ubuntu/+source/haproxy:ubuntu/vivid-proposed

Last commit made on 2015-12-10
Get this branch:
git clone -b ubuntu/vivid-proposed https://git.launchpad.net/ubuntu/+source/haproxy
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/vivid-proposed
Repository:
lp:ubuntu/+source/haproxy

Recent commits

86b274c... by Louis Bouchard on 2015-12-09

Import patches-unapplied version 1.5.10-1ubuntu0.2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 3667f79835a2724b67e9dd6dfaa3233a239a3d5c

New changelog entries:
  * Ensure that haproxy processes are terminated correctly when executing
    stop/restart operations, easing backports to pre-systemd versions of
    Ubuntu (LP: #1481737).

3667f79... by Marc Deslauriers on 2015-07-06

Import patches-unapplied version 1.5.10-1ubuntu0.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: cd231431413581779e683468280d149720a43c55

New changelog entries:
  * SECURITY UPDATE: information disclosure via uninitialized memory
    - debian/patches/CVE-2015-3281.patch: respect output data in
      src/buffer.c.
    - CVE-2015-3281

cd23143... by Vincent Bernat on 2015-01-04

Import patches-unapplied version 1.5.10-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: ab330bfc7236b4c1d62d530c8e18ab5046e2407d

New changelog entries:
  * New upstream stable release including the following fixes:
      - BUG/MAJOR: stream-int: properly check the memory allocation return
      - BUG/MEDIUM: sample: fix random number upper-bound
      - BUG/MEDIUM: patterns: previous fix was incomplete
      - BUG/MEDIUM: payload: ensure that a request channel is available
      - BUG/MEDIUM: tcp-check: don't rely on random memory contents
      - BUG/MEDIUM: tcp-checks: disable quick-ack unless next rule is an expect
      - BUG/MEDIUM: config: do not propagate processes between stopped
                    processes
      - BUG/MEDIUM: memory: fix freeing logic in pool_gc2()
      - BUG/MEDIUM: compression: correctly report zlib_mem
  * Upload to experimental.

ab330bf... by Vincent Bernat on 2014-12-07

Import patches-unapplied version 1.5.9-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 718cb54f16f78755cf0a56c7da1a2f219750142e

New changelog entries:
  * New upstream stable release including the following fixes:
      - BUG/MAJOR: sessions: unlink session from list on out
                   of memory
      - BUG/MEDIUM: pattern: don't load more than once a pattern
                    list.
      - BUG/MEDIUM: connection: sanitize PPv2 header length before
                    parsing address information
      - BUG/MAJOR: frontend: initialize capture pointers earlier
      - BUG/MEDIUM: checks: fix conflicts between agent checks and
                    ssl healthchecks
      - BUG/MEDIUM: ssl: force a full GC in case of memory shortage
      - BUG/MEDIUM: ssl: fix bad ssl context init can cause
                                 segfault in case of OOM.
  * Upload to experimental.

718cb54... by Vincent Bernat on 2014-10-31

Import patches-unapplied version 1.5.8-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a6f809499fdf77e8933c11eab9282a697f5f0c03

New changelog entries:
  * New upstream stable release including the following fixes:
     + BUG/MAJOR: buffer: check the space left is enough or not when input
                  data in a buffer is wrapped
     + BUG/MINOR: ssl: correctly initialize ssl ctx for invalid certificates
     + BUG/MEDIUM: tcp: don't use SO_ORIGINAL_DST on non-AF_INET sockets
     + BUG/MEDIUM: regex: fix pcre_study error handling
     + BUG/MEDIUM: tcp: fix outgoing polling based on proxy protocol
     + BUG/MINOR: log: fix request flags when keep-alive is enabled
     + BUG/MAJOR: cli: explicitly call cli_release_handler() upon error
     + BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR
  * Also includes the following new features:
     + MINOR: ssl: add statement to force some ssl options in global.
     + MINOR: ssl: add fetchs 'ssl_c_der' and 'ssl_f_der' to return DER
              formatted certs
  * Disable SSLv3 in the default configuration file.

a6f8094... by Vincent Bernat on 2014-10-20

Import patches-unapplied version 1.5.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cb3c73b6b7faf3fecd0aea558f022d23336f2b05

New changelog entries:
  * New upstream stable release including the following fixes:
    + BUG/MEDIUM: systemd: set KillMode to 'mixed'
    + MINOR: systemd: Check configuration before start
    + BUG/MEDIUM: config: avoid skipping disabled proxies
    + BUG/MINOR: config: do not accept more track-sc than configured
    + BUG/MEDIUM: backend: fix URI hash when a query string is present
  * Drop systemd patches:
    + haproxy.service-also-check-on-start.patch
    + haproxy.service-set-killmode-to-mixed.patch
  * Refresh other patches.

cb3c73b... by Apollon Oikonomopoulos <email address hidden> on 2014-10-08

Import patches-unapplied version 1.5.5-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c906040b143b7c8183b0b19292bd472bbdd74c5d

New changelog entries:
  [ Vincent Bernat ]
  * initscript: use start-stop-daemon to reliably terminate all haproxy
    processes. Also treat stopping a non-running haproxy as success.
    (Closes: #762608, LP: #1038139)
  [ Apollon Oikonomopoulos ]
  * New upstream stable release including the following fixes:
    + DOC: Address issue where documentation is excluded due to a gitignore
      rule.
    + MEDIUM: Improve signal handling in systemd wrapper.
    + BUG/MINOR: config: don't propagate process binding for dynamic
      use_backend
    + MINOR: Also accept SIGHUP/SIGTERM in systemd-wrapper
    + DOC: clearly state that the "show sess" output format is not fixed
    + MINOR: stats: fix minor typo fix in stats_dump_errors_to_buffer()
    + DOC: indicate in the doc that track-sc* can wait if data are missing
    + MEDIUM: http: enable header manipulation for 101 responses
    + BUG/MEDIUM: config: propagate frontend to backend process binding again.
    + MEDIUM: config: properly propagate process binding between proxies
    + MEDIUM: config: make the frontends automatically bind to the listeners'
      processes
    + MEDIUM: config: compute the exact bind-process before listener's
      maxaccept
    + MEDIUM: config: only warn if stats are attached to multi-process bind
      directives
    + MEDIUM: config: report it when tcp-request rules are misplaced
    + MINOR: config: detect the case where a tcp-request content rule has no
      inspect-delay
    + MEDIUM: systemd-wrapper: support multiple executable versions and names
    + BUG/MEDIUM: remove debugging code from systemd-wrapper
    + BUG/MEDIUM: http: adjust close mode when switching to backend
    + BUG/MINOR: config: don't propagate process binding on fatal errors.
    + BUG/MEDIUM: check: rule-less tcp-check must detect connect failures
    + BUG/MINOR: tcp-check: report the correct failed step in the status
    + DOC: indicate that weight zero is reported as DRAIN
  * Add a new patch (haproxy.service-set-killmode-to-mixed.patch) to fix the
    systemctl stop action conflicting with the systemd wrapper now catching
    SIGTERM.
  * Bump standards to 3.9.6; no changes needed.
  * haproxy-doc: link to tracker.debian.org instead of packages.qa.debian.org.
  * d/copyright: move debian/dconv/* paragraph after debian/*, so that it
    actually matches the files it is supposed to.

c906040... by Vincent Bernat on 2014-09-02

Import patches-unapplied version 1.5.4-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 263095c52c1ec09d9a1d31e6b91c636bd5a6588d

New changelog entries:
  * New upstream version.
    + Fix a critical bug that, under certain unlikely conditions, allows a
      client to crash haproxy.
  * Prefix rsyslog configuration file to ensure to log only to
    /var/log/haproxy. Thanks to Paul Bourke for the patch.

263095c... by Apollon Oikonomopoulos <email address hidden> on 2014-07-25

Import patches-unapplied version 1.5.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b04a9675e1108dde30274f4fb36b10e6cc6ff23d

New changelog entries:
  * New upstream stable release, fixing the following issues:
    + Memory corruption when building a proxy protocol v2 header
    + Memory leak in SSL DHE key exchange

b04a967... by Apollon Oikonomopoulos <email address hidden> on 2014-07-13

Import patches-unapplied version 1.5.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ec9bffbd7b0e55314bd875cd3da26d2b1337cb14

New changelog entries:
  * New upstream stable release. Important fixes:
    + A few sample fetch functions when combined in certain ways would return
      malformed results, possibly crashing the HAProxy process.
    + Hash-based load balancing and http-send-name-header would fail for
      requests which contain a body which starts to be forwarded before the
      data is used.