmb_node *node, *next_node;
struct pattern_tree *elt;
+ /* If the flag PAT_F_IGNORE_CASE is set, we cannot use trees */
+ if (expr-mflags PAT_MF_IGNORE_CASE)
+ return pat_del_list_ptr(expr, ref);
+
/* browse each node of the tree. */
for (node = ebmb_first(expr-pattern_tree), next_node = node ?
ebmb_next(node) : NULL;
node;
--
2.1.4
++ haproxy.init ++
--- /var/tmp/diff_new_pack.GTKmz3/_old 2015-02-18 12:08:56.0 +0100
+++ /var/tmp/diff_new_pack.GTKmz3/_new 2015-02-18 12:08:56.0 +0100
@@ -205,14 +205,12 @@
rc_status -v
;;
reload|force-reload)
-## Like force-reload, but if daemon does not support
-## signaling, do nothing (!)
-
-haproxy_check
-# If it supports signaling:
-echo -n Reload service haproxy
-$HAPROXY_BIN -p $HAPROXY_PID -D -f $HAPROXY_CONF -sf $(cat
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2015-02-03 15:35:26
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2015-01-08
23:02:37.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-02-03
15:35:28.0 +0100
@@ -1,0 +2,38 @@
+Sun Feb 1 08:27:43 UTC 2015 - mrueck...@suse.de
+
+- update to 1.5.11
+ - BUG/MEDIUM: backend: correctly detect the domain when
+use_domain_only is used
+ - MINOR: ssl: load certificates in alphabetical order
+ - BUG/MINOR: checks: prevent http keep-alive with http-check
+expect
+ - BUG/MEDIUM: Do not set agent health to zero if server is
+disabled in config
+ - MEDIUM/BUG: Only explicitly report DOWN (agent) if the agent
+health is zero
+ - BUG/MINOR: stats:Fix incorrect printf type.
+ - DOC: add missing entry for log-format and clarify the text
+ - BUG/MEDIUM: http: fix header removal when previous header ends
+with pure LF
+ - BUG/MEDIUM: channel: fix possible integer overflow on reserved
+size computation
+ - BUG/MINOR: channel: compare to_forward with buf-i, not
+buf-size
+ - MINOR: channel: add channel_in_transit()
+ - MEDIUM: channel: make buffer_reserved() use
+channel_in_transit()
+ - MEDIUM: channel: make bi_avail() use channel_in_transit()
+ - BUG/MEDIUM: channel: don't schedule data in transit for leaving
+until connected
+ - BUG/MAJOR: log: don't try to emit a log if no logger is set
+ - BUG/MINOR: args: add missing entry for ARGT_MAP in
+arg_type_names
+ - BUG/MEDIUM: http: make http-request set-header compute the
+string before removal
+ - BUG/MINOR: http: fix incorrect header value offset in
+replace-hdr/replace-value
+ - BUG/MINOR: http: abort request processing on filter failure
+- drop patch included in update:
+ 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
+
+---
Old:
0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
haproxy-1.5.10.tar.gz
New:
haproxy-1.5.11.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.sOSYRR/_old 2015-02-03 15:35:29.0 +0100
+++ /var/tmp/diff_new_pack.sOSYRR/_new 2015-02-03 15:35:29.0 +0100
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.10
+Version:1.5.11
Release:0
#
#
@@ -61,8 +61,6 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5.8-fix-bashisms.patch
-# PATCH-UPSTREAM
-Patch5: 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
#
Source99: haproxy-rpmlintrc
#
@@ -97,7 +95,6 @@
%patch2
%patch3
%patch4 -p1
-%patch5 -p1
%build
%{__make} \
++ haproxy-1.5.10.tar.gz - haproxy-1.5.11.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.10/CHANGELOG new/haproxy-1.5.11/CHANGELOG
--- old/haproxy-1.5.10/CHANGELOG2014-12-31 22:22:28.0 +0100
+++ new/haproxy-1.5.11/CHANGELOG2015-02-01 07:54:32.0 +0100
@@ -1,6 +1,27 @@
ChangeLog :
===
+2015/02/01 : 1.5.11
+- BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is
used
+- MINOR: ssl: load certificates in alphabetical order
+- BUG/MINOR: checks: prevent http keep-alive with http-check expect
+- BUG/MEDIUM: Do not set agent health to zero if server is disabled in
config
+- MEDIUM/BUG: Only explicitly report DOWN (agent) if the agent health is
zero
+- BUG/MINOR: stats:Fix incorrect printf type.
+- DOC: add missing entry for log-format and clarify the text
+- BUG/MEDIUM: http: fix header removal when previous header ends with pure
LF
+- BUG/MEDIUM: channel: fix possible integer overflow on reserved size
computation
+- BUG/MINOR: channel: compare to_forward with buf-i, not buf-size
+- MINOR: channel: add channel_in_transit()
+- MEDIUM: channel: make buffer_reserved() use channel_in_transit()
+- MEDIUM: channel: make bi_avail() use channel_in_transit()
+- BUG/MEDIUM: channel: don't schedule data in transit for leaving until
connected
+- BUG/MAJOR: log: don't try to emit a log if no logger is set
+- BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names
+- BUG/MEDIUM: http: make http-request set-header compute the string before
removal
+- BUG/MINOR: http: fix incorrect header value offset in
replace-hdr/replace-value
+
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2015-01-08 23:02:32 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-11-26 22:57:07.0 +0100 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2015-01-08 23:02:37.0 +0100 @@ -1,0 +2,90 @@ +Tue Jan 6 09:28:16 UTC 2015 - mrueck...@suse.de + +- pull fix from usptream: + 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch + BUG/MEDIUM: backend: correctly detect the domain when + use_domain_only is used + +--- +Wed Dec 31 22:17:18 UTC 2014 - mrueck...@suse.de + +- update to 1.5.10 + - DOC: fix a few typos + - BUG/MINOR: http: fix typo: 401 Unauthorized = 407 +Unauthorized + - BUG/MINOR: parse: refer curproxy instead of proxy + - DOC: httplog does not support 'no' + - MINOR: map/acl/dumpstats: remove the Done. message + - BUG/MEDIUM: sample: fix random number upper-bound + - BUG/MEDIUM: patterns: previous fix was incomplete + - BUG/MEDIUM: payload: ensure that a request channel is available + - BUG/MINOR: tcp-check: don't condition data polling on check +type + - BUG/MEDIUM: tcp-check: don't rely on random memory contents + - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is +an expect + - BUG/MINOR: config: fix typo in condition when propagating +process binding + - BUG/MEDIUM: config: do not propagate processes between stopped +processes + - BUG/MAJOR: stream-int: properly check the memory allocation +return + - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() + - BUG/MEDIUM: compression: correctly report zlib_mem +- drop patches that we pulled from git before: + 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch + 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch + 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch + 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch + 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch + 0006-DOC-fix-a-few-typos.patch + 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch + 0008-DOC-httplog-does-not-support-no.patch + 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch + 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch + 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch + 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch + +--- +Sat Dec 20 01:20:07 UTC 2014 - mrueck...@suse.de + +- pulled some more fixes from git: + 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch + 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch + 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch + 0006-DOC-fix-a-few-typos.patch + 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch + 0008-DOC-httplog-does-not-support-no.patch + 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch + 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch + 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch + 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch + + see patch headers for details. + +--- +Fri Nov 28 18:21:43 UTC 2014 - mrueck...@suse.de + +- pulled 2 fixes from git: + - 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch +Dmitry Sivachenko trtrmi...@gmail.com reported that commit +315ec42 (BUG/MEDIUM: pattern: don't load more than once a +pattern list.) relies on an uninitialised variable in the +stack. While it used to work fine during the tests, if the +uninitialized variable is non-null, some patterns may be +aggregated if loaded multiple times, resulting in slower +processing, which was the original issue it tried to address. + - 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch +Denys Fedoryshchenko reported a segfault when using certain +sample fetch functions in the tcp-request connection rulesets +despite the warnings. This is because some tests for the +existence of the channel were missing. + +--- +Wed Nov 26 12:29:42 UTC 2014 - led...@gmail.com + +- fix bashisms in example scripts +- add patches: + * haproxy-1.5.8-fix-bashisms.patch + +--- Old: haproxy-1.5.9.tar.gz New: 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch haproxy-1.5.10.tar.gz
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-11-26 10:33:24
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-11-11
09:59:45.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-11-26
10:33:31.0 +0100
@@ -1,0 +2,18 @@
+Thu Nov 20 06:56:23 UTC 2014 - kgronl...@suse.com
+
+- BUILD: fix make install to support spaces in the install dirs
+- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.
+- BUG/MEDIUM: ssl: force a full GC in case of memory shortage
+- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks
+- BUG/MINOR: config: don't inherit the default balance algorithm in frontends
+- BUG/MAJOR: frontend: initialize capture pointers earlier
+
+- Add patches:
+ - 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
+ - 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
+ - 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
+ - 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
+ - 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
+ - 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
+
+---
New:
0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.oZunna/_old 2014-11-26 10:33:32.0 +0100
+++ /var/tmp/diff_new_pack.oZunna/_new 2014-11-26 10:33:32.0 +0100
@@ -61,6 +61,19 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
+# PATCH-FIX-UPSTREAM BUILD: fix make install to support spaces in the
install dirs
+Patch4: 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
+# PATCH-FIX-UPSTREAM BUG/MEDIUM: ssl: fix bad ssl context init can cause
segfault in case of OOM.
+Patch5: 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
+# PATCH-FIX-UPSTREAM BUG/MEDIUM: ssl: force a full GC in case of memory
shortage
+Patch6: 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
+# PATCH-FIX-UPSTREAM BUG/MEDIUM: checks: fix conflicts between agent checks
and ssl healthchecks
+Patch7: 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
+# PATCH-FIX-UPSTREAM BUG/MINOR: config: don't inherit the default balance
algorithm in frontends
+Patch8: 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
+# PATCH-FIX-UPSTREAM BUG/MAJOR: frontend: initialize capture pointers earlier
+Patch9: 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
+
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -94,6 +107,13 @@
%patch2
%patch3
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+
%build
%{__make} \
TARGET=linux26 \
++ 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch ++
From 184422d39df1aa27e6ef4c1ae75177489147ec99 Mon Sep 17 00:00:00 2001
From: Arcadiy Ivanov arcadiy.iva...@servicemesh.com
Date: Tue, 4 Nov 2014 07:06:13 -0500
Subject: [PATCH 1/6] BUILD: fix make install to support spaces in the
install dirs
Makefile is unable to install into directories containing spaces.
(cherry picked from commit 3785311e64792787de78370fa126fd806734f7fe)
---
Makefile | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/Makefile b/Makefile
index 707037b..9556069 100644
--- a/Makefile
+++ b/Makefile
@@ -710,19 +710,19 @@ src/dlmalloc.o: $(DLMALLOC_SRC)
$(CC) $(COPTS) -DDEFAULT_MMAP_THRESHOLD=$(DLMALLOC_THRES) -c -o $@ $
install-man:
- install -d $(DESTDIR)$(MANDIR)/man1
- install -m 644 doc/haproxy.1 $(DESTDIR)$(MANDIR)/man1
+ install -d $(DESTDIR)$(MANDIR)/man1
+ install -m 644 doc/haproxy.1 $(DESTDIR)$(MANDIR)/man1
install-doc:
- install -d $(DESTDIR)$(DOCDIR)
+ install -d $(DESTDIR)$(DOCDIR)
for x in configuration architecture haproxy-en haproxy-fr; do \
- install -m 644 doc/$$x.txt $(DESTDIR)$(DOCDIR) ; \
+ install -m 644 doc/$$x.txt
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-11-26 20:55:40
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-11-26
10:33:31.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-11-26
22:57:07.0 +0100
@@ -1,0 +2,33 @@
+Wed Nov 26 11:50:42 UTC 2014 - mrueck...@suse.de
+
+- update to 1.5.9
+ - BUILD: fix make install to support spaces in the install dirs
+ - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl
+healthchecks
+ - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in
+case of OOM.
+ - BUG/MINOR: samples: fix unnecessary memcopy converting binary
+to string.
+ - BUG/MEDIUM: connection: sanitize PPv2 header length before
+parsing address information
+ - BUG/MEDIUM: pattern: don't load more than once a pattern list.
+ - BUG/MEDIUM: ssl: force a full GC in case of memory shortage
+ - BUG/MINOR: config: don't inherit the default balance algorithm
+in frontends
+ - BUG/MAJOR: frontend: initialize capture pointers earlier
+ - BUG/MINOR: stats: correctly set the request/response analysers
+ - DOC: fix typo in the body parser documentation for msg.sov
+ - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not
+trash.size
+ - MINOR: sample: add a few basic internal fetches (nbproc, proc,
+stopping)
+ - BUG/MAJOR: sessions: unlink session from list on out of memory
+- Drop patches pulled from git
+ - 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
+ - 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
+ - 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
+ - 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
+ - 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
+ - 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
+
+---
Old:
0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
haproxy-1.5.8.tar.gz
New:
haproxy-1.5.9.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.6ca5wt/_old 2014-11-26 22:57:08.0 +0100
+++ /var/tmp/diff_new_pack.6ca5wt/_new 2014-11-26 22:57:08.0 +0100
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.8
+Version:1.5.9
Release:0
#
#
@@ -60,20 +60,6 @@
Patch1: haproxy-1.2.16_config_haproxy_user.patch
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
-
-# PATCH-FIX-UPSTREAM BUILD: fix make install to support spaces in the
install dirs
-Patch4: 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch
-# PATCH-FIX-UPSTREAM BUG/MEDIUM: ssl: fix bad ssl context init can cause
segfault in case of OOM.
-Patch5: 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch
-# PATCH-FIX-UPSTREAM BUG/MEDIUM: ssl: force a full GC in case of memory
shortage
-Patch6: 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch
-# PATCH-FIX-UPSTREAM BUG/MEDIUM: checks: fix conflicts between agent checks
and ssl healthchecks
-Patch7: 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch
-# PATCH-FIX-UPSTREAM BUG/MINOR: config: don't inherit the default balance
algorithm in frontends
-Patch8: 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch
-# PATCH-FIX-UPSTREAM BUG/MAJOR: frontend: initialize capture pointers earlier
-Patch9: 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
-
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -107,13 +93,6 @@
%patch2
%patch3
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
-
%build
%{__make} \
TARGET=linux26 \
++ haproxy-1.5.8.tar.gz - haproxy-1.5.9.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.8/CHANGELOG new/haproxy-1.5.9/CHANGELOG
--- old/haproxy-1.5.8/CHANGELOG 2014-10-31 10:06:53.0 +0100
+++ new/haproxy-1.5.9/CHANGELOG 2014-11-26 00:38:07.0 +0100
@@ -1,6
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-11-11 09:59:31
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-11-04
17:28:57.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-11-11
09:59:45.0 +0100
@@ -1,0 +2,5 @@
+Sun Nov 09 21:52:00 UTC 2014 - Led led...@gmail.com
+
+- fix bashisms in pre script
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.v8NINE/_old 2014-11-11 09:59:46.0 +0100
+++ /var/tmp/diff_new_pack.v8NINE/_new 2014-11-11 09:59:46.0 +0100
@@ -159,8 +159,8 @@
%endif
%pre
-/usr/sbin/groupadd -r %{pkg_name} /dev/null ||:
-/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c user for %{pkg_name}
-d %{pkg_home} %{pkg_name} /dev/null ||:
+/usr/sbin/groupadd -r %{pkg_name} /dev/null 21 ||:
+/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c user for %{pkg_name}
-d %{pkg_home} %{pkg_name} /dev/null 21 || :
%if %{with systemd}
%service_add_pre %{pkg_name}.service
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2014-11-04 17:28:50 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-10-25 11:11:35.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-11-04 17:28:57.0 +0100 @@ -1,0 +2,42 @@ +Fri Oct 31 22:24:27 UTC 2014 - mrueck...@suse.de + +- update to 1.5.8 + - BUG/MAJOR: buffer: check the space left is enough or not when +input data in a buffer is wrapped + - BUG/BUILD: revert accidental change in the makefile from latest +SSL fix +- changes in 1.5.7 + - BUG/MEDIUM: regex: fix pcre_study error handling + - BUG/MINOR: log: fix request flags when keep-alive is enabled + - MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return +DER formatted certs + - MINOR: ssl: add statement to force some ssl options in global. + - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid +certificates + - BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR + - BUG/MAJOR: cli: explicitly call cli_release_handler() upon +error + - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol + - BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET +sockets +- Dropped patches: + - 0001-BUG-MEDIUM-http-don-t-dump-debug-headers-on-MSG_ERRO.patch + - 0002-BUG-MAJOR-cli-explicitly-call-cli_release_handler-up.patch + - 0003-BUG-MINOR-log-fix-request-flags-when-keep-alive-is-e.patch + - 0004-BUG-MEDIUM-tcp-fix-outgoing-polling-based-on-proxy-p.patch + +--- +Wed Oct 29 08:07:07 UTC 2014 - kgronl...@suse.com + +- BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR +- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error +- BUG/MINOR: log: fix request flags when keep-alive is enabled +- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol + +- Added patches: + - 0001-BUG-MEDIUM-http-don-t-dump-debug-headers-on-MSG_ERRO.patch + - 0002-BUG-MAJOR-cli-explicitly-call-cli_release_handler-up.patch + - 0003-BUG-MINOR-log-fix-request-flags-when-keep-alive-is-e.patch + - 0004-BUG-MEDIUM-tcp-fix-outgoing-polling-based-on-proxy-p.patch + +--- Old: haproxy-1.5.6.tar.gz New: haproxy-1.5.8.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.MrHlD8/_old 2014-11-04 17:28:58.0 +0100 +++ /var/tmp/diff_new_pack.MrHlD8/_new 2014-11-04 17:28:58.0 +0100 @@ -33,7 +33,7 @@ %bcond_without apparmor Name: haproxy -Version:1.5.6 +Version:1.5.8 Release:0 # # @@ -60,6 +60,7 @@ Patch1: haproxy-1.2.16_config_haproxy_user.patch Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch + Source99: haproxy-rpmlintrc # Summary:The Reliable, High Performance TCP/HTTP Load Balancer ++ haproxy-1.5.6.tar.gz - haproxy-1.5.8.tar.gz ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.6/CHANGELOG new/haproxy-1.5.8/CHANGELOG --- old/haproxy-1.5.6/CHANGELOG 2014-10-18 17:48:02.0 +0200 +++ new/haproxy-1.5.8/CHANGELOG 2014-10-31 10:06:53.0 +0100 @@ -1,6 +1,21 @@ ChangeLog : === +2014/10/31 : 1.5.8 +- BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped +- BUG/BUILD: revert accidental change in the makefile from latest SSL fix + +2014/10/30 : 1.5.7 +- BUG/MEDIUM: regex: fix pcre_study error handling +- BUG/MINOR: log: fix request flags when keep-alive is enabled +- MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER formatted certs +- MINOR: ssl: add statement to force some ssl options in global. +- BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates +- BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR +- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error +- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol +- BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets + 2014/10/18 : 1.5.6 - BUG/MEDIUM: systemd: set KillMode to 'mixed' - MINOR: systemd: Check configuration before start diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/haproxy-1.5.6/README new/haproxy-1.5.8/README --- old/haproxy-1.5.6/README2014-10-18 17:48:02.0 +0200 +++ new/haproxy-1.5.8/README2014-10-31
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-10-25 08:46:58
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-10-11
19:27:16.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-10-25
11:11:35.0 +0200
@@ -1,0 +2,31 @@
+Sat Oct 18 18:23:29 UTC 2014 - mrueck...@suse.de
+
+- update to 1.5.6
+ - BUG/MEDIUM: systemd: set KillMode to 'mixed'
+ - MINOR: systemd: Check configuration before start
+ - BUG/MEDIUM: config: avoid skipping disabled proxies
+ - BUG/MINOR: config: do not accept more track-sc than configured
+ - BUG/MEDIUM: backend: fix URI hash when a query string is present
+- dropped patches that were pulled from upstream
+ 0001-BUG-MEDIUM-config-avoid-skipping-disabled-proxies.patch
+ 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
+ 0004-BUG-MINOR-config-do-not-accept-more-track-sc-than-co.patch
+ 0005-BUG-MEDIUM-backend-fix-URI-hash-when-a-query-string-.patch
+- dropped patch we sent upstream
+ haproxy-1.5_check_config_before_start.patch
+
+---
+Fri Oct 17 16:03:39 UTC 2014 - kgronl...@suse.com
+
+- BUG/MINOR: config: do not accept more track-sc than configured
+- BUG/MEDIUM: backend: fix URI hash when a query string is present
+- Add patch: 0004-BUG-MINOR-config-do-not-accept-more-track-sc-than-co.patch
+- Add patch: 0005-BUG-MEDIUM-backend-fix-URI-hash-when-a-query-string-.patch
+
+---
+Fri Oct 10 20:01:33 UTC 2014 - kgronl...@suse.com
+
+- BUG/MEDIUM: config: avoid skipping disabled proxies
+- Add patch: 0001-BUG-MEDIUM-config-avoid-skipping-disabled-proxies.patch
+
+---
Old:
0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
haproxy-1.5.5.tar.gz
haproxy-1.5_check_config_before_start.patch
New:
haproxy-1.5.6.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.Hncqxb/_old 2014-10-25 11:11:36.0 +0200
+++ /var/tmp/diff_new_pack.Hncqxb/_new 2014-10-25 11:11:36.0 +0200
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.5
+Version:1.5.6
Release:0
#
#
@@ -60,10 +60,6 @@
Patch1: haproxy-1.2.16_config_haproxy_user.patch
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
-Patch4: haproxy-1.5_check_config_before_start.patch
-# PATCH-FIX-UPSTREAM: BUG/MEDIUM: systemd: set KillMode to 'mixed'
-Patch5: 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch
-
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -96,8 +92,6 @@
%patch1
%patch2
%patch3
-%patch5 -p1
-%patch4 -p1
%build
%{__make} \
++ haproxy-1.5.5.tar.gz - haproxy-1.5.6.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.5/CHANGELOG new/haproxy-1.5.6/CHANGELOG
--- old/haproxy-1.5.5/CHANGELOG 2014-10-08 10:07:23.0 +0200
+++ new/haproxy-1.5.6/CHANGELOG 2014-10-18 17:48:02.0 +0200
@@ -1,6 +1,13 @@
ChangeLog :
===
+2014/10/18 : 1.5.6
+- BUG/MEDIUM: systemd: set KillMode to 'mixed'
+- MINOR: systemd: Check configuration before start
+- BUG/MEDIUM: config: avoid skipping disabled proxies
+- BUG/MINOR: config: do not accept more track-sc than configured
+- BUG/MEDIUM: backend: fix URI hash when a query string is present
+
2014/10/08 : 1.5.5
- DOC: Address issue where documentation is excluded due to a gitignore
rule.
- MEDIUM: Improve signal handling in systemd wrapper.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.5/README new/haproxy-1.5.6/README
--- old/haproxy-1.5.5/README2014-10-08 10:07:23.0 +0200
+++ new/haproxy-1.5.6/README2014-10-18 17:48:02.0 +0200
@@ -1,9 +1,9 @@
--
HAProxy how-to
--
- version 1.5.4
+ version 1.5.6
willy tarreau
- 2014/09/02
+ 2014/10/18
1) How to build it
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.5/VERDATE new/haproxy-1.5.6/VERDATE
---
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2014-10-11 19:26:21 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-10-08 22:14:31.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-10-11 19:27:16.0 +0200 @@ -1,0 +2,13 @@ +Thu Oct 9 14:24:45 UTC 2014 - kgronl...@suse.com + +- Fix check config before start patch to apply after previous patch +- Update patch: haproxy-1.5_check_config_before_start.patch + +--- +Thu Oct 9 14:14:35 UTC 2014 - kgronl...@suse.com + +- BUG/MEDIUM: systemd: set KillMode to 'mixed' +- Add patch: + - 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch + +--- New: 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.ahAKoo/_old 2014-10-11 19:27:16.0 +0200 +++ /var/tmp/diff_new_pack.ahAKoo/_new 2014-10-11 19:27:16.0 +0200 @@ -61,6 +61,8 @@ Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch Patch4: haproxy-1.5_check_config_before_start.patch +# PATCH-FIX-UPSTREAM: BUG/MEDIUM: systemd: set KillMode to 'mixed' +Patch5: 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch Source99: haproxy-rpmlintrc # @@ -94,6 +96,7 @@ %patch1 %patch2 %patch3 +%patch5 -p1 %patch4 -p1 %build ++ 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch ++ From 1f24e3fee3aba83fb3338d17589d0ad0f34f6c73 Mon Sep 17 00:00:00 2001 From: Apollon Oikonomopoulos apoi...@debian.org Date: Wed, 8 Oct 2014 15:14:41 +0300 Subject: [PATCH] BUG/MEDIUM: systemd: set KillMode to 'mixed' By default systemd will send SIGTERM to all processes in the service's control group. In our case, this includes the wrapper, the master process and all worker processes. Since commit c54bdd2a the wrapper actually catches SIGTERM and survives to see the master process getting killed by systemd and regard this as an error, placing the unit in a failed state during systemctl stop. Since the wrapper now handles SIGTERM by itself, we switch the kill mode to 'mixed', which means that systemd will deliver the initial SIGTERM to the wrapper only, and if the actual haproxy processes don't exit after a given amount of time (default: 90s), a SIGKILL is sent to all remaining processes in the control group. See systemd.kill(5) for more information. This should also be backported to 1.5. (cherry picked from commit 74f016985ab1fa7a6a5afa301d982e77eba9c96a) --- contrib/systemd/haproxy.service.in | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/systemd/haproxy.service.in b/contrib/systemd/haproxy.service.in index 1a3d2c0..0bc5420 100644 --- a/contrib/systemd/haproxy.service.in +++ b/contrib/systemd/haproxy.service.in @@ -5,6 +5,7 @@ After=network.target [Service] ExecStart=@SBINDIR@/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID +KillMode=mixed Restart=always [Install] -- 1.8.4.5 ++ haproxy-1.5_check_config_before_start.patch ++ --- /var/tmp/diff_new_pack.ahAKoo/_old 2014-10-11 19:27:17.0 +0200 +++ /var/tmp/diff_new_pack.ahAKoo/_new 2014-10-11 19:27:17.0 +0200 @@ -1,5 +1,5 @@ diff --git a/contrib/systemd/haproxy.service.in b/contrib/systemd/haproxy.service.in -index 1a3d2c0..9b3b72a 100644 +index 0bc5420..85937e4 100644 --- a/contrib/systemd/haproxy.service.in +++ b/contrib/systemd/haproxy.service.in @@ -3,6 +3,7 @@ Description=HAProxy Load Balancer @@ -9,4 +9,4 @@ +ExecStartPre=@SBINDIR@/haproxy -f /etc/haproxy/haproxy.cfg -c -q ExecStart=@SBINDIR@/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid ExecReload=/bin/kill -USR2 $MAINPID - Restart=always + KillMode=mixed -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2014-10-08 22:14:14 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-10-07 16:01:19.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-10-08 22:14:31.0 +0200 @@ -1,0 +2,30 @@ +Wed Oct 8 12:53:41 UTC 2014 - kgronl...@suse.com + +- update to 1.5.5 + - DOC: indicate that weight zero is reported as DRAIN + - DOC: Address issue where documentation is excluded due to a gitignore rule + - This update includes all previous patches since 1.5.4 + +- Removed patches: + - 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch + - 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch + - 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch + - 0004-MINOR-Also-accept-SIGHUP-SIGTERM-in-systemd-wrapper.patch + - 0005-DOC-indicate-in-the-doc-that-track-sc-can-wait-if-da.patch + - 0006-MEDIUM-http-enable-header-manipulation-for-101-respo.patch + - 0007-BUG-MEDIUM-config-propagate-frontend-to-backend-proc.patch + - 0008-MEDIUM-config-properly-propagate-process-binding-bet.patch + - 0009-MEDIUM-config-make-the-frontends-automatically-bind-.patch + - 0010-MEDIUM-config-compute-the-exact-bind-process-before-.patch + - 0011-MEDIUM-config-only-warn-if-stats-are-attached-to-mul.patch + - 0012-MEDIUM-config-report-it-when-tcp-request-rules-are-m.patch + - 0013-MINOR-config-detect-the-case-where-a-tcp-request-con.patch + - 0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch + - 0015-BUG-MEDIUM-remove-debugging-code-from-systemd-wrappe.patch + - 0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch + - 0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch + - 0018-BUG-MEDIUM-check-rule-less-tcp-check-must-detect-con.patch + - 0019-BUG-MINOR-tcp-check-report-the-correct-failed-step-i.patch + - 0020-BUG-MINOR-config-don-t-propagate-process-binding-for.patch + +--- Old: 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch 0004-MINOR-Also-accept-SIGHUP-SIGTERM-in-systemd-wrapper.patch 0005-DOC-indicate-in-the-doc-that-track-sc-can-wait-if-da.patch 0006-MEDIUM-http-enable-header-manipulation-for-101-respo.patch 0007-BUG-MEDIUM-config-propagate-frontend-to-backend-proc.patch 0008-MEDIUM-config-properly-propagate-process-binding-bet.patch 0009-MEDIUM-config-make-the-frontends-automatically-bind-.patch 0010-MEDIUM-config-compute-the-exact-bind-process-before-.patch 0011-MEDIUM-config-only-warn-if-stats-are-attached-to-mul.patch 0012-MEDIUM-config-report-it-when-tcp-request-rules-are-m.patch 0013-MINOR-config-detect-the-case-where-a-tcp-request-con.patch 0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch 0015-BUG-MEDIUM-remove-debugging-code-from-systemd-wrappe.patch 0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch 0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch 0018-BUG-MEDIUM-check-rule-less-tcp-check-must-detect-con.patch 0019-BUG-MINOR-tcp-check-report-the-correct-failed-step-i.patch 0020-BUG-MINOR-config-don-t-propagate-process-binding-for.patch haproxy-1.5.4.tar.gz New: haproxy-1.5.5.tar.gz Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.W0GvxX/_old 2014-10-08 22:14:32.0 +0200 +++ /var/tmp/diff_new_pack.W0GvxX/_new 2014-10-08 22:14:32.0 +0200 @@ -33,7 +33,7 @@ %bcond_without apparmor Name: haproxy -Version:1.5.4 +Version:1.5.5 Release:0 # # @@ -61,46 +61,6 @@ Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch Patch4: haproxy-1.5_check_config_before_start.patch -# PATCH-FIX-UPSTREAM: DOC: clearly state that the show sess output format is not fixed -Patch5: 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch -# PATCH-FIX-UPSTREAM: MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() -Patch6: 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch -# PATCH-FIX-UPSTREAM: MEDIUM: Improve signal handling in systemd wrapper. -Patch7: 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch -# PATCH-FIX-UPSTREAM: MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper -Patch8: 0004-MINOR-Also-accept-SIGHUP-SIGTERM-in-systemd-wrapper.patch -# PATCH-FIX-UPSTREAM: DOC: indicate
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-10-07 16:00:29
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-09-26
11:21:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-10-07
16:01:19.0 +0200
@@ -1,0 +2,17 @@
+Mon Oct 6 09:09:58 UTC 2014 - kgronl...@suse.com
+
+- Backported fixes:
+ - BUG/MEDIUM: http: adjust close mode when switching to backend
+ - BUG/MINOR: config: don't propagate process binding on fatal errors.
+ - BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
+ - BUG/MINOR: tcp-check: report the correct failed step in the status
+ - BUG/MINOR: config: don't propagate process binding for dynamic use_backend
+
+- Added patches:
+ - 0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch
+ - 0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch
+ - 0018-BUG-MEDIUM-check-rule-less-tcp-check-must-detect-con.patch
+ - 0019-BUG-MINOR-tcp-check-report-the-correct-failed-step-i.patch
+ - 0020-BUG-MINOR-config-don-t-propagate-process-binding-for.patch
+
+---
New:
0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch
0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch
0018-BUG-MEDIUM-check-rule-less-tcp-check-must-detect-con.patch
0019-BUG-MINOR-tcp-check-report-the-correct-failed-step-i.patch
0020-BUG-MINOR-config-don-t-propagate-process-binding-for.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.FvvQR2/_old 2014-10-07 16:01:20.0 +0200
+++ /var/tmp/diff_new_pack.FvvQR2/_new 2014-10-07 16:01:20.0 +0200
@@ -91,6 +91,17 @@
Patch18: 0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch
# PATCH-FIX-UPSTREAM: BUG/MEDIUM: remove debugging code from systemd-wrapper
Patch19: 0015-BUG-MEDIUM-remove-debugging-code-from-systemd-wrappe.patch
+# PATCH-FIX-UPSTREAM: BUG/MEDIUM: http: adjust close mode when switching to
backend
+Patch20: 0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch
+# PATCH-FIX-UPSTREAM: BUG/MINOR: config: don't propagate process binding on
fatal errors.
+Patch21: 0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch
+# PATCH-FIX-UPSTREAM: BUG/MEDIUM: check: rule-less tcp-check must detect
connect failures
+Patch22: 0018-BUG-MEDIUM-check-rule-less-tcp-check-must-detect-con.patch
+# PATCH-FIX-UPSTREAM: BUG/MINOR: tcp-check: report the correct failed step in
the status
+Patch23: 0019-BUG-MINOR-tcp-check-report-the-correct-failed-step-i.patch
+# PATCH-FIX-UPSTREAM: BUG/MINOR: config: don't propagate process binding for
dynamic use_backend
+Patch24: 0020-BUG-MINOR-config-don-t-propagate-process-binding-for.patch
+
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -139,6 +150,11 @@
%patch17 -p1
%patch18 -p1
%patch19 -p1
+%patch20 -p1
+%patch21 -p1
+%patch22 -p1
+%patch23 -p1
+%patch24 -p1
%build
%{__make} \
++ 0016-BUG-MEDIUM-http-adjust-close-mode-when-switching-to-.patch ++
From 2e47a3ab11188239abadb6bba7bd901d764aa4fb Mon Sep 17 00:00:00 2001
From: Willy Tarreau w...@1wt.eu
Date: Tue, 30 Sep 2014 18:44:22 +0200
Subject: [PATCH 16/20] BUG/MEDIUM: http: adjust close mode when switching to
backend
Commit 179085c (MEDIUM: http: move Connection header processing earlier)
introduced a regression : the backend's HTTP mode is not considered anymore
when setting the session's HTTP mode, because wait_for_request() is only
called once, when the frontend receives the request (or when the frontend
is in TCP mode, when the backend receives the request).
The net effect is that in some situations when the frontend and the backend
do not work in the same mode (eg: keep-alive vs close), the backend's mode
is ignored.
This patch moves all that processing to a dedicated function, which is
called from the original place, as well as from session_set_backend()
when switching from an HTTP frontend to an HTTP backend in different
modes.
This fix must be backported to 1.5.
(cherry picked from commit 4e21ff9244aefa56bcf0793a9e07edba2c3c1960)
---
include/proto/proto_http.h | 1 +
src/proto_http.c | 107 +++--
src/proxy.c| 8
3 files changed, 64 insertions(+), 52 deletions(-)
diff --git a/include/proto/proto_http.h b/include/proto/proto_http.h
index e898ca8..8014310 100644
--- a/include/proto/proto_http.h
+++
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2014-09-26 10:52:30 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-09-06 12:18:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-09-26 11:21:48.0 +0200 @@ -1,0 +2,37 @@ +Thu Sep 25 16:10:08 UTC 2014 - kgronl...@suse.com + +- Backported fixes (bnc#898498): + - DOC: clearly state that the show sess output format is not fixed + - MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() + - MEDIUM: Improve signal handling in systemd wrapper. + - MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper + - DOC: indicate in the doc that track-sc* can wait if data are missing + - MEDIUM: http: enable header manipulation for 101 responses + - BUG/MEDIUM: config: propagate frontend to backend process binding again. + - MEDIUM: config: properly propagate process binding between proxies + - MEDIUM: config: make the frontends automatically bind to the listeners' processes + - MEDIUM: config: compute the exact bind-process before listener's maxaccept + - MEDIUM: config: only warn if stats are attached to multi-process bind directives + - MEDIUM: config: report it when tcp-request rules are misplaced + - MINOR: config: detect the case where a tcp-request content rule has no inspect-delay + - MEDIUM: systemd-wrapper: support multiple executable versions and names + - BUG/MEDIUM: remove debugging code from systemd-wrapper + +- Added patches: + - 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch + - 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch + - 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch + - 0004-MINOR-Also-accept-SIGHUP-SIGTERM-in-systemd-wrapper.patch + - 0005-DOC-indicate-in-the-doc-that-track-sc-can-wait-if-da.patch + - 0006-MEDIUM-http-enable-header-manipulation-for-101-respo.patch + - 0007-BUG-MEDIUM-config-propagate-frontend-to-backend-proc.patch + - 0008-MEDIUM-config-properly-propagate-process-binding-bet.patch + - 0009-MEDIUM-config-make-the-frontends-automatically-bind-.patch + - 0010-MEDIUM-config-compute-the-exact-bind-process-before-.patch + - 0011-MEDIUM-config-only-warn-if-stats-are-attached-to-mul.patch + - 0012-MEDIUM-config-report-it-when-tcp-request-rules-are-m.patch + - 0013-MINOR-config-detect-the-case-where-a-tcp-request-con.patch + - 0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch + - 0015-BUG-MEDIUM-remove-debugging-code-from-systemd-wrappe.patch + +--- @@ -4 +41 @@ -- update to 1.5.4 +- update to 1.5.4 (bnc#895849 CVE-2014-6269) New: 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch 0004-MINOR-Also-accept-SIGHUP-SIGTERM-in-systemd-wrapper.patch 0005-DOC-indicate-in-the-doc-that-track-sc-can-wait-if-da.patch 0006-MEDIUM-http-enable-header-manipulation-for-101-respo.patch 0007-BUG-MEDIUM-config-propagate-frontend-to-backend-proc.patch 0008-MEDIUM-config-properly-propagate-process-binding-bet.patch 0009-MEDIUM-config-make-the-frontends-automatically-bind-.patch 0010-MEDIUM-config-compute-the-exact-bind-process-before-.patch 0011-MEDIUM-config-only-warn-if-stats-are-attached-to-mul.patch 0012-MEDIUM-config-report-it-when-tcp-request-rules-are-m.patch 0013-MINOR-config-detect-the-case-where-a-tcp-request-con.patch 0014-MEDIUM-systemd-wrapper-support-multiple-executable-v.patch 0015-BUG-MEDIUM-remove-debugging-code-from-systemd-wrappe.patch Other differences: -- ++ haproxy.spec ++ --- /var/tmp/diff_new_pack.ZaMkgj/_old 2014-09-26 11:21:49.0 +0200 +++ /var/tmp/diff_new_pack.ZaMkgj/_new 2014-09-26 11:21:49.0 +0200 @@ -61,6 +61,36 @@ Patch2: haproxy-makefile_lib.patch Patch3: sec-options.patch Patch4: haproxy-1.5_check_config_before_start.patch +# PATCH-FIX-UPSTREAM: DOC: clearly state that the show sess output format is not fixed +Patch5: 0001-DOC-clearly-state-that-the-show-sess-output-format-i.patch +# PATCH-FIX-UPSTREAM: MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer() +Patch6: 0002-MINOR-stats-fix-minor-typo-fix-in-stats_dump_errors_.patch +# PATCH-FIX-UPSTREAM: MEDIUM: Improve signal handling in systemd wrapper. +Patch7: 0003-MEDIUM-Improve-signal-handling-in-systemd-wrapper.patch +# PATCH-FIX-UPSTREAM: MINOR: Also accept SIGHUP/SIGTERM in
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-09-06 12:18:08
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-08-25
11:05:25.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-09-06
12:18:15.0 +0200
@@ -1,0 +2,26 @@
+Wed Sep 3 07:35:14 UTC 2014 - kgronl...@suse.com
+
+- update to 1.5.4
+ - BUG: config: error in http-response replace-header number of arguments
+ - BUG/MINOR: Fix search for -p argument in systemd wrapper.
+ - BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an
unknown encryption algorithm
+ - BUG/MEDIUM: config: userlists should ensure that encrypted passwords are
supported
+ - MEDIUM: connection: add new bit in Proxy Protocol V2
+ - BUG/MINOR: server: move the directive #endif to the end of file
+ - BUG/MEDIUM: http: tarpit timeout is reset
+ - BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
+ - BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
+ - BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
+ - BUG/MINOR: pattern: remove useless allocation of unused trash in
pat_parse_reg()
+ - BUG/MEDIUM: acl: correctly compute the output type when a converter is used
+ - CLEANUP: acl: cleanup some of the redundancy and spaghetti after last fix
+ - BUG/CRITICAL: http: don't update msg-sov once data start to leave the
buffer
+
+- Dropped patches:
+ - 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
+ - 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
+ - 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
+ - 0004-BUG-config-error-in-http-response-replace-header-num.patch
+ - 0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
+
+---
Old:
0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
0004-BUG-config-error-in-http-response-replace-header-num.patch
0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
haproxy-1.5.3.tar.gz
New:
haproxy-1.5.4.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.AXQ9m9/_old 2014-09-06 12:18:16.0 +0200
+++ /var/tmp/diff_new_pack.AXQ9m9/_new 2014-09-06 12:18:16.0 +0200
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.3
+Version:1.5.4
Release:0
#
#
@@ -61,11 +61,6 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5_check_config_before_start.patch
-Patch5: 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
-Patch6: 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
-Patch7: 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
-Patch8: 0004-BUG-config-error-in-http-response-replace-header-num.patch
-Patch9: 0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -99,11 +94,6 @@
%patch2
%patch3
%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
%build
%{__make} \
++ haproxy-1.5.3.tar.gz - haproxy-1.5.4.tar.gz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/haproxy-1.5.3/CHANGELOG new/haproxy-1.5.4/CHANGELOG
--- old/haproxy-1.5.3/CHANGELOG 2014-07-25 08:56:07.0 +0200
+++ new/haproxy-1.5.4/CHANGELOG 2014-09-02 13:54:16.0 +0200
@@ -1,6 +1,22 @@
ChangeLog :
===
+2014/09/02 : 1.5.4
+- BUG: config: error in http-response replace-header number of arguments
+- BUG/MINOR: Fix search for -p argument in systemd wrapper.
+- BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with
an unknown encryption algorithm
+- BUG/MEDIUM: config: userlists should ensure that encrypted passwords are
supported
+- MEDIUM: connection: add new bit in Proxy Protocol V2
+- BUG/MINOR: server: move the directive #endif to the end of file
+- BUG/MEDIUM: http: tarpit timeout is reset
+- BUG/MAJOR: tcp: fix a possible busy spinning loop in content track-sc*
+- BUG/MEDIUM: http: fix inverted condition in pat_match_meth()
+- BUG/MEDIUM: http: fix improper parsing of HTTP methods for use with ACLs
+- BUG/MINOR: pattern: remove
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-08-25 11:04:11
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-08-05
21:11:27.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-08-25
11:05:25.0 +0200
@@ -1,0 +2,14 @@
+Fri Aug 22 14:38:59 UTC 2014 - mrueck...@suse.de
+
+- pull 2 more fixes from git:
+ - 0004-BUG-config-error-in-http-response-replace-header-num.patch
+A couple of typo fixed in 'http-response replace-header':
+- an error when counting the number of arguments
+- a typo in the alert message
+ - 0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
+Before the commit bbba2a8ecc35daf99317aaff7015c1931779c33b
+(1.5-dev24-8), the tarpit section set timeout and return, after
+this commit, the tarpit section set the timeout, and go to the
+done label which reset the timeout.
+
+---
New:
0004-BUG-config-error-in-http-response-replace-header-num.patch
0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.YWewf5/_old 2014-08-25 11:05:26.0 +0200
+++ /var/tmp/diff_new_pack.YWewf5/_new 2014-08-25 11:05:26.0 +0200
@@ -64,6 +64,8 @@
Patch5: 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
Patch6: 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
Patch7: 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
+Patch8: 0004-BUG-config-error-in-http-response-replace-header-num.patch
+Patch9: 0005-BUG-MEDIUM-http-tarpit-timeout-is-reset.patch
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -100,6 +102,8 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
+%patch8 -p1
+%patch9 -p1
%build
%{__make} \
++ 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch ++
--- /var/tmp/diff_new_pack.YWewf5/_old 2014-08-25 11:05:26.0 +0200
+++ /var/tmp/diff_new_pack.YWewf5/_new 2014-08-25 11:05:26.0 +0200
@@ -1,7 +1,7 @@
From ad65af7dab9b8d8033fd09d8031cc774a6fbf768 Mon Sep 17 00:00:00 2001
From: Godbach nylzhao...@gmail.com
Date: Mon, 28 Jul 2014 17:31:57 +0800
-Subject: [PATCH 1/3] BUG/MINOR: server: move the directive #endif to the end
+Subject: [PATCH 1/5] BUG/MINOR: server: move the directive #endif to the end
of file
If a source file includes proto/server.h twice or more, redefinition errors
will
++ 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch ++
--- /var/tmp/diff_new_pack.YWewf5/_old 2014-08-25 11:05:26.0 +0200
+++ /var/tmp/diff_new_pack.YWewf5/_new 2014-08-25 11:05:26.0 +0200
@@ -1,7 +1,7 @@
From 715e9b892f564e58489f86c125aed2a8994f16e9 Mon Sep 17 00:00:00 2001
From: Conrad Hoffmann con...@soundcloud.com
Date: Mon, 28 Jul 2014 23:22:43 +0200
-Subject: [PATCH 2/3] BUG/MINOR: Fix search for -p argument in systemd wrapper.
+Subject: [PATCH 2/5] BUG/MINOR: Fix search for -p argument in systemd wrapper.
Searching for the pid file in the list of arguments did not
take flags without parameters into account, like e.g. -de. Because
++ 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch ++
--- /var/tmp/diff_new_pack.YWewf5/_old 2014-08-25 11:05:26.0 +0200
+++ /var/tmp/diff_new_pack.YWewf5/_new 2014-08-25 11:05:26.0 +0200
@@ -1,7 +1,7 @@
From f94735eb76e634d7531f9c903113f64820c4cec0 Mon Sep 17 00:00:00 2001
From: Willy Tarreau w...@1wt.eu
Date: Wed, 30 Jul 2014 08:56:35 +0200
-Subject: [PATCH 3/3] BUG/MAJOR: tcp: fix a possible busy spinning loop in
+Subject: [PATCH 3/5] BUG/MAJOR: tcp: fix a possible busy spinning loop in
content track-sc*
As a consequence of various recent changes on the sample conversion,
++ 0004-BUG-config-error-in-http-response-replace-header-num.patch ++
From a772b945d757c25037ac58de64ccc27ceeb4b4a7 Mon Sep 17 00:00:00 2001
From: Baptiste Assmann bed...@gmail.com
Date: Fri, 8 Aug 2014 17:29:06 +0200
Subject: [PATCH 4/5] BUG: config: error in http-response replace-header number
of arguments
A couple of typo fixed in 'http-response replace-header':
- an error when counting the number of arguments
- a typo in the alert message
This should be backported to 1.5.
(cherry picked from commit 12cb00b216d67468b7c4bd84abedcb4ecd1a32bc)
---
src/proto_http.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/proto_http.c
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-08-05 21:11:18
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-07-21
22:34:38.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-08-05
21:11:27.0 +0200
@@ -1,0 +2,39 @@
+Wed Jul 30 09:47:38 UTC 2014 - mrueck...@suse.de
+
+- pull important fixes from git:
+ 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
+ 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
+ 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
+ Especially the last patch is important:
+ As a consequence of various recent changes on the sample
+ conversion, a corner case has emerged where it is possible to
+ wait forever for a sample in track-sc*.
+
+---
+Mon Jul 28 11:33:14 UTC 2014 - kgronl...@suse.com
+
+- update to 1.5.3
+ - DOC: fix typo in Unix Socket commands
+ - BUG/MEDIUM: connection: fix memory corruption when building a proxy v2
header
+ - BUG/MEDIUM: ssl: Fix a memory leak in DHE key exchange
+ - DOC: mention that Squid correctly responds 400 to PPv2 header
+ - BUG/MINOR: http: base32+src should use the big endian version of base32
+ - BUG/MEDIUM: connection: fix proxy v2 header again!
+- Removed backported patches:
+ - 0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
+ - 0002-DOC-fix-typo-in-Unix-Socket-commands.patch
+ - 0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
+ - 0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
+ - 0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch
+ - 0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch
+
+---
+Mon Jul 21 13:45:40 UTC 2014 - mrueck...@suse.de
+
+- added 0006-BUG-MEDIUM-connection-fix-proxy-v2-header-again.patch:
+ Last commit 77d1f01 (BUG/MEDIUM: connection: fix memory
+ corruption when building a proxy v2 header) was wrong, using
+ cn_trash instead of cn_trash resulting in a warning and the
+ client's SSL cert CN not being stored at the proper location.
+
+---
Old:
0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
0002-DOC-fix-typo-in-Unix-Socket-commands.patch
0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch
haproxy-1.5.2.tar.gz
New:
0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
haproxy-1.5.3.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.GUnyrA/_old 2014-08-05 21:11:28.0 +0200
+++ /var/tmp/diff_new_pack.GUnyrA/_new 2014-08-05 21:11:28.0 +0200
@@ -33,7 +33,7 @@
%bcond_without apparmor
Name: haproxy
-Version:1.5.2
+Version:1.5.3
Release:0
#
#
@@ -61,11 +61,9 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5_check_config_before_start.patch
-Patch5: 0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
-Patch6: 0002-DOC-fix-typo-in-Unix-Socket-commands.patch
-Patch7: 0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
-Patch8: 0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
-Patch9: 0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch
+Patch5: 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch
+Patch6: 0002-BUG-MINOR-Fix-search-for-p-argument-in-systemd-wrapp.patch
+Patch7: 0003-BUG-MAJOR-tcp-fix-a-possible-busy-spinning-loop-in-c.patch
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -102,8 +100,6 @@
%patch5 -p1
%patch6 -p1
%patch7 -p1
-%patch8 -p1
-%patch9 -p1
%build
%{__make} \
++ 0001-BUG-MINOR-server-move-the-directive-endif-to-the-end.patch ++
From ad65af7dab9b8d8033fd09d8031cc774a6fbf768 Mon Sep 17 00:00:00 2001
From: Godbach nylzhao...@gmail.com
Date: Mon, 28 Jul 2014 17:31:57 +0800
Subject: [PATCH 1/3] BUG/MINOR: server: move the directive #endif to the end
of file
If a source file includes proto/server.h twice or more, redefinition
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-07-21 21:40:10
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-07-02
15:05:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-07-21
22:34:38.0 +0200
@@ -1,0 +2,68 @@
+Fri Jul 18 15:01:53 UTC 2014 - mrueck...@suse.de
+
+- added
+ 0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch:
+ BUG/MEDIUM: connection: fix memory corruption when building a
+ proxy v2 header
+
+---
+Thu Jul 17 10:45:28 UTC 2014 - mrueck...@suse.de
+
+- pulled a few fixes from the 1.5 branch: most notable the DHE
+ memleak fix. Adds the following patches:
+ 0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
+ 0002-DOC-fix-typo-in-Unix-Socket-commands.patch
+ 0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
+ 0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
+
+---
+Sat Jul 12 16:56:27 UTC 2014 - mrueck...@suse.de
+
+- update to 1.5.2
+ - BUG/MEDIUM: backend: Update hash to use unsigned int throughout
+ - BUG/MINOR: ssl: Fix external function in order not to return a
+pointer on an internal trash buffer.
+ - DOC: expand the docs for the provided stats.
+ - BUG/MEDIUM: unix: do not unlink() abstract namespace sockets
+upon failure.
+ - MINOR: stats: fix minor typo in HTML page
+ - BUG/MEDIUM: http: fetch base is not compatible with
+set-header
+ - BUG/MINOR: counters: do not untrack counters before logging
+ - BUG/MAJOR: sample: correctly reinitialize sample fetch context
+before calling sample_process()
+ - MINOR: stick-table: make stktable_fetch_key() indicate why it
+failed
+ - BUG/MEDIUM: counters: fix track-sc* to wait on unstable
+contents
+ - BUILD: remove TODO from the spec file and add README
+ - MINOR: log: make MAX_SYSLOG_LEN overridable at build time
+ - MEDIUM: log: support a user-configurable max log line length
+ - DOC: provide an example of how to use ssl_c_sha1
+ - BUILD: http: fix isdigit isspace warnings on Solaris
+ - BUG/MINOR: listener: set the listener's fd to -1 after deletion
+ - BUG/MEDIUM: unix: failed abstract socket binding is retryable
+ - MEDIUM: listener: implement a per-protocol pause() function
+ - MEDIUM: listener: support rebinding during resume()
+ - BUG/MEDIUM: unix: completely unbind abstract sockets during a
+pause()
+ - DOC: explicitly mention the limits of abstract namespace
+sockets
+ - DOC: minor fix on {sc,src}_kbytes_{in,out}
+ - DOC: fix alphabetical sort of converters
+ - BUG/MAJOR: http: correctly rewind the request body after start
+of forwarding
+ - DOC: remove references to CPU=native in the README
+ - DOC: mention that compression offload is ignored in defaults
+section
+- drop patches including in version upgrade.
+ - 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
+ - 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
+ - 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
+ - 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
+ - 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
+ - 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
+- use www.haproxy.org now instead of the old domain which is just
+ redirecting to haproxy.org now.
+
+---
Old:
0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
haproxy-1.5.1.tar.gz
New:
0001-DOC-mention-that-Squid-correctly-responds-400-to-PPv.patch
0002-DOC-fix-typo-in-Unix-Socket-commands.patch
0003-BUG-MEDIUM-ssl-Fix-a-memory-leak-in-DHE-key-exchange.patch
0004-BUG-MINOR-http-base32-src-should-use-the-big-endian-.patch
0005-BUG-MEDIUM-connection-fix-memory-corruption-when-bui.patch
haproxy-1.5.2.tar.gz
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.F9wovU/_old 2014-07-21 22:34:38.0 +0200
+++ /var/tmp/diff_new_pack.F9wovU/_new 2014-07-21 22:34:38.0 +0200
@@ -33,7 +33,7 @@
%bcond_without
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-07-02 15:05:11
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-06-25
15:24:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-07-02
15:05:26.0 +0200
@@ -1,0 +2,18 @@
+Tue Jul 1 12:13:33 UTC 2014 - kgronl...@suse.com
+
+- BUG/MEDIUM: counters: fix track-sc* to wait on unstable contents
+- MINOR: stick-table: make stktable_fetch_key() indicate why it failed
+- BUG/MAJOR: sample: correctly reinitialize sample fetch context before
calling sample_process()
+- BUG/MINOR: counters: do not untrack counters before logging
+- BUG/MINOR: ssl: Fix external function in order not to return a pointer on an
internal trash buffer.
+- BUG/MEDIUM: http: fetch base is not compatible with set-header
+
+- Add patches:
+ - 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
+ - 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
+ - 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
+ - 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
+ - 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
+ - 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
+
+---
New:
0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.FthySS/_old 2014-07-02 15:05:28.0 +0200
+++ /var/tmp/diff_new_pack.FthySS/_new 2014-07-02 15:05:28.0 +0200
@@ -61,6 +61,18 @@
Patch2: haproxy-makefile_lib.patch
Patch3: sec-options.patch
Patch4: haproxy-1.5_check_config_before_start.patch
+# PATCH-FIX-UPSTREAM: http: fetch base is not compatible with set-header
+Patch5: 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch
+# PATCH-FIX-UPSTREAM: ssl: Fix external function in order not to return a
pointer on an internal trash buffer.
+Patch6: 0002-BUG-MINOR-ssl-Fix-external-function-in-order-not-to-.patch
+# PATCH-FIX-UPSTREAM: counters: do not untrack counters before logging
+Patch7: 0003-BUG-MINOR-counters-do-not-untrack-counters-before-lo.patch
+# PATCH-FIX-UPSTREAM: sample: correctly reinitialize sample fetch context
before calling sample_process()
+Patch8: 0004-BUG-MAJOR-sample-correctly-reinitialize-sample-fetch.patch
+# PATCH-FIX-UPSTREAM: stick-table: make stktable_fetch_key() indicate why it
failed
+Patch9: 0005-MINOR-stick-table-make-stktable_fetch_key-indicate-w.patch
+# PATCH-FIX-UPSTREAM: counters: fix track-sc* to wait on unstable contents
+Patch10: 0006-BUG-MEDIUM-counters-fix-track-sc-to-wait-on-unstable.patch
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
@@ -94,6 +106,12 @@
%patch2
%patch3
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
+%patch10 -p1
%build
%{__make} \
++ 0001-BUG-MEDIUM-http-fetch-base-is-not-compatible-with-se.patch ++
From f86d9bb6dd56d56e7425246f91a6c105a5f38659 Mon Sep 17 00:00:00 2001
From: Willy Tarreau w...@1wt.eu
Date: Tue, 24 Jun 2014 17:27:02 +0200
Subject: [PATCH 1/6] BUG/MEDIUM: http: fetch base is not compatible with
set-header
The sample fetch function base makes use of the trash which is also
used by set-header/add-header etc... everything which builds a formated
line. So we end up with some junk in the header if base is in use. Let's
fix this as all other fetches by using a trash chunk instead.
This bug was reported by Baptiste Assmann, and also affects 1.5.
---
src/proto_http.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/proto_http.c b/src/proto_http.c
index 231d49a12875..5321f7d53e6a 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -10247,6 +10247,7 @@ smp_fetch_base(struct proxy *px, struct session *l4,
void *l7, unsigned int opt,
struct http_txn *txn = l7;
char *ptr, *end, *beg;
struct hdr_ctx ctx;
+ struct chunk *temp;
CHECK_HTTP_MESSAGE_FIRST();
@@ -10255,9 +10256,10 @@ smp_fetch_base(struct proxy *px, struct session *l4,
void *l7, unsigned int opt,
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2014-06-25 15:24:23 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: --- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-05-23 07:27:53.0 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-06-25 15:24:39.0 +0200 @@ -1,0 +2,123 @@ +Tue Jun 24 15:55:48 UTC 2014 - mrueck...@suse.de + +- install the vim file into the versioned directory and dont cover + the current symlink with a directory + +--- +Tue Jun 24 13:00:39 UTC 2014 - mrueck...@suse.de + +- add Requires to vim to make the ownership of the vim directory + clear and not break any symlink handling the vim package might + use. + +--- +Tue Jun 24 12:23:55 UTC 2014 - mrueck...@suse.de + +- update to 1.5.1 + - BUG/MINOR: config: http-request replace-header arg typo + - BUG/MINOR: ssl: rejects OCSP response without nextupdate. + - BUG/MEDIUM: ssl: Fix to not serve expired OCSP responses. + - BUG/MINOR: ssl: Fix OCSP resp update fails with the same +certificate configured twice. (cherry picked from commit +1d3865b096b43b9a6d6a564ffb424ffa6f1ef79f) + - BUG/MEDIUM: Consistently use 'check' in process_chk + - BUG/MAJOR: session: revert all the crappy client-side timeout +changes + - BUG/MINOR: logs: properly initialize and count log sockets +- drop haproxy-1.5.0_consistently_use_check.patch: + included upstream + +--- +Tue Jun 24 09:51:25 UTC 2014 - kgronl...@suse.com + +- Install vim file to a more appropriate location + +--- +Mon Jun 23 09:19:04 UTC 2014 - kgronl...@suse.com + +- added pre macro for systemd service file + +--- +Mon Jun 23 08:28:06 UTC 2014 - kgronl...@suse.com + +- Use better systemd detection consistently + +--- +Sun Jun 22 19:48:11 UTC 2014 - mrueck...@suse.de + +- pull commit 9ac7cabaf9945fb92c96cb92f5ea85235f54f7d6: + Consistently use 'check' in process_chk + I am not entirely sure that this is a bug, but it seems + to me that it may cause a problem if there agent-check is + configured and there is some kind of error making a connection + for it. + adds patch haproxy-1.5.0_consistently_use_check.patch + +--- +Fri Jun 20 14:37:21 UTC 2014 - mrueck...@suse.de + +- update to 1.5.0 + For people who don't follow the development versions, 1.5 expands + 1.4 with many new features and performance improvements, + including native SSL support on both sides with SNI/NPN/ALPN and + OCSP stapling, IPv6 and UNIX sockets are supported everywhere, + full HTTP keep-alive for better support of NTLM and improved + efficiency in static farms, HTTP/1.1 compression (deflate, gzip) + to save bandwidth, PROXY protocol versions 1 and 2 on both sides, + data sampling on everything in request or response, including + payload, ACLs can use any matching method with any input sample + maps and dynamic ACLs updatable from the CLI stick-tables support + counters to track activity on any input sample custom format for + logs, unique-id, header rewriting, and redirects, improved health + checks (SSL, scripted TCP, check agent, ...), much more scalable + configuration supports hundreds of thousands of backends and + certificates without sweating. + + For all the details see /usr/share/doc/packages/haproxy/CHANGELOG + +- enable tcp fast open if the kernel is recent enough +- enable PCRE JIT if PCRE is recent enough +- enable openssl support! + - haproxy can finally terminate ssl itself and also talk SSL to +the backend servers. + - including SNI/NPN/ALPN support. + new buildrequires openssl and pkgconfig +- enable deflate support + new buildrequires zlib-devel +- enable transparent proxy support +- enable usage of accept4. reduces the syscall amount. +- enable building and installing of halog +- install vim file into the correct place +- dropped patches: + 0001-MEDIUM-add-systemd-service.patch + 0002-MEDIUM-add-haproxy-systemd-wrapper.patch + 0003-MEDIUM-New-cli-option-Ds-for-systemd-compatibility.patch + 0004-BUG-MEDIUM-systemd-wrapper-don-t-leak-zombie-process.patch + 0005-BUILD-stdbool-is-not-portable-again.patch + 0006-MEDIUM-haproxy-systemd-wrapper-Use-haproxy-in-same-d.patch + 0007-MEDIUM-systemd-wrapper-Kill-child-processes-when-int.patch +
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2014-05-23 07:27:51
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2014-05-06
17:38:18.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2014-05-23
07:27:53.0 +0200
@@ -1,0 +2,5 @@
+Wed May 21 10:50:21 UTC 2014 - jseg...@novell.com
+
+- added necessary macros for systemd files
+
+---
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.PjPmNq/_old 2014-05-23 07:27:54.0 +0200
+++ /var/tmp/diff_new_pack.PjPmNq/_new 2014-05-23 07:27:54.0 +0200
@@ -144,6 +144,9 @@
%pre
/usr/sbin/groupadd -r %{pkg_name} /dev/null ||:
/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c user for %{pkg_name}
-d %{pkg_home} %{pkg_name} /dev/null ||:
+%if 0%{?suse_version} = 1230
+ %service_add_pre %{pkg_name}.service
+%endif
%if 0%{?suse_version} = 1230
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2013-12-18 16:53:39
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2013-10-29
09:25:22.0 +0100
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2013-12-18
16:53:40.0 +0100
@@ -1,0 +2,17 @@
+Fri Nov 22 09:54:48 UTC 2013 - kgronl...@suse.com
+
+- Backport haproxy-systemd-wrapper from upstream
+- Patch haproxy-systemd-wrapper to work on openSUSE
+
+---
+Thu Oct 31 12:46:04 UTC 2013 - kgronl...@suse.com
+
+- Remove duplicate Requires: from .spec file.
+
+---
+Thu Oct 31 12:41:12 UTC 2013 - kgronl...@suse.com
+
+- Re-enable sysvinit support for older versions
+ (server:http still builds for older versions)
+
+---
Old:
haproxy-1.2.16_config_haproxy_user.patch
haproxy-makefile_lib.patch
haproxy.service
New:
0001-MEDIUM-add-systemd-service.patch
0002-MEDIUM-add-haproxy-systemd-wrapper.patch
0003-MEDIUM-New-cli-option-Ds-for-systemd-compatibility.patch
0004-BUG-MEDIUM-systemd-wrapper-don-t-leak-zombie-process.patch
0005-BUILD-stdbool-is-not-portable-again.patch
0006-haproxy-1.2.16_config_haproxy_user.patch
0007-haproxy-makefile_lib.patch
0008-MEDIUM-haproxy-systemd-wrapper-Revised-implementatio.patch
haproxy.init
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.SAZdVv/_old 2013-12-18 16:53:41.0 +0100
+++ /var/tmp/diff_new_pack.SAZdVv/_new 2013-12-18 16:53:41.0 +0100
@@ -13,33 +13,47 @@
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
Name: haproxy
Version:1.4.24
Release:0
#
-License: GPL-2.0+ and LGPL-2.1+
-Group: Productivity/Networking/Web/Proxy
#
+%if 0%{?suse_version} = 1230
+BuildRequires: pkgconfig(systemd)
+%endif
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: libgcrypt-devel
-BuildRequires: pcre-devel libgcrypt-devel
+BuildRequires: pcre-devel
BuildRequires: udev
-BuildRequires: pkgconfig(systemd)
%define pkg_name haproxy
%define pkg_home /var/lib/%{pkg_name}
#
Url:http://haproxy.1wt.eu/
Source:
http://haproxy.1wt.eu/download/1.4/src/haproxy-%{version}.tar.gz
-Source1:%{pkg_name}.service
+Source1:%{pkg_name}.init
Source2:http://haproxy.1wt.eu/download/contrib/haproxy.vim
-Patch1: haproxy-1.2.16_config_haproxy_user.patch
-Patch2: haproxy-makefile_lib.patch
+Patch1: 0001-MEDIUM-add-systemd-service.patch
+Patch2: 0002-MEDIUM-add-haproxy-systemd-wrapper.patch
+Patch3: 0003-MEDIUM-New-cli-option-Ds-for-systemd-compatibility.patch
+Patch4: 0004-BUG-MEDIUM-systemd-wrapper-don-t-leak-zombie-process.patch
+Patch5: 0005-BUILD-stdbool-is-not-portable-again.patch
+Patch6: 0006-haproxy-1.2.16_config_haproxy_user.patch
+Patch7: 0007-haproxy-makefile_lib.patch
+Patch8: 0008-MEDIUM-haproxy-systemd-wrapper-Revised-implementatio.patch
Source99: haproxy-rpmlintrc
#
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
+License:GPL-2.0+ and LGPL-2.1+
+Group: Productivity/Networking/Web/Proxy
Provides: %{name}-doc = %{version}
Obsoletes: %{name}-doc %{version}
+
+%if 0%{?suse_version} = 1230
%{?systemd_requires}
+%endif
%description
HAProxy implements an event-driven, mono-process model which enables support
@@ -54,8 +68,14 @@
%prep
%setup -q
-%patch1
-%patch2
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p0
+%patch7 -p0
+%patch8 -p1
%build
%{__make} \
@@ -66,20 +86,37 @@
LIB=%{_lib} \
DEBUG=%{optflags} -fno-strict-aliasing
+%{__make} PREFIX=%{_prefix} -C contrib/systemd
+
%install
%{__install} -D -m 0755 %{pkg_name}
%{buildroot}%{_sbindir}/%{pkg_name}
%{__install} -D -m 0644 examples/%{pkg_name}.cfg
%{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
-%{__install} -D -m 0755 %{S:1}
%{buildroot}%{_unitdir}/%{pkg_name}.service
+
+%if 0%{?suse_version} = 1230
+%{__install} -D -m 0755 haproxy-systemd-wrapper
%{buildroot}%{_sbindir}/haproxy-systemd-wrapper
+%{__install} -D -m 0755 contrib/systemd/%{pkg_name}.service
%{buildroot}%{_unitdir}/%{pkg_name}.service
ln -sf /sbin/service
commit haproxy for openSUSE:Factory
Hello community,
here is the log from the commit of package haproxy for openSUSE:Factory checked
in at 2013-10-29 09:25:21
Comparing /work/SRC/openSUSE:Factory/haproxy (Old)
and /work/SRC/openSUSE:Factory/.haproxy.new (New)
Package is haproxy
Changes:
--- /work/SRC/openSUSE:Factory/haproxy/haproxy.changes 2013-10-15
10:42:00.0 +0200
+++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2013-10-29
09:25:22.0 +0100
@@ -1,0 +2,7 @@
+Mon Oct 28 14:32:00 UTC 2013 - p.drou...@gmail.com
+
+- Add systemd support
+ Target distributions all support systemd; keep alive sysvinit support
+ is useless
+
+---
Old:
haproxy.init
New:
haproxy.service
Other differences:
--
++ haproxy.spec ++
--- /var/tmp/diff_new_pack.i87zQ9/_old 2013-10-29 09:25:22.0 +0100
+++ /var/tmp/diff_new_pack.i87zQ9/_new 2013-10-29 09:25:22.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package haproxy
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,15 +21,16 @@
License: GPL-2.0+ and LGPL-2.1+
Group: Productivity/Networking/Web/Proxy
#
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
+BuildRequires: libgcrypt-devel
BuildRequires: pcre-devel libgcrypt-devel
BuildRequires: udev
+BuildRequires: pkgconfig(systemd)
%define pkg_name haproxy
%define pkg_home /var/lib/%{pkg_name}
#
Url:http://haproxy.1wt.eu/
Source:
http://haproxy.1wt.eu/download/1.4/src/haproxy-%{version}.tar.gz
-Source1:%{pkg_name}.init
+Source1:%{pkg_name}.service
Source2:http://haproxy.1wt.eu/download/contrib/haproxy.vim
Patch1: haproxy-1.2.16_config_haproxy_user.patch
Patch2: haproxy-makefile_lib.patch
@@ -38,6 +39,7 @@
Summary:The Reliable, High Performance TCP/HTTP Load Balancer
Provides: %{name}-doc = %{version}
Obsoletes: %{name}-doc %{version}
+%{?systemd_requires}
%description
HAProxy implements an event-driven, mono-process model which enables support
@@ -67,29 +69,25 @@
%install
%{__install} -D -m 0755 %{pkg_name}
%{buildroot}%{_sbindir}/%{pkg_name}
%{__install} -D -m 0644 examples/%{pkg_name}.cfg
%{buildroot}%{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
-%{__install} -D -m 0755 %{S:1}
%{buildroot}%{_sysconfdir}/init.d/%{pkg_name}
-%{__ln_s} -f %{_sysconfdir}/init.d/%{pkg_name}
%{buildroot}%{_sbindir}/rc%{pkg_name}
+%{__install} -D -m 0755 %{S:1}
%{buildroot}%{_unitdir}/%{pkg_name}.service
+ln -sf /sbin/service %{buildroot}%{_sbindir}/rc%{pkg_name}
%{__install} -d -m 0755 %{buildroot}%{pkg_home}
%{__install} -D -m 0644 %{S:2}
%{buildroot}%{_datadir}/%{pkg_name}/%{pkg_name}.vim
%{__install} -D -m 0644 doc/%{pkg_name}.1
%{buildroot}%{_mandir}/man1/%{pkg_name}.1
gzip %{buildroot}%{_mandir}/man1/%{pkg_name}.1
-%clean
-%{?buildroot:%{__rm} -rf %{buildroot}}
-
%pre
/usr/sbin/groupadd -r %{pkg_name} /dev/null ||:
/usr/sbin/useradd -g %{pkg_name} -s /bin/false -r -c user for %{pkg_name}
-d %{pkg_home} %{pkg_name} /dev/null ||:
%post
-%fillup_and_insserv %{pkg_name}
+%service_add_post %{pkg_name}.service
%preun
-%stop_on_removal %{pkg_name}
+%service_del_preun %{pkg_name}.service
%postun
-%restart_on_update %{pkg_name}
-%{insserv_cleanup}
+%service_del_postun %{pkg_name}.service
%files
%defattr(-,root,root,-)
@@ -97,7 +95,7 @@
%doc ROADMAP TODO doc/* examples
%dir %{_sysconfdir}/%{pkg_name}
%config(noreplace) %{_sysconfdir}/%{pkg_name}/%{pkg_name}.cfg
-%config(noreplace) %{_sysconfdir}/init.d/%{pkg_name}
+%{_unitdir}/%{pkg_name}.service
%{_sbindir}/haproxy
%{_sbindir}/rchaproxy
%{pkg_home}
++ haproxy.service ++
[Unit]
Description=HAProxy For TCP And HTTP Based Applications
After=network.target
[Service]
Type=forking
PIDFile=/run/haproxy.pid
ExecStartPre=/usr/sbin/haproxy -c -q -f /etc/haproxy/haproxy.cfg
ExecStart=/usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
ExecReload=/bin/bash -c exec /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg
-p /run/haproxy.pid -sf $MAINPID
[Install]
WantedBy=multi-user.target
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit haproxy for openSUSE:Factory
Hello community, here is the log from the commit of package haproxy for openSUSE:Factory checked in at 2013-10-15 10:42:00 Comparing /work/SRC/openSUSE:Factory/haproxy (Old) and /work/SRC/openSUSE:Factory/.haproxy.new (New) Package is haproxy Changes: New Changes file: --- /dev/null 2013-10-11 12:16:15.204037506 +0200 +++ /work/SRC/openSUSE:Factory/.haproxy.new/haproxy.changes 2013-10-15 10:42:00.0 +0200 @@ -0,0 +1,591 @@ +--- +Thu Oct 10 15:16:32 UTC 2013 - cdenic...@suse.com + +- license update: GPL-2.0+ and LGPL-2.1+ + only header files are LGPL, the rest is still GPL + +--- +Tue Jun 18 09:14:13 UTC 2013 - mrueck...@suse.de + +- update to 1.4.24 (bnc#825412) + - BUG/MAJOR: backend: consistent hash can loop forever in certain +circumstances + - BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks +are used + - MEDIUM: protocol: implement a drain function in protocol +layers + - BUG/CRITICAL: fix a possible crash when using negative header +occurrences CVE-2013-2175 + +--- +Wed Apr 3 14:47:43 UTC 2013 - mrueck...@suse.de + +- update to 1.4.23 CVE-2013-1912 + - CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read + - BUG: fix garbage data when http-send-name-header replaces an +existing header + - BUG/MEDIUM: remove supplementary groups when changing gid + - BUG/MINOR: Correct logic in cut_crlf() + - BUG/MINOR: config: use a copy of the file name in proxy +configurations + - BUG/MINOR: epoll: correctly disable FD polling in fd_rem() + - MINOR: halog: sort output by cookie code + - BUG/MINOR: halog: -ad/-ac report the correct number of output +lines + - BUG/MINOR: halog: fix help message for -ut/-uto + - BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel +mode + - BUG/MEDIUM: command-line option -D must have precedence over +debug + - OPTIM: halog: keep a fast path for the lines-count only + - MINOR: halog: add a parameter to limit output line count + - BUG: halog: fix broken output limitation + - MEDIUM: checks: avoid accumulating TIME_WAITs during checks + - MEDIUM: checks: prevent TIME_WAITs from appearing also on +timeouts + - BUG/MAJOR: cli: show sess id may randomly corrupt the +back-ref list + - BUG/MINOR: http: don't report client aborts as server errors + - BUG/MINOR: http: don't log a 503 on client errors while waiting +for requests + - BUG/MEDIUM: tcp: process could theorically crash on lack of +source ports + - BUG/MINOR: http: don't abort client connection on premature +responses + - BUILD: no need to clean up when making git-tar + - MINOR: http: always report PR-- flags for redirect rules + - BUG/MINOR: time: frequency counters are not totally accurate + - BUG/MINOR: http: don't process abortonclose when request was +sent + - BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait() + - BUG/MINOR: config: fix improper check for failed memory alloc +in ACL parser + - BUG/MEDIUM: checks: ensure the health_status is always within +bounds + - CLEANUP: http: remove a useless null check + - BUG/MEDIUM: signal: signal handler does not properly check for +signal bounds + - BUG/MEDIUM: uri_auth: missing NULL check and memory leak on +memory shortage + - CLEANUP: config: slowstart is never negative + - BUILD: improve the makefile's support for libpcre + - BUG/MINOR: checks: fix an warning introduced by commit 2f61455a + - MEDIUM: halog: add support for counting per source address +(-ic) + - DOC: mention the new HTTP 307 and 308 redirect statues +(cherry picked from commit +b67fdc4cd8bde202f2805d98683ddab929469a05) + - MEDIUM: poll: do not use FD_* macros anymore + - BUG/MAJOR: ev_select: disable the select() poller if maxsock +FD_SETSIZE + - BUILD: enable poll() by default in the makefile + - BUILD: add explicit support for Mac OS/X + - BUG/CRITICAL: using HTTP information in tcp-request content may +crash the process CVE-2013-1912 + - MEDIUM: http: implement redirect 307 and 308 + - MINOR: http: status 301 should not be marked non-cacheable +- adapt haproxy-makefile_lib.patch to the rewritten Makefile + +--- +Mon Nov 12 14:10:33 UTC 2012 - mrueck...@suse.de + +- switch license tag to spdx format. + +--- +Mon Nov 12 13:50:46 UTC 2012 - mrueck...@suse.de + +- update to 1.4.22 + - BUG/MEDIUM: option forwardfor if-none doesn't work with some +configurations + - MINOR: balance uri: added 'whole' parameter to include query +
