Hi, HAProxy 3.0.2 was released on 2024/06/14. It added 21 new commits after version 3.0.1.
Unfortunately, few days after the previous release, a bug on the H1 multiplexer was found, forcing us to emit a new release. The issue affected the H1 requests draining that could lead to a crash because of a use-after-free on the H1 connection. In addition to this major issue, a possible crash was fixed in the Prometheus exporter when resolvers metrics were dumped while there was no resolvers section at all. This happened when the default resolver was not loaded for any reason (because of an empty /etc/resolv.conf file for instance). On proxies, log-format strings on default section were no longer properly initialized, preventing some options to be applied on regular proxies. As consequences, some log-format expressions stored inside a default section and executed by a regular proxy could not behavior properly and encoding could be altered. A UAF on deinit was also fixed to prevent crashes when log-format expressions were used on a disabled proxy. Finally, memory cleanup on the proxy fields on deinit was improved, the documentation for some missing command line options were added into the management guide and the configuration manual was also slightly improved. All 3.0 users are encouraged to upgrade. Thanks everyone for your help. Especially Annika for her help on the H1 requests draining issue. ############################################################################################# Please find the usual URLs below : Site index : https://www.haproxy.org/ Documentation : https://docs.haproxy.org/ Wiki : https://github.com/haproxy/wiki/wiki Discourse : https://discourse.haproxy.org/ Slack channel : https://slack.haproxy.org/ Issue tracker : https://github.com/haproxy/haproxy/issues Sources : https://www.haproxy.org/download/3.0/src/ Git repository : https://git.haproxy.org/git/haproxy-3.0.git/ Git Web browsing : https://git.haproxy.org/?p=haproxy-3.0.git Changelog : https://www.haproxy.org/download/3.0/src/CHANGELOG Dataplane API : https://github.com/haproxytech/dataplaneapi/releases/latest Pending bugs : https://www.haproxy.org/l/pending-bugs Reviewed bugs : https://www.haproxy.org/l/reviewed-bugs Code reports : https://www.haproxy.org/l/code-reports Latest builds : https://www.haproxy.org/l/dev-packages --- Complete changelog : Amaury Denoyelle (1): BUG/MINOR: quic: fix padding of INITIAL packets Aurelien DARRAGON (16): MINOR: log: fix "http-send-name-header" ignore warning message BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit() BUG/MINOR: proxy: fix log_tag leak on deinit() BUG/MINOR: proxy: fix email-alert leak on deinit() BUG/MINOR: proxy: fix check_{command,path} leak on deinit() BUG/MINOR: proxy: fix dyncookie_key leak on deinit() BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit() BUG/MINOR: proxy: fix header_unique_id leak on deinit() BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section DOC: config: move "hash-key" from proxy to server options DOC: config: add missing section hint for "guid" proxy keyword DOC: config: add missing context hint for new server and proxy keywords MINOR: proxy: add proxy_free_common() helper function BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions CLEANUP: log/proxy: fix comment in proxy_free_common() DOC: management: rename show stats domain cli "dns" to "resolvers" Christopher Faulet (2): BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request Valentine Krasnobaeva (2): DOC/MINOR: management: add missed -dR and -dv options DOC/MINOR: management: add -dZ option -- Christopher Faulet