| Date | Subject |
|---|
| 2025-09-22 | BUG/MEDIUM: stick-tables: Don't let table_process_entry() handle refcnt |
| 2025-09-22 | BUG/MINOR: acme/cli: wrong description for "acme challenge_ready" |
| 2025-09-19 | BUG/MEDIUM: http-client: Fix the test on the response start-line |
| 2025-09-18 | BUG/MEDIUM: sink: fix unexpected double postinit of sink backend |
| 2025-09-17 | BUG/MEDIUM: ring: invert the length check to avoid an int overflow |
| 2025-09-16 | BUG/MEDIUM: pattern: fix possible infinite loops on deletion (try 2) |
| 2025-09-16 | Revert "BUG/MEDIUM: pattern: fix possible infinite loops on deletion" |
| 2025-09-16 | BUG/MEDIUM: pattern: fix possible infinite loops on deletion |
| 2025-09-15 | BUG/MINOR: resolvers: always normalize FQDN from response |
| 2025-09-15 | BUG/MINOR: ocsp: Crash when updating CA during ocsp updates |
| 2025-09-15 | BUG/MEDIUM: http_ana: fix potential NULL deref in http_process_req_common() |
| 2025-09-15 | Revert "BUG/MINOR: ocsp: Crash when updating CA during ocsp updates" |
| 2025-09-15 | BUG/MINOR: ocsp: Crash when updating CA during ocsp updates |
| 2025-09-15 | BUG/MEDIUM: resolvers: Wake resolver task up whne unlinking a stream requester |
| 2025-09-12 | BUG/MEDIUM: resolvers: Accept to create resolution without hostname |
| 2025-09-12 | BUG/MEDIUM: resolvers: Make resolution owns its hostname_dn value |
| 2025-09-12 | BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer |
| 2025-09-11 | BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers |
| 2025-09-11 | BUG/MEDIUM: resolvers: Properly cache do-resolv resolution |
| 2025-09-11 | BUG/MINOR: ocsp: prototype inconsistency |
| 2025-09-11 | BUG/MINOR: ssl: Fix potential NULL deref in trace callback |
| 2025-09-11 | BUG/MINOR: ssl: Potential NULL deref in trace macro |
| 2025-09-11 | BUG/MEDIUM: jws: return size_t in JWS functions |
| 2025-09-11 | BUG/MINOR: acme: null pointer dereference upon allocation failure |
| 2025-09-11 | BUG/MAJOR: stream: Force channel analysis on successful synchronous send |
| 2025-09-10 | BUG/MINOR: stick-table: make sure never to miss a process_table_expire update |
| 2025-09-10 | BUG/MEDIUM: ssl: Fix a crash if we failed to create the mux |
| 2025-09-10 | BUG/MEDIUM: ssl: Fix a crash when using QUIC |
| 2025-09-10 | DEBUG: stick-tables: export stktable_add_pend_updates() for better reporting |
| 2025-09-10 | BUG/MEDIUM: stick-tables: don't loop on non-expirable entries |
| 2025-09-10 | BUG/MINOR: activity: fix reporting of task latency |
| 2025-09-09 | BUG/MEDIUM: ssl: create the mux immediately on early data |
| 2025-09-09 | BUG/MEDIUM: h1: Allow reception if we have early data |
| 2025-09-09 | DEBUG: peers: export functions that use locks |
| 2025-09-09 | DEBUG: stream: count the number of passes in the connect loop |
| 2025-09-09 | BUG/MINOR: check: ensure checks are compatible with QUIC servers |
| 2025-09-09 | BUG/MEDIUM: checks: fix ALPN inheritance from server |
| 2025-09-09 | BUG/MINOR: hq-interop: adjust parsing/encoding on backend side |
| 2025-09-09 | BUG/MEDIUM: mux-h2: Reinforce conditions to report an error to app-layer stream |
| 2025-09-09 | BUG/MEDIUM: mux-h2: Report RST/error to app-layer stream during 0-copy fwding |
| 2025-09-09 | BUG/MINOR: mux-h2: Remove H2_CF_DEM_DFULL flags when the demux buffer is reset |
| 2025-09-09 | BUG/MEDIUM: mux-h2: Restart reading when mbuf ring is no longer full |
| 2025-09-09 | BUG/MEDIUM: mux-h2; Don't block reveives in H2_CS_ERROR and H2_CS_ERROR2 states |
| 2025-09-09 | BUG/MEDIUM: mux-h2: Reset MUX blocking flags when a send error is caught |
| 2025-09-08 | BUG/MINOR: quic: properly support GSO on backend side |
| 2025-09-08 | BUG/MINOR: pools: Fix the dump of pools info to deal with buffers limitations |
| 2025-09-08 | BUG/MEDIUM: proxy: fix crash with stop_proxy() called during init |
| 2025-09-06 | BUG/MEDIUM: ssl: Properly initialize msg_controllen. |
| 2025-09-06 | BUG/MINOR: cpu_topo: work around a small bug in musl's CPU_ISSET() |
| 2025-09-05 | BUG/MINOR: quic: too short PADDING frame for too short packets |
| 2025-09-05 | BUG/MINOR: tcpcheck: Don't use sni as pool-conn-name for non-SSL connections |
| 2025-09-05 | BUG/MINOR: server: Update healthcheck when server settings are changed via CLI |
| 2025-09-05 | BUG/MEDIUM: server: Use sni as pool connection name for SSL server only |
| 2025-09-05 | BUG/MINOR: acl: Fix error message about several '-m' parameters |
| 2025-09-04 | BUG/MINOR: log: fix potential memory leak upon error in add_to_logformat_list() |
| 2025-09-04 | BUG/MEDIUM: quic-be: too early SSL_SESSION initialization |
| 2025-09-04 | BUG/MINOR: connection: streamline conn detach from lists |
| 2025-09-04 | BUG/MEDIUM: conn: fix UAF on connection after reversal on edge |
| 2025-09-03 | BUG/MINOR: check: fix dst address when reusing a connection |
| 2025-09-03 | BUG/MINOR: check: ensure check-reuse is compatible with SSL |
| 2025-09-03 | MEDIUM: stats-file: add some BUG_ON() guards to ensure exported structs are not changed by accident |
| 2025-09-03 | BUG/MEDIUM: peers: don't fail twice to grab the update lock |
| 2025-09-03 | BUG/MINOR: stick-tables: never leave used entries without expiration |
| 2025-09-03 | BUG/MEDIUM: stick-tables: don't leave the expire loop with elements deleted |
| 2025-09-02 | BUG/MINOR: haproxy: be sure not to quit too early on soft stop |
| 2025-09-02 | MEDIUM: quic: strengthen BUG_ON() for unpad Initial packet on client |
| 2025-09-02 | BUG/MINOR: quic: pad Initial pkt with CONNECTION_CLOSE on client |
| 2025-09-02 | BUG/MINOR: quic: fix padding issue on INITIAL retransmit |
| 2025-09-02 | BUG/MINOR: quic: fix room check if padding requested |
| 2025-09-02 | BUG/MINOR: quic: ignore AGAIN ncbuf err when parsing CRYPTO frames |
| 2025-09-02 | BUG/MINOR: tools: Add OOM check for malloc() in indent_msg() |
| 2025-09-02 | BUG/MINOR: compression: Add OOM check for calloc() in parse_compression_options() |
| 2025-09-02 | BUG/MINOR: cfgparse: Add OOM check for calloc() in cfg_parse_listen() |
| 2025-09-02 | BUG/MINOR: acl: Add OOM check for calloc() in smp_fetch_acl_parse() |
| 2025-09-02 | BUG/MINOR: log: Add OOM checks for calloc() and malloc() in logformat parser and dup_logger() |
| 2025-09-02 | BUG/MINOR: halog: Add OOM checks for calloc() in filter_count_srv_status() and filter_count_url() |
| 2025-09-01 | BUG/MINOR: acl: Properly detect overwritten matching method |
| 2025-09-01 | BUG/MINOR: server: Duplicate healthcheck's sni inherited from default server |
| 2025-09-01 | BUG/MEDIUM: server: Duplicate healthcheck's alpn inherited from default server |
| 2025-09-01 | BUG/MAJOR: mux-quic: fix crash on reload during emission |
| 2025-09-01 | BUG/MEDIUM: quic: CRYPTO frame freeing without eb_delete() |
| 2025-08-29 | BUG/BUILD: stats: fix build due to missing stat enum definition |
| 2025-08-28 | BUG/MINOR: mux-quic: do not access conn after idle list insert |
| 2025-08-28 | BUG/MINOR: server: decrement session idle_conns on del server |
| 2025-08-28 | BUG/MINOR: connection: remove extra session_unown_conn() on reverse |
| 2025-08-28 | BUG/MINOR: connection: rearrange union list members |
| 2025-08-28 | BUG/MEDIUM: mworker: fix startup and reload on macOS |
| 2025-08-28 | BUG/MINOR: acl: set arg_list->kw to aclkw->kw string literal if aclkw is found |
| 2025-08-28 | BUG/MINOR: mux-quic: trace with non initialized qcc |
| 2025-08-27 | BUG/MINOR: quic: reorder fragmented RX CRYPTO frames by their offsets |
| 2025-08-27 | BUG/MEDIUM: quic-be: avoid crashes when releasing Initial pktns |
| 2025-08-26 | BUG/MEDIUM: spoe: Improve error detection in SPOE applet on client abort |
| 2025-08-25 | BUG/MEDIUM: mux-spop: Reject connection attempts from a non-spop frontend |
| 2025-08-25 | BUG/MEDIUM: http_ana: handle yield for "stats http-request" evaluation |
| 2025-08-22 | BUG/MINOR: quic: don't coalesce probing and ACK packet of same type |
| 2025-08-22 | BUG/MAJOR: quic: fix INITIAL padding with probing packet only |
| 2025-08-22 | BUG/MINOR: quic: do not emit probe data if CONNECTION_CLOSE requested |
| 2025-08-22 | BUG/MEDIUM: quic: reset padding when building GSO datagrams |
| 2025-08-21 | BUG/MAJOR: stream: Remove READ/WRITE events on channels after analysers eval |
| 2025-08-21 | BUG/MEDIUM: ssl: apply ssl-f-use on every "ssl" bind |
| 2025-08-21 | BUG/MEDIUM: quic-be: crash after backend CID allocation failures |
| 2025-08-21 | BUG/MINOR: quic-be: missing Initial packet number space discarding |
| 2025-08-21 | BUG/MEDIUM: mux-h2: fix crash on idle-ping due to unwanted ABORT_NOW |
| 2025-08-20 | BUG/MEDIUM: mworker: more verbose error upon loading failure |
| 2025-08-20 | BUG/MEDIUM: quic-be: do not initialize ->conn too early |
| 2025-08-20 | BUG/MEDIUM: quic: crash after quic_conn allocation failures |
| 2025-08-20 | BUG/MEDIUM: cli: Report inbuf is no longer full when a line is consumed |
| 2025-08-20 | BUG/MINOR: spoe: Properly detect and skip empty NOTIFY frames |
| 2025-08-14 | BUG/MINOR: mux-h1: fix wrong lock label |
| 2025-08-14 | BUG/MEDIUM: quic: listener connection stuck during handshakes (OpenSSL 3.5) |
| 2025-08-11 | BUG/MINOR: init: Initialize random seed earlier in the init process |
| 2025-08-08 | BUG/MEDIUM: ssl: fix build with AWS-LC |
| 2025-08-08 | BUG/MEDIUM: ssl: Fix 0rtt to the server |
| 2025-08-08 | BUG/MINOR: stick-table: cap sticky counter idx with tune.nb_stk_ctr instead of MAX_SESS_STKCTR |
| 2025-08-07 | BUG/MINOR: proxy: avoid NULL-deref in post_section_px_cleanup() |
| 2025-08-07 | BUG/MINOR: cfgparse-listen: update err_code for fatal error on proxy directive |
| 2025-08-07 | BUG/MINOR: cfgparse: immediately stop after hard error in srv_init() |
| 2025-08-06 | DEBUG: pools: also retrieve file and line for direct callers of create_pool() |
| 2025-08-06 | DEBUG: pools: store the pool registration file name and line number |
| 2025-08-05 | BUG/MEDIUM: hlua_fcn: ensure systematic watcher cleanup for server list iterator |
| 2025-08-05 | BUG/MINOR: acme: possible integer underflow in acme_txt_record() |
| 2025-07-31 | BUG/MEDIUM: mux-quic: ensure Early-data header is set |
| 2025-07-29 | BUG/MINOR: hlua: take default-path into account with lua-load-per-thread |
| 2025-07-28 | BUG/MEDIUM: queue/stats: also use stream_set_srv_target() for pendconns |
| 2025-07-25 | BUG/MEDIUM: logs: fix sess_build_logline_orig() recursion with options |
| 2025-07-24 | BUG/MINOR: httpclient-cli: Don't try to dump raw headers in HTX mode |
| 2025-07-24 | BUG/MEDIUM: dns: Reset reconnect tempo when connection is finally established |
| 2025-07-24 | BUG/MEDIUM: hlua: Report to SC when output data are blocked on a lua socket |
| 2025-07-24 | BUG/MEDIUM: hlua: Report to SC when data were consumed on a lua socket |
| 2025-07-24 | BUG/MEDIUM: Remove sync sends from streams to applets |
| 2025-07-24 | BUG/MINOR: applet: Fix applet_getword() to not return one extra byte |
| 2025-07-24 | BUG/MEDIUM: stconn: Fix conditions to know an applet can get data from stream |
| 2025-07-24 | BUG/MEDIUM: applet: State inbuf is no longer full if input data are skipped |
| 2025-07-24 | BUG/MINOR: hlua: Skip headers when a receive is performed on an HTTP applet |
| 2025-07-23 | BUG/MINOR: acme: allow "processing" in challenge requests |
| 2025-07-23 | BUG/MINOR: mux-quic: ensure close-spread-time is properly applied |
| 2025-07-23 | BUG/MINOR mux-quic: apply correctly timeout on output pending data |
| 2025-07-23 | BUG/MEDIUM: acme: use POST-as-GET instead of GET for resources |
| 2025-07-22 | BUG/MINOR: h3: fix uninitialized value in h3_req_headers_send() |
| 2025-07-21 | BUG/MINOR: hq-interop: fix FIN transmission |
| 2025-07-21 | BUG/MINOR: logs: fix log-steps extra log origins selection |
| 2025-07-21 | BUG/MEDIUM: threads: Disable the workaround to load libgcc_s on macOS |
| 2025-07-17 | BUG/MINOR: halog: exit with error when some output filters are set simultaneosly |
| 2025-07-17 | BUG/MEDIUM: quic-be: CC buffer released from wrong pool |
| 2025-07-16 | BUG/MINOR: applet: Don't trigger BUG_ON if the tid is not on appctx init |
| 2025-07-16 | BUG/MINOR: quic: Wrong source address use on FreeBSD |
| 2025-07-15 | BUG/MINOR: h3: properly handle interim response on BE side |
| 2025-07-15 | BUG/MEDIUM: h3: handle interim response properly on FE side |
| 2025-07-15 | BUG/MINOR: h3: ensure that invalid status code are not encoded (FE side) |
| 2025-07-15 | BUG/MINOR: h3: properly realloc buffer after interim response encoding |
| 2025-07-15 | BUG/MEDIUM: h3: do not overwrite interim with final response |
| 2025-07-10 | BUG/MINOR: h1-htx: Don't forget to init flags in h1_format_htx_msg function |
| 2025-07-10 | BUG/MINOR: mux-h1: Use configured error files if possible for early H1 errors |
| 2025-07-09 | BUG/MINOR: h3: fix https scheme request encoding for BE side |
| 2025-07-09 | BUG/MEDIUM: http-client: Notify applet has more data to deliver until the EOM |
| 2025-07-09 | BUG/MEDIUM: http-client: Drain the request if an early response is received |
| 2025-07-09 | BUG/MINOR: http-client: Reject any 101-switching-protocols response |
| 2025-07-09 | BUG/MINOR: http-client: Ignore 1XX interim responses in non-HTX mode |
| 2025-07-09 | BUG/MEDIUM: http-client: Test HTX_FL_EOM flag before commiting the HTX buffer |
| 2025-07-09 | BUG/MEDIUM: http-client: Ask for more room when request data cannot be xferred |
| 2025-07-09 | BUG/MEDIUM: http-client: Properly inc input data when HTX blocks are xferred |
| 2025-07-09 | BUG/MEDIUM: http-client: Don't wake http-client applet if nothing was xferred |
| 2025-07-09 | BUG/MEDIUM: quic: Crash after QUIC server callbacks restoration (OpenSSL 3.5) |
| 2025-07-09 | BUG/MINOR: listener: really assign distinct IDs to shards |
| 2025-07-08 | BUG/MINOR: resolvers: don't lower the case of binary DNS format |
| 2025-07-07 | BUG/MINOR: quic-be: Malformed coalesced Initial packets |
| 2025-07-07 | BUG/MINOR: quic: Missing TLS 1.3 QUIC cipher suites and groups inits (OpenSSL 3.5 QUIC API) |
| 2025-07-07 | BUG/MEDIUM: quic: SSL/TCP handshake failures with OpenSSL 3.5 |
| 2025-07-06 | CI: set DEBUG_STRICT=2 for coverity scan |
| 2025-07-04 | BUG/MINOR: http-act: Fix parsing of the expression argument for pause action |
| 2025-07-04 | BUG/MINOR: proto-tcp: Take care to initialized tcp_md5sig structure |
| 2025-07-03 | BUG/MINOR: ssl/ocsp: fix definition discrepancies with ocsp_update_init() |
| 2025-07-02 | BUG/MINOR: ssl: crash in ssl_sock_io_cb() with SSL traces and idle connections |
| 2025-07-01 | BUG/MINOR: httpclient: wrongly named httpproxy flag |
| 2025-06-30 | BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter |
| 2025-06-30 | BUG/MEDIUM: mux-h2: Properly handle connection error during preface sending |
| 2025-06-30 | BUG/MEDIUM: hlua: Forbid any L6/L7 sample fetche functions from lua services |
| 2025-06-30 | BUG/MEDIUM: counters/server: fix server and proxy last_change mixup |
| 2025-06-27 | BUG/MINOR: quic-be: Wrong retry_source_connection_id check |
| 2025-06-26 | BUG/MINOR: tools: use my_unsetenv instead of unsetenv |
| 2025-06-26 | BUG/MINOR: quic: wrong QUIC_FT_CONNECTION_CLOSE(0x1c) frame encoding |
| 2025-06-25 | BUG/MEDIUM: ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers |
| 2025-06-24 | BUG/MINOR: log: Be able to use %ID alias at anytime of the stream's evaluation |
| 2025-06-24 | BUG/MINOR: stream: Avoid recursive evaluation for unique-id based on itself |
| 2025-06-23 | BUG/MINOR: tools: only reset argument start upon new argument |
| 2025-06-20 | BUG/MEDIUM: quic: do not release BE quic-conn prior to upper conn |
| 2025-06-20 | BUG/MAJOR: fwlc: Count an avoided server as unusable. |
| 2025-06-18 | BUG/MINOR: mux-quic/h3: properly handle too low peer fctl initial stream |
| 2025-06-17 | MINOR: h3: use BUG_ON() on missing request start-line |
| 2025-06-16 | BUG/MINOR: mux-quic: check sc_attach_mux return value |
| 2025-06-16 | BUG/MEDIUM: check: Set SOCKERR by default when a connection error is reported |
| 2025-06-16 | BUG/MEDIUM: cli: Don't consume data if outbuf is full or not available |
| 2025-06-16 | BUG/MINOR: quic: fix ODCID initialization on frontend side |
| 2025-06-16 | BUG/MINOR: quic: Fix OSSL_FUNC_SSL_QUIC_TLS_got_transport_params_fn callback (OpenSSL3.5) |
| 2025-06-13 | BUG/MINOR: quic: don't restrict reception on backend privileged ports |
| 2025-06-13 | BUG/MINOR: http-ana: Properly handle keep-query redirect option if no QS |
| 2025-06-12 | BUG/MINOR: quic: work around NEW_TOKEN parsing error on backend side |
| 2025-06-12 | BUG/MINOR: quic: prevent crash on startup with -dt |
| 2025-06-12 | BUG/MINOR: quic-be: CID double free upon qc_new_conn() failures |
| 2025-06-12 | BUG/MEDIUM: mux-quic: adjust wakeup behavior |
| 2025-06-12 | BUG/MINOR: hlua: Don't forget the return statement after a hlua_yieldk() |
| 2025-06-11 | BUG/MINOR: config/server: reject QUIC addresses |
| 2025-06-10 | BUG/MINIR: h1: Fix doc of 'accept-unsafe-...-request' about URI parsing |
| 2025-06-10 | BUG/MEDIUM: fd: Use the provided tgid in fd_insert() to get tgroup_info |
| 2025-06-06 | BUG/MINOR: quic: Missing SSL session object freeing |
| 2025-06-06 | BUG/MINOR: config: fix arg number reported on empty arg warning |
| 2025-06-06 | BUG/MINOR: config: emit warning for empty args only in discovery mode |
| 2025-06-05 | BUG/MEDIUM: cli: Properly parse empty lines and avoid crashed |
| 2025-06-04 | BUG/MINOR: mux-spop: Fix null-pointer deref on SPOP stream allocation failure |
| 2025-06-03 | DEBUG: check: Add the healthcheck's expiration date in the trace messags |
| 2025-06-03 | BUG/MEDIUM: check: Requeue healthchecks on I/O events to handle check timeout |
| 2025-06-03 | BUG/MAJOR: leastconn: Protect tree_elt with the lbprm lock |