HAProxy known bugs for version v2.4.25 (maintenance branch 2.4) :  102 

This version (2.4.25) is a release belonging to maintenance branch 2.4 whose latest version is 2.4.28. If your version is not the last one in the maintenance branch, you are missing fixes for known bugs, and by not updating you are needlessly taking the responsibility for the risk of unexpected service outages and exposing your web site to possible security issues.

The HAProxy development team takes a great care of maintaining stable versions so that all users can apply bug fixes without having to take the risk of upgrading to a new branch. In turn users are expected to apply the fixes when the development team estimates that they were worth being backported to stable branches.

Quick links

Other versions in the same branch

This branch contains the following releases :

DateVersionComment
2024-11-082.4.28 ⇐ last
2024-06-182.4.27 
2024-04-052.4.26 
2023-12-142.4.25 ⇐ yours
2023-08-192.4.24 
2023-06-092.4.23 
2023-02-142.4.22 
2023-01-272.4.21 
2022-12-092.4.20 
2022-09-282.4.19 
2022-07-272.4.18 
2022-05-132.4.17 
2022-04-292.4.16 
2022-03-142.4.15 
2022-02-252.4.14 
2022-02-162.4.13 
2022-01-112.4.12 
2022-01-072.4.11 
2021-12-232.4.10 
2021-11-242.4.9 
2021-11-032.4.8 
2021-10-042.4.7 
2021-10-042.4.6 
2021-10-012.4.5 
2021-09-072.4.4 
2021-08-172.4.3 
2021-07-072.4.2 
2021-06-172.4.1 
2021-05-142.4.0 

Known bugs affecting this version, and already fixed in the maintenance branch

These fixes have already been queued for a more recent 2.4 version. Some of them might have already been released in a more recent version than yours, and other ones might still be pending in the maintenance branch for a future release. The list may be empty if you're already on the latest version and no new fix was backported.

Bugs are almost always tagged with a severity (some people forget the severity tag when the bug is minor). The following severities are used :

Total known bugs in this version by category :

TotalCRITICALMAJORMEDIUMMINOR
102 0 4 38 60

Click on the subjects below to get the full description of the bug :

Merge dateSubject - Severity (minor, medium, major, critical)
2024-12-02BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0
2024-11-06BUG/MINOR: http-ana: Report internal error if an action yields on a final eval
2024-11-06BUG/MINOR: ssl/cli: 'set ssl cert' does not check the transaction name correctly
2024-11-06BUG/MEDIUM: connection/http-reuse: fix address collision on unhandled address families
2024-11-06BUG/MINOR: mworker: fix mworker-max-reloads parser
2024-11-06BUG/MINOR: http-ana: Don't report a server abort if response payload is invalid
2024-11-06BUG/MEDIUM: hlua: properly handle sample func errors in hlua_run_sample_{fetch,conv}()
2024-11-06BUG/MEDIUM: hlua: make hlua_ctx_renew() safe
2024-11-06BUG/MEDIUM: server: server stuck in maintenance after FQDN change
2024-11-06BUG/MINOR: cfgparse-global: fix allowed args number for setenv
2024-11-06BUG/MEDIUM: cli: Deadlock when setting frontend maxconn
2024-09-17BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
2024-09-17BUG/MINOR: polling: fix time reporting when using busy polling
2024-09-17BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
2024-09-17BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
2024-09-17BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
2024-09-17BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
2024-09-17BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
2024-09-17BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
2024-09-17BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
2024-09-17BUG/MINOR: trace: automatically start in waiting mode with "start "
2024-09-17BUG/MINOR: fcgi-app: handle a possible strdup() failure
2024-09-17BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
2024-09-17BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
2024-09-17BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
2024-09-17BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
2024-09-17BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
2024-07-03BUG/MAJOR: server: do not delete srv referenced by session
2024-07-03BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
2024-07-03BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
2024-06-19BUG/MEDIUM: cli: fix cli_output_msg() regression
2024-06-10BUG/MINOR: haproxy: only tid 0 must not sleep if got signal
2024-06-10BUG/MAJOR: connection: fix server used_conns with H2 + reuse safe
2024-06-10BUG/MEDIUM: http_ana: ignore NTLM for reuse aggressive/always and no H1
2024-06-10BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
2024-06-10BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
2024-06-10BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
2024-06-10BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
2024-06-10BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
2024-06-10BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
2024-06-10BUG/MINOR: activity: fix Delta_calls and Delta_bytes count
2024-06-10BUG/MINOR: ssl/ocsp: init callback func ptr as NULL
2024-06-10BUG/MINOR: server: Don't reset resolver options on a new default-server line
2024-06-10BUG/MINOR: connection: parse PROXY TLV for LOCAL mode
2024-06-10BUG/MINOR: stats: Don't state the 303 redirect response is chunked
2024-06-10BUG/MINOR: htpp-ana/stats: Specify that HTX redirect messages have a C-L header
2024-06-10BUG/MEDIUM: fd: prevent memory waste in fdtab array
2024-06-10BUG/MEDIUM: stick-tables: properly mark stktable_data as packed
2024-06-10BUG/MEDIUM: htx: mark htx_sl as packed since it may be realigned
2024-06-10BUG/MINOR: h1: fix detection of upper bytes in the URI
2024-06-10BUG/MINOR: backend: use cum_sess counters instead of cum_conn
2024-06-10BUG/MINOR: fd: my_closefrom() on Linux could skip contiguous series of sockets
2024-06-10BUG/MINOR: sock: handle a weird condition with connect()
2024-06-10BUG/MEDIUM: cache: Vary not working properly on anything other than accept-encoding
2024-06-10BUG/MEDIUM: evports: do not clear returned events list on signal
2024-06-10BUG/MEDIUM: stconn: Don't forward channel data if input data must be filtered
2024-06-10BUG/MEDIUM: peers/trace: fix crash when listing event types
2024-06-10BUG/MEDIUM: http-ana: Deliver 502 on keep-alive for fressh server connection
2024-06-10BUG/MINOR: log: invalid snprintf() usage in sess_build_logline()
2024-06-10BUG/MINOR: tools/log: invalid encode_{chunk,string} usage
2024-06-10BUG/MINOR: log: fix lf_text_len() truncate inconsistency
2024-06-10BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
2024-06-10BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
2024-05-17BUG/MEDIUM: thread/sched: set proper scheduling context upon ha_set_tid()
2024-04-05BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
2024-04-05BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
2024-04-05DEBUG: lua: precisely identify if stream is stuck inside lua or not
2024-04-03BUG/MINOR: ist: only store NUL byte on succeeded alloc
2024-04-03BUG/MINOR: backend: properly handle redispatch 0
2024-04-03BUG/MINOR: server: ignore 'enabled' for dynamic servers
2024-04-03BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
2024-04-03BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
2024-04-03BUG/MINOR: session: ensure conn owner is set after insert into session
2024-04-03BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
2024-04-03BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
2024-04-03BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
2024-04-03BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
2024-04-03BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
2024-04-03BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
2024-04-03BUG/MINOR: cfgparse: report proper location for log-format-sd errors
2024-04-03BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
2024-04-03BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
2024-04-03BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
2024-04-03BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
2024-04-03BUG/MINOR: tools: seed the statistical PRNG slightly better
2024-04-03BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
2024-04-03BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
2024-04-03BUG/MINOR: ist: allocate nul byte on istdup
2024-04-03BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
2024-04-03BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
2024-04-03BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
2024-04-03BUG/MEDIUM: h1: always reject the NUL character in header values
2024-04-03BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
2024-04-03BUG/MINOR: h1: Don't support LF only at the end of chunks
2024-04-03BUG/MINOR: h1-htx: properly initialize the err_pos field
2024-04-03BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
2024-04-03BUG/MINOR: vars/cli: fix missing LF after "get var" output
2024-04-03BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
2024-01-17BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
2024-01-17BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
2024-01-17BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
2024-01-17BUG/MEDIUM: connection: report connection errors even when no mux is installed
2024-01-17BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them

Back to the list of branches and versions
Back to the HAProxy page