~ahasenack/ubuntu/+source/haproxy:disco-haproxy-better-dep8

Branch merges

Propose for merging

Merged into ubuntu/+source/haproxy:ubuntu/devel at revision 06e1dabefb770e012ce4fad4fb27b654f160259f

Robie Basak: Approve on 2019-01-29

Christian Ehrhardt  (community): Approve on 2019-01-29

Diff: 81 lines (+59/-0)

3 files modified

debian/changelog (+7/-0)
debian/tests/control (+4/-0)
debian/tests/proxy-localhost (+48/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

06e1dab... by Andreas Hasenack on 2019-01-24

changelog

61f4c08... by Andreas Hasenack on 2019-01-29

Simplify the index.html comparison

5df7682... by Andreas Hasenack on 2019-01-24

  * d/t/control, d/t/proxy-localhost: simple DEP8 test to actually
    generate traffic through haproxy.

a1a8431... by Apollon Oikonomopoulos <email address hidden> on 2019-01-14

Import patches-unapplied version 1.8.17-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 03841ec1abca416beae02d073a361299c32e4418

New changelog entries:
  * New upstream version 1.8.17
    - BUG/MAJOR: stream-int: Update the stream expiration date in
      stream_int_notify()
    - BUG/MEDIUM: mux-h2: mark that we have too many CS once we have more than
      the max
    - BUG/MEDIUM: server: Also copy "check-sni" for server templates.
    - BUG/MEDIUM: cli: make "show sess" really thread-safe
    - BUG/MEDIUM: lua: dead lock when Lua tasks are trigerred
  * Drop CVE-2018-20615.patch; merged upstream

03841ec... by Apollon Oikonomopoulos <email address hidden> on 2019-01-03

Import patches-unapplied version 1.8.16-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 987eb4465096f4b26df6c0c7b7ea32e7e6664147

New changelog entries:
  * Fix out-of-bounds read in HTTP2 mux (CVE-2018-20615).
    This would possibly lead to a crash in H2 HEADERS frame decoder when the
    PRIORITY flag is present, due to a missing frame size check.
  * Bump Standards-Version to 4.3.0; no changes needed.

987eb44... by Vincent Bernat on 2018-12-23

Import patches-unapplied version 1.8.16-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 30cfa33d534fba4654046868cfd4c193d9a52078

New changelog entries:
  * New upstream version 1.8.16.
    - BUG/MEDIUM: dns: Don't prevent reading the last byte of the payload
      in dns_validate_response()
    - BUG/MEDIUM: dns: overflowed dns name start position causing invalid
      dns error
  * d/rules: do not override CFLAGS, hijack DEBUG_CFLAGS for this instead.

30cfa33... by Apollon Oikonomopoulos <email address hidden> on 2018-12-14

Import patches-unapplied version 1.8.15-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6a4ce6b0331d661a0607ddad1d4af1d46aa9bcc0

New changelog entries:
  [ Vincent Bernat ]
  * d/rules: switch to pcre2. Closes: #911933.
  [ Apollon Oikonomopoulos ]
  * New upstream version 1.8.15
    - BUG: dns: Fix off-by-one write in dns_validate_dns_response() (
    - BUG: dns: Fix out-of-bounds read via signedness error in
      dns_validate_dns_response()
    - BUG: dns: Prevent out-of-bounds read in dns_read_name()
    - BUG: dns: Prevent out-of-bounds read in dns_validate_dns_response()
      (CVE-2018-20102, closes: #916308)
    - BUG: dns: Prevent stack-exhaustion via recursion loop in dns_read_name
      (CVE-2018-20103, closes: #916307)
    - BUG/MAJOR: http: http_txn_get_path() may deference an inexisting buffer

6a4ce6b... by Vincent Bernat on 2018-09-23

Import patches-unapplied version 1.8.14-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a206c28578a643f84fd22195e6f0c3ab3b851627

New changelog entries:
  * New upstream version.
    - BUG/CRITICAL: hpack: fix improper sign check on the header index
                    value (already fixed in 1.8.13-2)
    - BUG/MAJOR: kqueue: Don't reset the changes number by accident.
    - BUG/MAJOR: thread: lua: Wrong SSL context initialization.

a206c28... by Apollon Oikonomopoulos <email address hidden> on 2018-09-19

Import patches-unapplied version 1.8.13-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3f71774921c02e4fc4113739f6dab7c207298cfa

New changelog entries:
  * Fix improper sign check on the HPACK header index value (CVE-2018-14645)
  * Bump Standards-Version to 4.2.1; no changes needed

3f71774... by Vincent Bernat on 2018-08-01

Import patches-unapplied version 1.8.13-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 1ff6aa5700bf2abb70981a8c3e6b61a1504eee04

New changelog entries:
  * New upstream version.
    - BUG/MEDIUM: h2: don't accept new streams if conn_streams are still
                  in excess
    - BUG/MEDIUM: h2: make sure the last stream closes the connection
                  after a timeout
    - BUG/MEDIUM: h2: never leave pending data in the output buffer on close
    - BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection
                  forever
    - BUG/MEDIUM: stats: don't ask for more data as long as we're responding
    - BUG/MEDIUM: stream-int: don't immediately enable reading when the
                  buffer was reportedly full
    - BUG/MEDIUM: threads/sync: use sched_yield when available
    - BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
    - BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
    - BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread
                  number
  * d/patches: drop systemd exit status patch (applied upstream).