HAProxy known bugs for version v1.3.24 (maintenance branch 1.3) : 37

This version (1.3.24) is a release belonging to maintenance branch 1.3 whose latest version is 1.3.28. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

full changelog for 1.3 : here
browse history for 1.3 : here

Other versions in the same branch

This branch contains the following releases :

Date Version Comment

2016-03-14 1.3.28 ⇐ last

2015-02-01 1.3.27

2011-08-05 1.3.26

2010-06-16 1.3.25

2010-03-30 1.3.24 ⇐ yours

2010-01-28 1.3.23

2009-10-14 1.3.22

2009-10-12 1.3.21

2009-08-09 1.3.20

2009-07-27 1.3.19

2009-05-10 1.3.18

2009-03-29 1.3.17

2009-03-22 1.3.16

2008-04-19 1.3.15

2007-12-06 1.3.14

2007-10-18 1.3.13

2007-06-17 1.3.12

2007-06-03 1.3.11.4

2007-05-14 1.3.11.3

2007-05-14 1.3.11.2

2007-05-14 1.3.11.1

2007-05-14 1.3.11

2007-05-10 1.3.10.2

2007-05-09 1.3.10.1

2007-05-09 1.3.10

2007-04-16 1.3.9

2007-04-03 1.3.8.2

2007-04-01 1.3.8.1

2007-03-26 1.3.8

2007-01-26 1.3.7

2007-01-22 1.3.6.1

2007-01-22 1.3.6

2007-01-07 1.3.5

2007-01-02 1.3.4

2006-10-16 1.3.3

2006-09-03 1.3.2

2006-07-09 1.3.1

2006-07-03 1.3.0

Date	Version	Comment
2016-03-14	1.3.28	⇐ last
2015-02-01	1.3.27
2011-08-05	1.3.26
2010-06-16	1.3.25
2010-03-30	1.3.24	⇐ yours
2010-01-28	1.3.23
2009-10-14	1.3.22
2009-10-12	1.3.21
2009-08-09	1.3.20
2009-07-27	1.3.19
2009-05-10	1.3.18
2009-03-29	1.3.17
2009-03-22	1.3.16
2008-04-19	1.3.15
2007-12-06	1.3.14
2007-10-18	1.3.13
2007-06-17	1.3.12
2007-06-03	1.3.11.4
2007-05-14	1.3.11.3
2007-05-14	1.3.11.2
2007-05-14	1.3.11.1
2007-05-14	1.3.11
2007-05-10	1.3.10.2
2007-05-09	1.3.10.1
2007-05-09	1.3.10
2007-04-16	1.3.9
2007-04-03	1.3.8.2
2007-04-01	1.3.8.1
2007-03-26	1.3.8
2007-01-26	1.3.7
2007-01-22	1.3.6.1
2007-01-22	1.3.6
2007-01-07	1.3.5
2007-01-02	1.3.4
2006-10-16	1.3.3
2006-09-03	1.3.2
2006-07-09	1.3.1
2006-07-03	1.3.0

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 1.3 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

MINOR: the bug presents a limited impact and can easily be mitigated ; users rarely upgrade just for these ones ;
MEDIUM: the bug can cause some undesired behaviour and may require some tricky configuration changes to avoid hitting it ; users normally upgrade to get rid of them, or temporarily disable a functionality.
MAJOR: the bug affects short term reliability and cannot easily be worked around without a significant performance penalty or without a significant functional loss ; such bugs don't stay long in the queue without a release and users must plan an upgrade as soon as possible ;
CRITICAL: this one very rarely happens ; it indicates a short-term reliability or security issue for which there is no workaround. A release will be emitted for this fix even if it's alone and users are urged to upgrade immediately. Some distro maintainers might have been informed in advance in order to agree on a coordinated release date.

Total known bugs in this version by category :

Total CRITICAL MAJOR MEDIUM MINOR

37 0 0 7 30

Total	CRITICAL	MAJOR	MEDIUM	MINOR
37	0	0	7	30

Click on the subjects below to get the full description of the bug :

Merge date Subject - Severity (minor, medium, major, critical)

2016-03-14 BUG/MINOR: acl: don't use record layer in req_ssl_ver

2016-03-14 BUG/MEDIUM: config: count memory limits on 64 bits, not 32

2015-10-27 BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)

2015-10-27 BUG/MINOR: http: remove stupid HTTP_METH_NONE entry

2015-02-01 BUG/MINOR: http: abort request processing on filter failure

2015-02-01 BUG/MINOR: config: don't inherit the default balance algorithm in frontends

2015-02-01 BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets

2015-02-01 BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()

2015-02-01 BUG/MEDIUM: signal: signal handler does not properly check for signal bounds

2015-02-01 BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser

2015-02-01 BUG/MINOR: epoll: correctly disable FD polling in fd_rem()

2015-02-01 BUG/MINOR: tarpit: fix condition to return the HTTP 500 message

2015-02-01 BUG/MEDIUM: balance source did not properly hash IPv6 addresses

2015-02-01 BUG: proto_tcp: set AF_INET on tproxy for use with recent kernels

2015-02-01 [BUG] tcp: dropped connections must be counted as "denied" not "failed"

2013-07-04 BUG/MEDIUM: http: "option checkcache" fails with the no-cache header

2012-01-20 BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend

2011-08-05 [BUG] halog: correctly handle truncated last line

2011-04-08 [BUG] http: balance url_param did not work with first parameters on POST

2011-04-08 [BUG] startup: set the rlimits before binding ports, not after.

2011-04-08 [BUG] cfgparse: correctly count one socket per port in ranges

2011-04-08 [BUG] session: release slot before processing pending connections

2011-04-08 [BUG] http: correctly update the header list when removing two consecutive headers

2011-04-08 [BUG] appsession: fix possible double free in case of out of memory

2011-04-08 [BUG] capture: do not capture a cookie if there is no memory left

2011-04-08 [BUG] config: report the correct proxy type in tcp-request errors

2011-04-08 [BUG] cookie: correctly unset default cookie parameters

2011-04-08 [BUG] checks: don't log backend down for all zero-weight servers

2011-04-06 [BUG] http: don't consider commas as a header delimitor within quotes

2011-04-06 [BUG] queue: don't dequeue proxy-global requests on disabled servers

2010-09-21 [BUG] stream_sock: cleanly disable the listener in case of resource shortage

2010-06-16 [BUG] config: disable "option forceclose" in non-http instances

2010-06-16 [BUG] frontend: always ensure to zero rep->analysers

2010-06-16 [BUG] proxy: connection rate limiting was eating lots of CPU

2010-06-16 [BUG] cttproxy: socket fd leakage in check_cttproxy_version

2010-06-16 [BUG] client: don't add a new session to the list too early

2010-04-07 [BUG] appsession should match the whole cookie name

Merge date	Subject - Severity (minor, medium, major, critical)
2016-03-14	BUG/MINOR: acl: don't use record layer in req_ssl_ver
2016-03-14	BUG/MEDIUM: config: count memory limits on 64 bits, not 32
2015-10-27	BUG/MINOR: http: Add OPTIONS in supported http methods (found by find_http_meth)
2015-10-27	BUG/MINOR: http: remove stupid HTTP_METH_NONE entry
2015-02-01	BUG/MINOR: http: abort request processing on filter failure
2015-02-01	BUG/MINOR: config: don't inherit the default balance algorithm in frontends
2015-02-01	BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
2015-02-01	BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()
2015-02-01	BUG/MEDIUM: signal: signal handler does not properly check for signal bounds
2015-02-01	BUG/MINOR: config: fix improper check for failed memory alloc in ACL parser
2015-02-01	BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
2015-02-01	BUG/MINOR: tarpit: fix condition to return the HTTP 500 message
2015-02-01	BUG/MEDIUM: balance source did not properly hash IPv6 addresses
2015-02-01	BUG: proto_tcp: set AF_INET on tproxy for use with recent kernels
2015-02-01	[BUG] tcp: dropped connections must be counted as "denied" not "failed"
2013-07-04	BUG/MEDIUM: http: "option checkcache" fails with the no-cache header
2012-01-20	BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
2011-08-05	[BUG] halog: correctly handle truncated last line
2011-04-08	[BUG] http: balance url_param did not work with first parameters on POST
2011-04-08	[BUG] startup: set the rlimits before binding ports, not after.
2011-04-08	[BUG] cfgparse: correctly count one socket per port in ranges
2011-04-08	[BUG] session: release slot before processing pending connections
2011-04-08	[BUG] http: correctly update the header list when removing two consecutive headers
2011-04-08	[BUG] appsession: fix possible double free in case of out of memory
2011-04-08	[BUG] capture: do not capture a cookie if there is no memory left
2011-04-08	[BUG] config: report the correct proxy type in tcp-request errors
2011-04-08	[BUG] cookie: correctly unset default cookie parameters
2011-04-08	[BUG] checks: don't log backend down for all zero-weight servers
2011-04-06	[BUG] http: don't consider commas as a header delimitor within quotes
2011-04-06	[BUG] queue: don't dequeue proxy-global requests on disabled servers
2010-09-21	[BUG] stream_sock: cleanly disable the listener in case of resource shortage
2010-06-16	[BUG] config: disable "option forceclose" in non-http instances
2010-06-16	[BUG] frontend: always ensure to zero rep->analysers
2010-06-16	[BUG] proxy: connection rate limiting was eating lots of CPU
2010-06-16	[BUG] cttproxy: socket fd leakage in check_cttproxy_version
2010-06-16	[BUG] client: don't add a new session to the list too early
2010-04-07	[BUG] appsession should match the whole cookie name

Back to the list of branches and versions
Back to the HAProxy page