Created by Ubuntu Package Importer on 2015-05-06 and last modified on 2015-07-03
Get this branch:
bzr branch lp:ubuntu/wily/haproxy
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

30. By Vincent Bernat on 2015-07-03

* New upstream version. Fix an information leak (CVE-2015-3281):
  - BUG/MAJOR: buffers: make the buffer_slow_realign() function
               respect output data.
* Add $named as a dependency for init script. Closes: #790638.

29. By Vincent Bernat on 2015-06-27

* New upstream stable release including the following fixes:
  - MAJOR: peers: allow peers section to be used with nbproc > 1
  - BUG/MAJOR: checks: always check for end of list before proceeding
  - MEDIUM: ssl: replace standards DH groups with custom ones
  - BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
  - BUG/MEDIUM: cfgparse: segfault when userlist is misused
  - BUG/MEDIUM: stats: properly initialize the scope before dumping stats
  - BUG/MEDIUM: http: don't forward client shutdown without NOLINGER
                except for tunnels
  - BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
  - BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
  - BUG/MEDIUM: peers: apply a random reconnection timeout
  - BUG/MEDIUM: config: properly compute the default number of processes
                for a proxy

28. By Vincent Bernat on 2015-05-02

* New upstream stable release including the following fixes:
  - BUG/MAJOR: http: don't read past buffer's end in http_replace_value
  - BUG/MAJOR: http: prevent risk of reading past end with balance
  - BUG/MEDIUM: Do not consider an agent check as failed on L7 error
  - BUG/MEDIUM: patern: some entries are not deleted with case
                insensitive match
  - BUG/MEDIUM: buffer: one byte miss in buffer free space check
  - BUG/MEDIUM: http: thefunction "(req|res)-replace-value" doesn't
                respect the HTTP syntax
  - BUG/MEDIUM: peers: correctly configure the client timeout
  - BUG/MEDIUM: http: hdr_cnt would not count any header when called
                without name
  - BUG/MEDIUM: listener: don't report an error when resuming unbound
  - BUG/MEDIUM: init: don't limit cpu-map to the first 32 processes only
  - BUG/MEDIUM: stream-int: always reset si->ops when si->end is
  - BUG/MEDIUM: http: remove content-length from chunked messages
  - BUG/MEDIUM: http: do not restrict parsing of transfer-encoding to
  - BUG/MEDIUM: http: incorrect transfer-coding in the request is a bad
  - BUG/MEDIUM: http: remove content-length form responses with bad
  - BUG/MEDIUM: http: wait for the exact amount of body bytes in

27. By Vincent Bernat on 2015-01-04

* New upstream stable release including the following fixes:
    - BUG/MAJOR: stream-int: properly check the memory allocation return
    - BUG/MEDIUM: sample: fix random number upper-bound
    - BUG/MEDIUM: patterns: previous fix was incomplete
    - BUG/MEDIUM: payload: ensure that a request channel is available
    - BUG/MEDIUM: tcp-check: don't rely on random memory contents
    - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
    - BUG/MEDIUM: config: do not propagate processes between stopped
    - BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
    - BUG/MEDIUM: compression: correctly report zlib_mem
* Upload to experimental.

26. By Vincent Bernat on 2014-12-07

* Cherry-pick the following patches from 1.5.9 release:
    - 8a0b93bde77e BUG/MAJOR: sessions: unlink session from list on out
                              of memory
    - bae03eaad40a BUG/MEDIUM: pattern: don't load more than once a pattern
    - 93637b6e8503 BUG/MEDIUM: connection: sanitize PPv2 header length before
                               parsing address information
    - 8ba50128832b BUG/MAJOR: frontend: initialize capture pointers earlier
    - 1f96a87c4e14 BUG/MEDIUM: checks: fix conflicts between agent checks and
                               ssl healthchecks
    - 9bcc01ae2598 BUG/MEDIUM: ssl: force a full GC in case of memory shortage
    - 909514970089 BUG/MEDIUM: ssl: fix bad ssl context init can cause
                               segfault in case of OOM.
* Cherry-pick the following patches from future 1.5.10 release:
    - 1e89acb6be9b BUG/MEDIUM: payload: ensure that a request channel is
    - bad3c6f1b6d7 BUG/MEDIUM: patterns: previous fix was incomplete

25. By Vincent Bernat on 2014-10-31

* New upstream stable release including the following fixes:

   + BUG/MAJOR: buffer: check the space left is enough or not when input
                data in a buffer is wrapped
   + BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
   + BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
   + BUG/MEDIUM: regex: fix pcre_study error handling
   + BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
   + BUG/MINOR: log: fix request flags when keep-alive is enabled
   + BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
   + BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
* Also includes the following new features:
   + MINOR: ssl: add statement to force some ssl options in global.
   + MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER
            formatted certs
* Disable SSLv3 in the default configuration file.

24. By Serge Hallyn on 2014-09-23

haproxy.init: return 0 on stop if haproxy was not running. (LP: #1038139)

23. By Vincent Bernat on 2014-09-02

* New upstream version.
  + Fix a critical bug that, under certain unlikely conditions, allows a
    client to crash haproxy.
* Prefix rsyslog configuration file to ensure to log only to
  /var/log/haproxy. Thanks to Paul Bourke for the patch.

22. By Apollon Oikonomopoulos <email address hidden> on 2014-07-25

* New upstream stable release, fixing the following issues:
  + Memory corruption when building a proxy protocol v2 header
  + Memory leak in SSL DHE key exchange

21. By Apollon Oikonomopoulos <email address hidden> on 2014-07-14

* New upstream stable release. Important fixes:
  + A few sample fetch functions when combined in certain ways would return
    malformed results, possibly crashing the HAProxy process.
  + Hash-based load balancing and http-send-name-header would fail for
    requests which contain a body which starts to be forwarded before the
    data is used.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.