SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for haproxy1.9-docs-1.9.14-150600.1.1.noarch.rpm :

* Tue Feb 28 2017 kgronlundAATTsuse.com- Update to version 1.7.3:
* BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream
* BUG/MEDIUM: tcp: don\'t poll for write when connect() succeeds
* BUG/MINOR: unix: fix connect\'s polling in case no data are scheduled
* BUG/MINOR: lua: Map.end are not reliable because \"end\" is a reserved keyword
* MINOR: dns: give ability to dns_init_resolvers() to close a socket when requested
* BUG/MAJOR: dns: restart sockets after fork()
* MINOR: chunks: implement a simple dynamic allocator for trash buffers
* BUG/MEDIUM: http: prevent redirect from overwriting a buffer
* BUG/MEDIUM: filters: Do not truncate HTTP response when body length is undefined
* BUG/MEDIUM: http: Prevent replace-header from overwriting a buffer
* BUG/MINOR: http: Return an error when a replace-header rule failed on the response
* BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
* BUG/MAJOR: lua segmentation fault when the request is like \'GET ?arg=val HTTP/1.1\'
* BUG/MEDIUM: config: reject anything but \"if\" or \"unless\" after a use-backend rule
* MINOR: http: don\'t close when redirect location doesn\'t start with \"/\"
* Mon Jan 30 2017 kgronlundAATTsuse.com- Update to version 1.7.2 (bsc#1023141):
* BUG/MEDIUM: lua: In some case, the return of sample-fetches is ignored (2)
* BUG/MINOR: stream-int: automatically release SI_FL_WAIT_DATA on SHUTW_NOW
* DOC: lua: documentation about time parser functions
* DOC: lua: section declared twice
* BUG/MINOR: lua/cli: bad error message
* DOC: fix small typo in fe_id (backend instead of frontend)
* BUG/MINOR: Fix the sending function in Lua\'s cosocket
* BUG/MINOR: lua: memory leak executing tasks
* BUG/MINOR: lua: bad return code
* BUG/MEDIUM: ssl: properly reset the reused_sess during a forced handshake
* BUG/MEDIUM: ssl: avoid double free when releasing bind_confs
* BUG/MINOR: stats: fix be/sessions/current out in typed stats
* BUG/MINOR: backend: nbsrv() should return 0 if backend is disabled
* BUG/MEDIUM: ssl: for a handshake when server-side SNI changes
* BUG/MINOR: systemd: potential zombie processes
* DOC: Add timings events schemas
* BUG/MINOR: option prefer-last-server must be ignored in some case
* MINOR: stats: Support \"select all\" for backend actions
* BUG/MINOR: sample-fetches/stick-tables: bad type for the sample fetches sc
*_get_gpt0
* BUG/MAJOR: channel: Fix the definition order of channel analyzers
* BUG/MINOR: http: report real parser state in error captures
* BUG/MAJOR: http: fix risk of getting invalid reports of bad requests
* MINOR: http: custom status reason.
* MINOR: connection: add sample fetch \"fc_rcvd_proxy\"
* BUG/MINOR: config: emit a warning if http-reuse is enabled with incompatible options
* BUG/MINOR: tools: fix off-by-one in port size check
* BUG/MEDIUM: server: consider AF_UNSPEC as a valid address family
* MEDIUM: server: split the address and the port into two different fields
* MINOR: tools: make str2sa_range() return the port in a separate argument
* MINOR: server: take the destination port from the port field, not the addr
* MEDIUM: server: disable protocol validations when the server doesn\'t resolve
* BUG/MEDIUM: tools: do not force an unresolved address to AF_INET:0.0.0.0
* BUG/MINOR: ssl: EVP_PKEY must be freed after X509_get_pubkey usage
* MINOR: proto_http.c 502 error txt typo.
* DOC: add deprecation notice to \"block\"
* BUG/MINOR: Reset errno variable before calling strtol(3)
* Sat Dec 24 2016 mrueckertAATTsuse.de- Update to version 1.7.1:
* BUG/MAJOR: stream: fix session abort on resource shortage
* BUG/MINOR: cli: allow the backslash to be escaped on the CLI
* BUG/MEDIUM: cli: fix \"show stat resolvers\" and \"show tls-keys\"
* DOC: Fix map table\'s format
* DOC: Added 51Degrees conv and fetch functions to documentation.
* BUG/MINOR: http: don\'t send an extra CRLF after a Set-Cookie in a redirect
* DOC: mention that req_tot is for both frontends and backends
* BUG/MEDIUM: variables: some variable name can hide another ones
* BUG/MINOR: stats: fix be/sessions/max output in html stats
* MINOR: proxy: Add fe_name/be_name fetchers next to existing fe_id/be_id
* DOC: lua: Documentation about some entry missing
* MINOR: Do not forward the header \"Expect: 100-continue\" when the option http-buffer-request is set
* DOC: Add undocumented argument of the trace filter
* DOC: Fix some typo in SPOE documentation
* BUG/MINOR: cli: be sure to always warn the cli applet when input buffer is full
* MINOR: applet: Count number of (active) applets
* MINOR: task: Rename run_queue and run_queue_cur counters
* BUG/MEDIUM: stream: Save unprocessed events for a stream
* BUG/MAJOR: Fix how the list of entities waiting for a buffer is handled
* BUILD/MEDIUM: Fixing the build using LibreSSL
* [RELEASE] Released version 1.7.1
* Fri Dec 02 2016 kgronlundAATTsuse.com- Update to version 1.7.0:
* BUG/MEDIUM: proxy: return \"none\" and \"unknown\" for unknown LB algos
* BUG/MINOR: stats: make field_str() return an empty string on NULL
* BUG/MEDIUM: http: Fix tunnel mode when the CONNECT method is used
* BUG/MINOR: http: Keep the same behavior between 1.6 and 1.7 for tunneled txn
* BUG/MINOR: filters: Protect args in macros HAS_DATA_FILTERS and IS_DATA_FILTER
* BUG/MINOR: filters: Invert evaluation order of HTTP_XFER_BODY and XFER_DATA analyzers
* BUG/MINOR: http: Call XFER_DATA analyzer when HTTP txn is switched in tunnel mode
* Fri Dec 02 2016 kgronlundAATTsuse.com- Update to version 1.6.10:
* BUG/MEDIUM: systemd-wrapper: return correct exit codes
* BUG/MEDIUM: srv-state: properly restore the DRAIN state
* BUG/MINOR: srv-state: allow to have both CMAINT and FDRAIN flags
* BUG/MEDIUM: servers: properly propagate the maintenance states during startup
* BUG: vars: Fix \'set-var\' converter because of a typo
* BUG/MEDIUM: channel: bad unlikely macro
* CLEANUP: lua: move comment
* CLEANUP: lua: control executed twice
* CLEANUP: ssl: Fix bind keywords name in comments
* DOC: ssl: Use correct wording for ca-sign-pass
* BUG/MINOR: stick-table: handle out-of-memory condition gracefully
* BUG/MEDIUM: connection: check the control layer before stopping polling
* BUG/MEDIUM: stick-table: fix regression caused by recent fix for out-of-memory
* CONTRIB: initiate a debugging suite to make debugging easier
* BUG/MINOR: cli: properly decrement ref count on tables during failed dumps
* BUG/MEDIUM: lua: In some case, the return of sample-fetche is ignored
* Wed Nov 02 2016 kgronlundAATTsuse.com- Update to version 1.6.9+git.1477940904.ab45181 (fate#321723)
* BUILD: poll: remove unused hap_fd_isset() which causes a warning with clang
* MINOR: cfgparse: few memory leaks fixes.
* MINOR: build: Allow linking to device-atlas library file
* DOC: Fix typo in description of `-st` parameter in man page
* BUG/MEDIUM: peers: on shutdown, wake up the appctx, not the stream
* BUG/MEDIUM: peers: fix use after free in peer_session_create()
* BUG/MEDIUM: systemd: let the wrapper know that haproxy has completed or failed
* MINOR: systemd: report it when execve() fails
* BUG/MINOR: systemd: check return value of calloc()
* BUG/MINOR: systemd: always restore signals before execve()
* BUG/MINOR: systemd: make the wrapper return a non-null status code on error
* BUG/MINOR: ssl: prevent multiple entries for the same certificate
* BUG/MINOR: ssl: Check malloc return code
* BUG/MINOR: vars: smp_fetch_var() doesn\'t depend on HTTP but on the session
* BUG/MINOR: vars: make smp_fetch_var() more robust against misuses
* BUG/MINOR: vars: use sess and not s->sess in action_store()
* MEDIUM: make SO_REUSEPORT configurable
* MINOR: Add fe_req_rate sample fetch
* MINOR: show Running on zlib version
* MINOR: show Built with PCRE version
* BUG/MINOR: displayed PCRE version is running release
* Thu Sep 01 2016 kgronlundAATTsuse.com- Update to 1.6.9 (bsc#1003264) - MINOR: cli: allow the semi-colon to be escaped on the CLI - BUG/MINOR: payload: fix SSLv2 version parser - BUG/MAJOR: stream: properly mark the server address as unset on connect retry - DOC: Updated 51Degrees readme. - BUG/MAJOR: stick-counters: possible crash when using sc_trackers with wrong table - BUG/MINOR: peers: empty chunks after a resync. - BUG/MINOR: peers: some updates are pushed twice after a resync. - MINOR: sample: use smp_make_rw() in upper/lower converters - BUG/MEDIUM: stick-table: properly convert binary samples to keys - BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size - BUG/MAJOR: server: the \"sni\" directive could randomly cause trouble - MINOR: sample: provide smp_is_rw() and smp_make_rw() - MINOR: sample: implement smp_is_safe() and smp_make_safe() - BUG/MEDIUM: samples: make smp_dup() always duplicate the sample - BUG/MAJOR: compression: initialize avail_in/next_in even during flush - BUILD: make proto_tcp.c compatible with musl library - DOC: minor typo fixes to improve HTML parsing by haproxy-dconv - BUG/MEDIUM: stream-int: completely detach connection on connect error - BUG/MEDIUM: lua: somme HTTP manipulation functions are called without valid requests - DOC: lua: remove old functions - BUG/MINOR: peers: Fix peers data decoding issue - BUG/MEDIUM: lua: the function txn_done() from action wrapper can crash - BUG/MEDIUM: lua: the function txn_done() from sample fetches can crash
* Tue Jul 19 2016 mrueckertAATTsuse.de- update to 1.6.7 - MINOR: new function my_realloc2 = realloc + free upon failure - CLEANUP: fixed some usages of realloc leading to memory leak - Revert \"BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params()\" - BUG/MEDIUM: dns: fix alignment issues in the DNS response parser - BUG/MINOR: Fix endiness issue in DNS header creation code- changes from 1.6.6 - BUG/MAJOR: fix listening IP address storage for frontends - BUG/MINOR: fix listening IP address storage for frontends (cont) - DOC: Fix typo so fetch is properly parsed by Cyril\'s converter - BUG/MAJOR: http: fix breakage of \"reqdeny\" causing random crashes - BUG/MEDIUM: stick-tables: fix breakage in table converters - BUG/MEDIUM: dns: unbreak DNS resolver after header fix - BUILD: fix build on Solaris 11 - CLEANUP: connection: fix double negation on memcmp() - BUG/MEDIUM: stats: show servers state may show an servers from another backend - BUG/MEDIUM: fix risk of segfault with \"show tls-keys\" - BUG/MEDIUM: sticktables: segfault in some configuration error cases - BUG/MEDIUM: lua: converters doesn\'t work - BUG/MINOR: http: add-header: header name copied twice - BUG/MEDIUM: http: add-header: buffer overwritten - BUG/MINOR: ssl: fix potential memory leak in ssl_sock_load_dh_params() - BUG/MINOR: http: url32+src should use the big endian version of url32 - BUG/MINOR: http: url32+src should check cli_conn before using it - DOC: http: add documentation for url32 and url32+src - BUG/MINOR: fix http-response set-log-level parsing error - MINOR: systemd: Use variable for config and pidfile paths - MINOR: systemd: Perform sanity check on config before reload (cherry picked from commit 68535bddf305fdd22f1449a039939b57245212e7) - BUG/MINOR: init: always ensure that global.rlimit_nofile matches actual limits - BUG/MINOR: init: ensure that FD limit is raised to the max allowed - BUG/MEDIUM: external-checks: close all FDs right after the fork() - BUG/MAJOR: external-checks: use asynchronous signal delivery - BUG/MINOR: external-checks: do not unblock undesired signals - BUILD/MEDIUM: rebuild everything when an include file is changed - BUILD/MEDIUM: force a full rebuild if some build options change - BUG/MINOR: srv-state: fix incorrect output of state file - BUG/MINOR: ssl: close ssl key file on error - BUG/MINOR: http: fix misleading error message for response captures - BUG/BUILD: don\'t automatically run \"make\" on \"make install\" - DOC: add missing doc for http-request deny [deny_status ]- drop patches which were pulled from git before 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch 0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch 0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch 0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch 0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch 0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch 0007-BUILD-fix-build-on-Solaris-11.patch 0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch 0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch 0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch 0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch 0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch 0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch 0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch
* Thu Jun 09 2016 mrueckertAATTsuse.de- pull patches from git to fix some important issues (bsc#983972) (bsc#983974): 0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch 0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch 0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch 0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch 0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch 0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch 0007-BUILD-fix-build-on-Solaris-11.patch 0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch 0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch 0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch 0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch 0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch 0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch 0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch
* Tue May 10 2016 mrueckertAATTsuse.de- update to 1.6.5 - BUG/MINOR: log: Don\'t use strftime() which can clobber timezone if chrooted - BUILD: namespaces: fix a potential build warning in namespaces.c - DOC: add encoding to json converter example - BUG/MINOR: conf: \"listener id\" expects integer, but its not checked - DOC: Clarify tunes.vars.xxx-max-size settings - BUG/MEDIUM: peers: fix incorrect age in frequency counters - BUG/MEDIUM: Fix RFC5077 resumption when more than TLS_TICKETS_NO are present - BUG/MAJOR: Fix crash in http_get_fhdr with exactly MAX_HDR_HISTORY headers - BUG/MINOR: lua: can\'t load external libraries - DOC: \"addr\" parameter applies to both health and agent checks - DOC: timeout client: pointers to timeout http-request - DOC: typo on stick-store response - DOC: stick-table: amend paragraph blaming the loss of table upon reload - DOC: typo: ACL subdir match - DOC: typo: maxconn paragraph is wrong due to a wrong buffer size - DOC: regsub: parser limitation about the inability to use closing square brackets - DOC: typo: req.uri is now replaced by capture.req.uri - DOC: name set-gpt0 mismatch with the expected keyword - BUG/MEDIUM: stick-tables: some sample-fetch doesn\'t work in the connection state. - DOC: fix \"needed\" typo - BUG/MINOR: dns: inapropriate way out after a resolution timeout - BUG/MINOR: dns: trigger a DNS query type change on resolution timeout - BUG/MINOR : allow to log cookie for tarpit and denied request - OPTIM/MINOR: session: abort if possible before connecting to the backend - BUG/MEDIUM: trace.c: rdtsc() is defined in two files - BUG/MEDIUM: channel: fix miscalculation of available buffer space (2nd try) - BUG/MINOR: cfgparse: couple of small memory leaks. - BUG/MEDIUM: sample: initialize the pointer before parse_binary call. - DOC: fix discrepancy in the example for http-request redirect - DOC: Clarify IPv4 address / mask notation rules - CLEANUP: fix inconsistency between fd->iocb, proto->accept and accept() - BUG/MEDIUM: fix maxaccept computation on per-process listeners - BUG/MINOR: listener: stop unbound listeners on startup - BUG/MINOR: fix maxaccept computation according to the frontend process range - MEDIUM: unblock signals on startup. - BUG/MEDIUM: channel: don\'t allow to overwrite the reserve until connected - BUG/MEDIUM: channel: incorrect polling condition may delay event delivery - BUG/MEDIUM: channel: fix miscalculation of available buffer space (3rd try) - BUG/MEDIUM: log: fix risk of segfault when logging HTTP fields in TCP mode - BUG/MEDIUM: lua: protects the upper boundary of the argument list for converters/fetches. - BUG/MINOR: log: fix a typo that would cause %HP to log - MINOR: channel: add new function channel_congested() - BUG/MEDIUM: http: fix risk of CPU spikes with pipelined requests from dead client - BUG/MAJOR: channel: fix miscalculation of available buffer space (4th try) - BUG/MEDIUM: stream: ensure the SI_FL_DONT_WAKE flag is properly cleared - BUG/MEDIUM: channel: fix inconsistent handling of 4GB-1 transfers - BUG/MEDIUM: stats: show servers state may show an empty or incomplete result - BUG/MEDIUM: stats: show backend may show an empty or incomplete result - MINOR: stats: fix typo in help messages - MINOR: stats: show stat resolvers missing in the help message - BUG/MINOR: dns: fix DNS header definition - BUG/MEDIUM: dns: fix alignment issue when building DNS queries - CLEANUP/MINOR: stats: fix accidental addition of member \"env\" in the applet ctx- refreshed patches to apply cleanly again - haproxy-1.6.0-makefile_lib.patch - haproxy-1.6.0-sec-options.patch
* Mon Mar 14 2016 mrueckertAATTsuse.de- update to 1.6.4 (fate#320607) (bsc#937202) - BUG/MINOR: http: fix several off-by-one errors in the url_param parser - BUG/MINOR: http: Be sure to process all the data received from a server - BUG/MINOR: chunk: make chunk_dup() always check and set dst->size - MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero - MINOR: chunks: add chunk_strcat() and chunk_newstr() - MINOR: chunk: make chunk_initstr() take a const string - MINOR: lru: new function to delete least recently used keys - DOC: add Ben Shillito as the maintainer of 51d - BUG/MINOR: 51d: Ensures a unique domain for each configuration - BUG/MINOR: 51d: Aligns Pattern cache implementation with HAProxy best practices. - BUG/MINOR: 51d: Releases workset back to pool. - BUG/MINOR: 51d: Aligned const pointers to changes in 51Degrees. - CLEANUP: 51d: Aligned if statements with HAProxy best practices and removed casts from malloc. - DOC: fix a few spelling mistakes (cherry picked from commit cc123c66c2075add8524a6a9925382927daa6ab0) - DOC: fix \"workaround\" spelling - BUG/MINOR: examples: Fixing haproxy.spec to remove references to .cfg files - MINOR: fix the return type for dns_response_get_query_id() function - MINOR: server state: missing LF (\
) on error message printed when parsing server state file - BUG/MEDIUM: dns: no DNS resolution happens if no ports provided to the nameserver - BUG/MAJOR: servers state: server port is erased when dns resolution is enabled on a server - BUG/MEDIUM: servers state: server port is used uninitialized - BUG/MEDIUM: config: Adding validation to stick-table expire value. - BUG/MEDIUM: sample: http_date() doesn\'t provide the right day of the week - BUG/MEDIUM: channel: fix miscalculation of available buffer space. - MEDIUM: pools: add a new flag to avoid rounding pool size up - BUG/MEDIUM: buffers: do not round up buffer size during allocation - BUG/MINOR: stream: don\'t force retries if the server is DOWN - BUG/MINOR: counters: make the sc-inc-gpc0 and sc-set-gpt0 touch the table - MINOR: unix: don\'t mention free ports on EAGAIN - BUG/CLEANUP: CLI: report the proper field states in \"show sess\" - MINOR: stats: send content-length with the redirect to allow keep-alive - BUG: stream_interface: Reuse connection even if the output channel is empty - DOC: remove old tunnel mode assumptions - BUG/MAJOR: http-reuse: fix risk of orphaned connections - BUG/MEDIUM: http-reuse: do not share private connections across backends - BUG/MINOR: ssl: Be sure to use unique serial for regenerated certificates - BUG/MINOR: stats: fix missing comma in stats on agent drain - BUG/MINOR: lua: unsafe initialization - DOC: lua: fix somme errors - DOC: add server name at rate-limit sessions example - BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation - BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation - DOC: LUA: fix some typos and syntax errors - MINOR: cfgparse: warn for incorrect \'timeout retry\' keyword spelling in resolvers - MINOR: mailers: increase default timeout to 10 seconds - MINOR: mailers: use for all line endings - BUG/MAJOR: lua: applets can\'t sleep. - BUG/MINOR: server: some prototypes are renamed - BUG/MINOR: lua: Useless copy - BUG/MEDIUM: stats: stats bind-process doesn\'t propagate the process mask correctly - BUG/MINOR: server: fix the format of the warning on address change - BUG/MEDIUM: chunks: always reject negative-length chunks - BUG/MINOR: systemd: ensure we don\'t miss signals - BUG/MINOR: systemd: report the correct signal in debug message output - BUG/MINOR: systemd: propagate the correct signal to haproxy - MINOR: systemd: ensure a reload doesn\'t mask a stop - BUG/MEDIUM: cfgparse: wrong argument offset after parsing server \"sni\" keyword - CLEANUP: stats: Avoid computation with uninitialized bits. - CLEANUP: pattern: Ignore unknown samples in pat_match_ip(). - CLEANUP: map: Avoid memory leak in out-of-memory condition. - BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs - BUG/MAJOR: samples: check smp->strm before using it - MINOR: sample: add a new helper to initialize the owner of a sample - MINOR: sample: always set a new sample\'s owner before evaluating it - BUG/MAJOR: vars: always retrieve the stream and session from the sample - CLEANUP: payload: remove useless and confusing nullity checks for channel buffer - BUG/MINOR: ssl: fix usage of the various sample fetch functions - MINOR: cfgparse: warn when uid parameter is not a number - MINOR: cfgparse: warn when gid parameter is not a number - BUG/MINOR: standard: Avoid free of non-allocated pointer - BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition - CLEANUP: http: fix a build warning introduced by a recent fix - BUG/MINOR: log: GMT offset not updated when entering/leaving DST
* Mon Jan 11 2016 e.istominAATTedss.ee- update to 1.6.3 (fate#320607) - BUG/MEDIUM: lua: clean output buffer - BUG/MEDIUM: http: switch the request channel to no-delay once done. - BUG/MEDIUM: http: don\'t enable auto-close on the response side - BUG/MEDIUM: stream: fix half-closed timeout handling - BUG/MEDIUM: cli: changing compression rate-limiting must require admin level - BUG/MEDIUM: sample: urlp can\'t match an empty value - BUG/MEDIUM: da: stop DeviceAtlas processing in the convertor if there is no input. - BUG/MEDIUM: checks: email-alert not working when declared in defaults - BUG/MEDIUM: http: fix http-reuse when frontend and backend differ - BUG/MEDIUM: config: properly adjust maxconn with nbproc when memmax is forced - BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay. - BUG/MEDIUM: peers: old stick table updates could be repushed - BUG/MEDIUM: lua: Lua applets must not fetch samples using http_txn - BUG/MEDIUM: lua: Forbid HTTP applets from being called from tcp rulesets - BUG/MAJOR: lua: Do not force the HTTP analysers in use-services for all the details see /usr/share/doc/packages/haproxy/CHANGELOG or http://www.haproxy.org/download/1.6/src/CHANGELOG
* Sat Nov 21 2015 mrueckertAATTsuse.de- on sle11 we still need to own /etc/apparmor.d/local
* Sat Nov 21 2015 mrueckertAATTsuse.de- instead of owning the apparmor directories, BR apparmor-profiles.
* Tue Nov 10 2015 mrueckertAATTsuse.de- fix link to tarball
* Tue Nov 03 2015 mrueckertAATTsuse.de- update to 1.6.2 - BUILD: ssl: fix build error introduced in commit 7969a3 with OpenSSL < 1.0.0 - DOC: fix a typo for a \"deviceatlas\" keyword - FIX: small typo in an example using the \"Referer\" header - BUG/MEDIUM: config: count memory limits on 64 bits, not 32 - BUG/MAJOR: dns: first DNS response packet not matching queried hostname may lead to a loop - BUG/MINOR: dns: unable to parse CNAMEs response - BUG/MINOR: examples/haproxy.init: missing brace in quiet_check() - DOC: deviceatlas: more example use cases. - BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin. - BUG/MAJOR: http: don\'t requeue an idle connection that is already queued - DOC: typo on capture.res.hdr and capture.req.hdr - BUG/MINOR: dns: check for duplicate nameserver id in a resolvers section was missing - CLEANUP: use direction names in place of numeric values - BUG/MEDIUM: lua: sample fetches based on response doesn\'t work- drop haproxy-1.6.0-ssl-098.patch: included upstream
* Thu Oct 22 2015 mrueckertAATTsuse.de- update to 1.6.1 - DOC: specify that stats socket doc (section 9.2) is in management - BUILD: install only relevant and existing documentation - CLEANUP: don\'t ignore debian/ directory if present - BUG/MINOR: dns: parsing error of some DNS response - BUG/MEDIUM: namespaces: don\'t fail if no namespace is used - BUG/MAJOR: ssl: free the generated SSL_CTX if the LRU cache is disabled - MEDIUM: dns: Don\'t use the ANY query type- drop haproxy-1.6.0-ssl.crash.patch included in update
* Mon Oct 19 2015 mrueckertAATTsuse.de- add haproxy-1.6.0-ssl-098.patch: fix building on openssl 0.9.8
* Fri Oct 16 2015 mrueckertAATTsuse.de- added haproxy-1.6.0-ssl.crash.patch: fix SNI related crash
* Thu Oct 15 2015 mrueckertAATTsuse.de- only use network namespace support on distros newer than 13.2
* Tue Oct 13 2015 mrueckertAATTsuse.de- update to 1.6.0 The most user-visible changes, we can cite the simpler handling of multiple configuration files, the support for quotes and environment variables in the configuration, a significant reduction of the memory usage thanks to a new dynamic buffer allocator, notifications over e-mail, server state keeping across reloads, dynamic DNS-based server address resolution, new scripting capabilities thanks to the embedded Lua interpreter, use of variables in the configuration to manipulate samples, request body buffering and analysis, support for two third-party device identification products (DeviceAtlas and 51Degrees), a lot of new sample converters including arithmetic operators and table lookups, TLS ticket secret sharing between nodes, TLS SNI to the server, full tables replication between peers, ability to instruct the kernel to quickly kill dead connections, support for Linux namespaces, and a number of other less visible goodies. The performance has also been improved a lot with support for server connection multiplexing, much faster and cheaper HTTP compression via libslz, and the addition of a pattern cache to speed up certain expensive ACLs. The great flexibility offered by this version will allow many users to significantly simplify their configurations. Some users will notice a huge performance boost after they enable the features designed for them. for all the details see /usr/share/doc/packages/haproxy/CHANGELOG- drop patches we pulled from upstream git: 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch 0002-DOC-usesrc-root-privileges-requirements.patch 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch 0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch 0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch 0006-DOC-typo-in-redirect-302-code-meaning.patch 0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch 0008-CLEANUP-.gitignore-ignore-more-test-files.patch 0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch 0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch 0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch 0012-DOC-ssl-missing-LF.patch 0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch 0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch 0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch- refresh/redo patches to apply cleanly again: old: haproxy-1.2.16_config_haproxy_user.patch new: haproxy-1.6.0_config_haproxy_user.patch old: haproxy-makefile_lib.patch new: haproxy-1.6.0-makefile_lib.patch old: sec-options.patch new: haproxy-1.6.0-sec-options.patch- added new haproxy.cfg to have a minimal config we can actually launch!- drop patch haproxy-1.5.8-fix-bashisms.patch: patched files no longer exist- drop haproxy.vim: we will use the copy which ships with the upstream tarball now.
* Wed Sep 23 2015 dmuellerAATTsuse.com- fix haproxy status checks (bsc#947204)
* Tue Sep 08 2015 kgronlundAATTsuse.com- Backport patches from upstream: - BUG/MINOR: http: remove stupid HTTP_METH_NONE entry - BUG/MAJOR: http: don\'t call http_send_name_header() after an error- Add 0014-BUG-MINOR-http-remove-stupid-HTTP_METH_NONE-entry.patch- Add 0015-BUG-MAJOR-http-don-t-call-http_send_name_header-afte.patch
* Wed Aug 26 2015 kgronlundAATTsuse.com- Backport patches from upstream: - BUG/MINOR: log: missing some ARGC_
* entries in fmt_directives() - DOC: usesrc root privileges requirements - BUILD: ssl: Allow building against libssl without SSLv3. - DOC/MINOR: fix OpenBSD versions where haproxy works - BUG/MINOR: http/sample: gmtime/localtime can fail - DOC: typo in \'redirect\', 302 code meaning - DOC: mention that %ms is left-padded with zeroes. - CLEANUP: .gitignore: ignore more test files - CLEANUP: .gitignore: finally ignore everything but what is known. - MEDIUM: config: emit a warning on a frontend without listener - BUG/MEDIUM: counters: ensure that src_{inc,clr}_gpc0 creates a missing entry - DOC: ssl: missing LF - DOC: fix example of http-request using ssl_fc_session_id- Add 0001-BUG-MINOR-log-missing-some-ARGC_-entries-in-fmt_dire.patch- Add 0002-DOC-usesrc-root-privileges-requirements.patch- Add 0003-BUILD-ssl-Allow-building-against-libssl-without-SSLv.patch- Add 0004-DOC-MINOR-fix-OpenBSD-versions-where-haproxy-works.patch- Add 0005-BUG-MINOR-http-sample-gmtime-localtime-can-fail.patch- Add 0006-DOC-typo-in-redirect-302-code-meaning.patch- Add 0007-DOC-mention-that-ms-is-left-padded-with-zeroes.patch- Add 0008-CLEANUP-.gitignore-ignore-more-test-files.patch- Add 0009-CLEANUP-.gitignore-finally-ignore-everything-but-wha.patch- Add 0010-MEDIUM-config-emit-a-warning-on-a-frontend-without-l.patch- Add 0011-BUG-MEDIUM-counters-ensure-that-src_-inc-clr-_gpc0-c.patch- Add 0012-DOC-ssl-missing-LF.patch- Add 0013-DOC-fix-example-of-http-request-using-ssl_fc_session.patch
* Fri Jul 03 2015 kgronlundAATTsuse.com- Update to 1.5.14 (CVE-2015-3281) (bsc#937042) + BUILD/MINOR: tools: rename popcount to my_popcountl + BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
* Fri Jun 26 2015 kgronlundAATTsuse.com- Update to 1.5.13 - Dropped all patches backported from git, no further changes than those patches provided.- Removed patches: + Remove 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch + Remove 0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch + Remove 0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch + Remove 0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch + Remove 0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch + Remove 0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch + Remove 0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch + Remove 0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch + Remove 0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch + Remove 0010-DOC-Update-doc-about-weight-act-and-bck-fields-in-th.patch + Remove 0011-MINOR-ssl-add-a-destructor-to-free-allocated-SSL-res.patch + Remove 0012-BUG-MEDIUM-ssl-fix-tune.ssl.default-dh-param-value-b.patch + Remove 0013-BUG-MINOR-cfgparse-fix-typo-in-option-httplog-error-.patch + Remove 0014-BUG-MEDIUM-cfgparse-segfault-when-userlist-is-misuse.patch + Remove 0015-MEDIUM-ssl-replace-standards-DH-groups-with-custom-o.patch + Remove 0016-BUG-MINOR-debug-display-null-in-place-of-meth.patch + Remove 0017-CLEANUP-deinit-remove-codes-for-cleaning-p-block_rul.patch + Remove 0018-BUG-MINOR-ssl-fix-smp_fetch_ssl_fc_session_id.patch + Remove 0019-MEDIUM-init-don-t-stop-proxies-in-parent-process-whe.patch + Remove 0020-MINOR-peers-store-the-pointer-to-the-signal-handler.patch + Remove 0021-MEDIUM-peers-unregister-peers-that-were-never-starte.patch + Remove 0022-MEDIUM-config-propagate-the-table-s-process-list-to-.patch + Remove 0023-MEDIUM-init-stop-any-peers-section-not-bound-to-the-.patch + Remove 0024-MEDIUM-config-validate-that-peers-sections-are-bound.patch + Remove 0025-MAJOR-peers-allow-peers-section-to-be-used-with-nbpr.patch + Remove 0026-DOC-relax-the-peers-restriction-to-single-process.patch + Remove 0027-CLEANUP-config-fix-misleading-information-in-error-m.patch + Remove 0028-MINOR-config-report-the-number-of-processes-using-a-.patch + Remove 0029-BUG-MEDIUM-config-properly-compute-the-default-numbe.patch
* Thu Jun 25 2015 kgronlundAATTsuse.com- Backport upstream patches: + DOC: Update doc about weight, act and bck fields in the statistics + MINOR: ssl: add a destructor to free allocated SSL ressources + BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten + BUG/MINOR: cfgparse: fix typo in \'option httplog\' error message + BUG/MEDIUM: cfgparse: segfault when userlist is misused + MEDIUM: ssl: replace standards DH groups with custom ones + BUG/MINOR: debug: display (null) in place of \"meth\" + CLEANUP: deinit: remove codes for cleaning p->block_rules + BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id + MEDIUM: init: don\'t stop proxies in parent process when exiting + MINOR: peers: store the pointer to the signal handler + MEDIUM: peers: unregister peers that were never started + MEDIUM: config: propagate the table\'s process list to the peers sections + MEDIUM: init: stop any peers section not bound to the correct process + MEDIUM: config: validate that peers sections are bound to exactly one process + MAJOR: peers: allow peers section to be used with nbproc > 1 + DOC: relax the peers restriction to single-process + CLEANUP: config: fix misleading information in error message. + MINOR: config: report the number of processes using a peers section in the error case + BUG/MEDIUM: config: properly compute the default number of processes for a proxy- Added patches: + Add 0010-DOC-Update-doc-about-weight-act-and-bck-fields-in-th.patch + Add 0011-MINOR-ssl-add-a-destructor-to-free-allocated-SSL-res.patch + Add 0012-BUG-MEDIUM-ssl-fix-tune.ssl.default-dh-param-value-b.patch + Add 0013-BUG-MINOR-cfgparse-fix-typo-in-option-httplog-error-.patch + Add 0014-BUG-MEDIUM-cfgparse-segfault-when-userlist-is-misuse.patch + Add 0015-MEDIUM-ssl-replace-standards-DH-groups-with-custom-o.patch + Add 0016-BUG-MINOR-debug-display-null-in-place-of-meth.patch + Add 0017-CLEANUP-deinit-remove-codes-for-cleaning-p-block_rul.patch + Add 0018-BUG-MINOR-ssl-fix-smp_fetch_ssl_fc_session_id.patch + Add 0019-MEDIUM-init-don-t-stop-proxies-in-parent-process-whe.patch + Add 0020-MINOR-peers-store-the-pointer-to-the-signal-handler.patch + Add 0021-MEDIUM-peers-unregister-peers-that-were-never-starte.patch + Add 0022-MEDIUM-config-propagate-the-table-s-process-list-to-.patch + Add 0023-MEDIUM-init-stop-any-peers-section-not-bound-to-the-.patch + Add 0024-MEDIUM-config-validate-that-peers-sections-are-bound.patch + Add 0025-MAJOR-peers-allow-peers-section-to-be-used-with-nbpr.patch + Add 0026-DOC-relax-the-peers-restriction-to-single-process.patch + Add 0027-CLEANUP-config-fix-misleading-information-in-error-m.patch + Add 0028-MINOR-config-report-the-number-of-processes-using-a-.patch + Add 0029-BUG-MEDIUM-config-properly-compute-the-default-numbe.patch
* Mon May 25 2015 kgronlundAATTsuse.com- BUG/MINOR: check: fix tcpcheck error message- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end- CLEANUP: checks: simplify the loop processing of tcp-checks- BUG/MAJOR: checks: always check for end of list before proceeding- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct- BUG/MEDIUM: peers: apply a random reconnection timeout- Add 0003-BUG-MINOR-check-fix-tcpcheck-error-message.patch- Add 0004-CLEANUP-checks-fix-double-usage-of-cur-current_step-.patch- Add 0005-BUG-MEDIUM-checks-do-not-dereference-head-of-a-tcp-c.patch- Add 0006-CLEANUP-checks-simplify-the-loop-processing-of-tcp-c.patch- Add 0007-BUG-MAJOR-checks-always-check-for-end-of-list-before.patch- Add 0008-BUG-MEDIUM-checks-do-not-dereference-a-list-as-a-tcp.patch- Add 0009-BUG-MEDIUM-peers-apply-a-random-reconnection-timeout.patch
* Mon May 11 2015 mrueckertAATTsuse.de- added 0002-BUG-MEDIUM-http-don-t-forward-client-shutdown-withou.patch BUG/MEDIUM: http: don\'t forward client shutdown without NOLINGER except for tunnels
* Mon May 04 2015 mrueckertAATTsuse.de- added first patch from the 1.5 branch after the update: 0001-BUG-MEDIUM-stats-properly-initialize-the-scope-befor.patch
* Sat May 02 2015 mrueckertAATTsuse.de- update to 1.5.12 - BUG/MINOR: ssl: Display correct filename in error message - DOC: Fix L4TOUT typo in documentation - BUG/MEDIUM: Do not consider an agent check as failed on L7 error - BUG/MINOR: pattern: error message missing - BUG/MEDIUM: pattern: some entries are not deleted with case insensitive match - BUG/MEDIUM: buffer: one byte miss in buffer free space check - BUG/MAJOR: http: don\'t read past buffer\'s end in http_replace_value - BUG/MEDIUM: http: the function \"(req|res)-replace-value\" doesn\'t respect the HTTP syntax - BUG/MEDIUM: peers: correctly configure the client timeout - BUG/MINOR: compression: consider the expansion factor in init - BUG/MEDIUM: http: hdr_cnt would not count any header when called without name - BUG/MEDIUM: listener: don\'t report an error when resuming unbound listeners - BUG/MEDIUM: init: don\'t limit cpu-map to the first 32 processes only - BUG/MEDIUM: stream-int: always reset si->ops when si->end is nullified - BUG/MEDIUM: http: remove content-length from chunked messages - DOC: http: update the comments about the rules for determining transfer-length - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to HTTP/1.1 - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad request - BUG/MEDIUM: http: remove content-length form responses with bad transfer-encoding - MEDIUM: http: restrict the HTTP version token to 1 digit as per RFC7230 - MEDIUM: http: add option-ignore-probes to get rid of the floods of 408 - BUG/MINOR: config: clear proxy->table.peers.p for disabled proxies - MINOR: stick-table: don\'t attach to peers in stopped state - MEDIUM: config: initialize stick-tables after peers, not before - MEDIUM: peers: add the ability to disable a peers section - DOC: document option http-ignore-probes - DOC: fix the comments about the meaning of msg->sol in HTTP - BUG/MEDIUM: http: wait for the exact amount of body bytes in wait_for_request_body - BUG/MAJOR: http: prevent risk of reading past end with balance url_param - DOC: update the doc on the proxy protocol- remove patches that we pulled from the 1.5 tree 0001-BUG-MINOR-pattern-error-message-missing.patch 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch 0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch 0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch 0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch 0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch 0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch
* Mon Apr 20 2015 mrueckertAATTsuse.de- pull 3 patches from upstream: 0010-BUG-MINOR-ssl-Display-correct-filename-in-error-mess.patch 0011-BUG-MEDIUM-listener-don-t-report-an-error-when-resum.patch 0012-BUG-MEDIUM-init-don-t-limit-cpu-map-to-the-first-32-.patch
* Thu Apr 02 2015 mrueckertAATTsuse.de- pull 3 patches from upstream: 0007-BUG-MEDIUM-http-the-function-req-res-replace-value-d.patch 0008-BUG-MINOR-compression-consider-the-expansion-factor-.patch 0009-BUG-MEDIUM-http-hdr_cnt-would-not-count-any-header-w.patch
* Mon Mar 16 2015 kgronlundAATTsuse.com- pull 3 patches from upstream: - BUG/MEDIUM: peers: correctly configure the client timeout - BUG/MEDIUM: buffer: one byte miss in buffer free space check - BUG/MAJOR: http: don\'t read past buffer\'s end in http_replace_value- Add 0004-BUG-MEDIUM-peers-correctly-configure-the-client-time.patch- Add 0005-BUG-MEDIUM-buffer-one-byte-miss-in-buffer-free-space.patch- Add 0006-BUG-MAJOR-http-don-t-read-past-buffer-s-end-in-http_.patch
* Thu Mar 05 2015 mrueckertAATTsuse.de- added another fix from upstream: 0003-BUG-MEDIUM-Do-not-consider-an-agent-check-as-failed-.patch
* Wed Feb 11 2015 aspiersAATTsuse.com- haproxy.init: fix reload and force-reload not to start a stopped service
* Fri Feb 06 2015 mrueckertAATTsuse.de- pulled 2 patches from upstream: 0001-BUG-MINOR-pattern-error-message-missing.patch 0002-BUG-MEDIUM-pattern-some-entries-are-not-deleted-with.patch
* Sun Feb 01 2015 mrueckertAATTsuse.de- update to 1.5.11 - BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used - MINOR: ssl: load certificates in alphabetical order - BUG/MINOR: checks: prevent http keep-alive with http-check expect - BUG/MEDIUM: Do not set agent health to zero if server is disabled in config - MEDIUM/BUG: Only explicitly report \"DOWN (agent)\" if the agent health is zero - BUG/MINOR: stats:Fix incorrect printf type. - DOC: add missing entry for log-format and clarify the text - BUG/MEDIUM: http: fix header removal when previous header ends with pure LF - BUG/MEDIUM: channel: fix possible integer overflow on reserved size computation - BUG/MINOR: channel: compare to_forward with buf->i, not buf->size - MINOR: channel: add channel_in_transit() - MEDIUM: channel: make buffer_reserved() use channel_in_transit() - MEDIUM: channel: make bi_avail() use channel_in_transit() - BUG/MEDIUM: channel: don\'t schedule data in transit for leaving until connected - BUG/MAJOR: log: don\'t try to emit a log if no logger is set - BUG/MINOR: args: add missing entry for ARGT_MAP in arg_type_names - BUG/MEDIUM: http: make http-request set-header compute the string before removal - BUG/MINOR: http: fix incorrect header value offset in replace-hdr/replace-value - BUG/MINOR: http: abort request processing on filter failure- drop patch included in update: 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch
* Tue Jan 06 2015 mrueckertAATTsuse.de- pull fix from usptream: 0001-BUG-MEDIUM-backend-correctly-detect-the-domain-when-.patch BUG/MEDIUM: backend: correctly detect the domain when use_domain_only is used
* Wed Dec 31 2014 mrueckertAATTsuse.de- update to 1.5.10 - DOC: fix a few typos - BUG/MINOR: http: fix typo: \"401 Unauthorized\" => \"407 Unauthorized\" - BUG/MINOR: parse: refer curproxy instead of proxy - DOC: httplog does not support \'no\' - MINOR: map/acl/dumpstats: remove the \"Done.\" message - BUG/MEDIUM: sample: fix random number upper-bound - BUG/MEDIUM: patterns: previous fix was incomplete - BUG/MEDIUM: payload: ensure that a request channel is available - BUG/MINOR: tcp-check: don\'t condition data polling on check type - BUG/MEDIUM: tcp-check: don\'t rely on random memory contents - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect - BUG/MINOR: config: fix typo in condition when propagating process binding - BUG/MEDIUM: config: do not propagate processes between stopped processes - BUG/MAJOR: stream-int: properly check the memory allocation return - BUG/MEDIUM: memory: fix freeing logic in pool_gc2() - BUG/MEDIUM: compression: correctly report zlib_mem- drop patches that we pulled from git before: 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch 0006-DOC-fix-a-few-typos.patch 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch 0008-DOC-httplog-does-not-support-no.patch 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch
* Sat Dec 20 2014 mrueckertAATTsuse.de- pulled some more fixes from git: 0003-BUG-MINOR-tcp-check-don-t-condition-data-polling-on-.patch 0004-BUG-MEDIUM-tcp-check-don-t-rely-on-random-memory-con.patch 0005-BUG-MEDIUM-tcp-checks-disable-quick-ack-unless-next-.patch 0006-DOC-fix-a-few-typos.patch 0007-BUG-MEDIUM-sample-fix-random-number-upper-bound.patch 0008-DOC-httplog-does-not-support-no.patch 0009-BUG-MINOR-http-fix-typo-401-Unauthorized-407-Unautho.patch 0010-BUG-MINOR-parse-refer-curproxy-instead-of-proxy.patch 0011-BUG-MINOR-config-fix-typo-in-condition-when-propagat.patch 0012-BUG-MEDIUM-config-do-not-propagate-processes-between.patch see patch headers for details.
* Fri Nov 28 2014 mrueckertAATTsuse.de- pulled 2 fixes from git: - 0001-BUG-MEDIUM-patterns-previous-fix-was-incomplete.patch Dmitry Sivachenko reported that commit 315ec42 (\"BUG/MEDIUM: pattern: don\'t load more than once a pattern list.\") relies on an uninitialised variable in the stack. While it used to work fine during the tests, if the uninitialized variable is non-null, some patterns may be aggregated if loaded multiple times, resulting in slower processing, which was the original issue it tried to address. - 0002-BUG-MEDIUM-payload-ensure-that-a-request-channel-is-.patch Denys Fedoryshchenko reported a segfault when using certain sample fetch functions in the \"tcp-request connection\" rulesets despite the warnings. This is because some tests for the existence of the channel were missing.
* Wed Nov 26 2014 ledestAATTgmail.com- fix bashisms in example scripts- add patches:
* haproxy-1.5.8-fix-bashisms.patch
* Wed Nov 26 2014 mrueckertAATTsuse.de- update to 1.5.9 - BUILD: fix \"make install\" to support spaces in the install dirs - BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks - BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM. - BUG/MINOR: samples: fix unnecessary memcopy converting binary to string. - BUG/MEDIUM: connection: sanitize PPv2 header length before parsing address information - BUG/MEDIUM: pattern: don\'t load more than once a pattern list. - BUG/MEDIUM: ssl: force a full GC in case of memory shortage - BUG/MINOR: config: don\'t inherit the default balance algorithm in frontends - BUG/MAJOR: frontend: initialize capture pointers earlier - BUG/MINOR: stats: correctly set the request/response analysers - DOC: fix typo in the body parser documentation for msg.sov - BUG/MINOR: peers: the buffer size is global.tune.bufsize, not trash.size - MINOR: sample: add a few basic internal fetches (nbproc, proc, stopping) - BUG/MAJOR: sessions: unlink session from list on out of memory- Drop patches pulled from git - 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch - 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch - 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch - 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch - 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch - 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
* Thu Nov 20 2014 kgronlundAATTsuse.com- BUILD: fix \"make install\" to support spaces in the install dirs- BUG/MEDIUM: ssl: fix bad ssl context init can cause segfault in case of OOM.- BUG/MEDIUM: ssl: force a full GC in case of memory shortage- BUG/MEDIUM: checks: fix conflicts between agent checks and ssl healthchecks- BUG/MINOR: config: don\'t inherit the default balance algorithm in frontends- BUG/MAJOR: frontend: initialize capture pointers earlier- Add patches: - 0001-BUILD-fix-make-install-to-support-spaces-in-the-inst.patch - 0002-BUG-MEDIUM-ssl-fix-bad-ssl-context-init-can-cause-se.patch - 0003-BUG-MEDIUM-ssl-force-a-full-GC-in-case-of-memory-sho.patch - 0004-BUG-MEDIUM-checks-fix-conflicts-between-agent-checks.patch - 0005-BUG-MINOR-config-don-t-inherit-the-default-balance-a.patch - 0006-BUG-MAJOR-frontend-initialize-capture-pointers-earli.patch
* Sun Nov 09 2014 ledestAATTgmail.com- fix bashisms in pre script
* Fri Oct 31 2014 mrueckertAATTsuse.de- update to 1.5.8 - BUG/MAJOR: buffer: check the space left is enough or not when input data in a buffer is wrapped - BUG/BUILD: revert accidental change in the makefile from latest SSL fix- changes in 1.5.7 - BUG/MEDIUM: regex: fix pcre_study error handling - BUG/MINOR: log: fix request flags when keep-alive is enabled - MINOR: ssl: add fetchs \'ssl_c_der\' and \'ssl_f_der\' to return DER formatted certs - MINOR: ssl: add statement to force some ssl options in global. - BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates - BUG/MEDIUM: http: don\'t dump debug headers on MSG_ERROR - BUG/MAJOR: cli: explicitly call cli_release_handler() upon error - BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol - BUG/MEDIUM: tcp: don\'t use SO_ORIGINAL_DST on non-AF_INET sockets- Dropped patches: - 0001-BUG-MEDIUM-http-don-t-dump-debug-headers-on-MSG_ERRO.patch - 0002-BUG-MAJOR-cli-explicitly-call-cli_release_handler-up.patch - 0003-BUG-MINOR-log-fix-request-flags-when-keep-alive-is-e.patch - 0004-BUG-MEDIUM-tcp-fix-outgoing-polling-based-on-proxy-p.patch
* Wed Oct 29 2014 kgronlundAATTsuse.com- BUG/MEDIUM: http: don\'t dump debug headers on MSG_ERROR- BUG/MAJOR: cli: explicitly call cli_release_handler() upon error- BUG/MINOR: log: fix request flags when keep-alive is enabled- BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol- Added patches: - 0001-BUG-MEDIUM-http-don-t-dump-debug-headers-on-MSG_ERRO.patch - 0002-BUG-MAJOR-cli-explicitly-call-cli_release_handler-up.patch - 0003-BUG-MINOR-log-fix-request-flags-when-keep-alive-is-e.patch - 0004-BUG-MEDIUM-tcp-fix-outgoing-polling-based-on-proxy-p.patch
* Sat Oct 18 2014 mrueckertAATTsuse.de- update to 1.5.6 - BUG/MEDIUM: systemd: set KillMode to \'mixed\' - MINOR: systemd: Check configuration before start - BUG/MEDIUM: config: avoid skipping disabled proxies - BUG/MINOR: config: do not accept more track-sc than configured - BUG/MEDIUM: backend: fix URI hash when a query string is present- dropped patches that were pulled from upstream 0001-BUG-MEDIUM-config-avoid-skipping-disabled-proxies.patch 0001-BUG-MEDIUM-systemd-set-KillMode-to-mixed.patch 0004-BUG-MINOR-config-do-not-accept-more-track-sc-than-co.patch 0005-BUG-MEDIUM-backend-fix-URI-hash-when-a-query-string-.patch- dropped patch we sent upstream haproxy-1.5_check_config_before_start.patch
* Fri Oct 17 2014 kgronlundAATTsuse.com- BUG/MINOR: config: do not accept more track-sc than configured- BUG/MEDIUM: backend: fix URI hash when a query string is present- Add patch: 0004-BUG-MINOR-config-do-not-accept-more-track-sc-than-co.patch- Add patch: 0005-BUG-MEDIUM-backend-fix-URI-hash-when-a-query-string-.patch
  
ICM