Accepted haproxy 2.0.4-1~bpo10+1 (source amd64 all) into buster-backports, buster-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 09 Aug 2019 14:34:56 +0200
Source: haproxy
Binary: haproxy haproxy-dbgsym haproxy-doc vim-haproxy
Architecture: source amd64 all
Version: 2.0.4-1~bpo10+1
Distribution: buster-backports
Urgency: medium
Maintainer: Debian HAProxy Maintainers <haproxy@tracker.debian.org>
Changed-By: Vincent Bernat <bernat@debian.org>
Description:
haproxy - fast and reliable load balancing reverse proxy
haproxy-doc - fast and reliable load balancing reverse proxy (HTML documentatio
vim-haproxy - syntax highlighting for HAProxy configuration files
Closes: 932763
Changes:
haproxy (2.0.4-1~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
.
haproxy (2.0.4-1) unstable; urgency=medium
.
* New upstream release. Upload to unstable.
- BUG/MAJOR: http/sample: use a static buffer for raw -> htx
conversion
- BUG/MAJOR: queue/threads: avoid an AB/BA locking issue in
process_srv_queue()
* d/haproxy.cfg: update default cipher lists to more secure defaults.
TLSv1.0 and TLSv1.1 are disabled, as well as TLS tickets (they are
breaking forward secrecy unless correctly rotated).
Closes: #932763.
.
haproxy (2.0.3-1~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
.
haproxy (2.0.3-1) experimental; urgency=medium
.
* New upstream version.
- BUG/CRITICAL: http_ana: Fix parsing of malformed cookies which start by
a delimiter (CVE-2019-14241)
- BUG/MEDIUM: checks: Don't attempt to receive data if we already
subscribed.
- BUG/MEDIUM: http/htx: unbreak option http_proxy
- DOC: htx: Update comments in HTX files
- BUG/MEDIUM: mux-h1: Trim excess server data at the end of a transaction
- BUG/MEDIUM: tcp-checks: do not dereference inexisting conn_stream
* Bump Standards-Version to 4.4.0; no changes needed
.
haproxy (2.0.2-1~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
.
haproxy (2.0.2-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: listener: fix thread safety in resume_listener()
.
haproxy (2.0.1-1~bpo10+1) buster-backports; urgency=medium
.
* Rebuild for buster-backports.
.
haproxy (2.0.1-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: sample: Wrong stick-table name parsing in "if/unless" ACL
condition.
- BUG/MAJOR: mux-h1: Don't crush trash chunk area when outgoing
message is formatted
* d/rules: fix crash during reload due to libgcc_s.so missing when
chrooted.
.
haproxy (2.0.0-1) experimental; urgency=medium
.
* New upstream version.
* d/watch: update to follow 2.0.
* d/gbp.conf: update for 2.0 and experimental.
* d/rules: update to use linux-glibc target.
* d/rules: enable prometheus exporter.
* d/patches: refresh patches.
* d/vim-haproxy.install: update path to vim syntax file.
* d/README.Debian: remove outdated information.
.
haproxy (1.9.8-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: map/acl: real fix segfault during show map/acl on CLI
- BUG/MAJOR: mux-h2: do not add a stream twice to the send list
.
haproxy (1.9.7-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: http_fetch: Get the channel depending on the keyword used
- BUG/MAJOR: lb/threads: fix AB/BA locking issue in round-robin LB
- BUG/MAJOR: lb/threads: fix insufficient locking on round-robin LB
- BUG/MAJOR: muxes: Use the HTX mode to find the best mux for HTTP
proxies only
- BUG/MAJOR: task: make sure never to delete a queued task
.
haproxy (1.9.6-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: checks: segfault during tcpcheck_main
.
haproxy (1.9.5-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: cache/htx: Set the start-line offset when a cached object
is served
- BUG/MAJOR: fd/threads, task/threads: ensure all spin locks are
unlocked
- BUG/MAJOR: listener: Make sure the listener exist before using it.
- BUG/MAJOR: mux-h2: fix race condition between close on both ends
- BUG/MAJOR: spoe: Don't try to get agent config during SPOP
healthcheck
- BUG/MAJOR: spoe: Fix initialization of thread-dependent fields
- BUG/MAJOR: stats: Fix how huge POST data are read from the channel
- BUG/MAJOR: stream: avoid double free on unique_id
- BUG/MAJOR: tasks: Use the TASK_GLOBAL flag to know if we're in the
global rq.
.
haproxy (1.9.4-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: config: verify that targets of track-sc and stick rules
are present
- BUG/MAJOR: htx/backend: Make all tests on HTTP messages compatible
with HTX
- BUG/MAJOR: spoe: verify that backends used by SPOE cover all their
callers' processes
.
haproxy (1.9.3-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: mux-h2: don't destroy the stream on failed allocation in
h2_snd_buf()
- BUG/MEDIUM: checks: fix recent regression on agent-check making it
crash
- BUG/MEDIUM: ssl: Fix handling of TLS 1.3 KeyUpdate messages
.
haproxy (1.9.2-1) experimental; urgency=medium
.
* New upstream version.
- BUG/MAJOR: cache: fix confusion between zero and uninitialized cache
key
- BUG/MEDIUM: checks: Avoid having an associated server for email
checks.
- BUG/MEDIUM: connection: properly unregister the mux on failed
initialization
- BUG/MEDIUM: h1: Get the h1m state when restarting the headers
parsing
- BUG/MEDIUM: h1: Make sure we destroy an inactive connectin that did
shutw.
- BUG/MEDIUM: init: Initialize idle_orphan_conns for first server in
server-template
- BUG/MEDIUM: mux-h2: decode trailers in HEADERS frames
- BUG/MEDIUM: ssl: Disable anti-replay protection and set max data
with 0RTT.
- BUG/MEDIUM: ssl: missing allocation failure checks loading tls key
file
- BUG/MEDIUM: stats: Get the right scope pointer depending on HTX is
used or not
* d/patches: removal of CVE-2018-20615.patch (applied upstream)
.
haproxy (1.9.0-2) experimental; urgency=medium
.
* Fix out-of-bounds read in HTTP2 mux (CVE-2018-20615).
Possible crash in H2 HEADERS frame decoder when the PRIORITY flag
is present, due to a missing frame size check.
* Bump Standards-Version to 4.3.0; no changes needed.
.
haproxy (1.9.0-1) experimental; urgency=medium
.
* New upstream version 1.9.0.
See https://www.haproxy.com/blog/haproxy-1-9-has-arrived/.
* d/watch: update to follow 1.9.
* d/gbp.conf: update for 1.9 and experimental.
* d/rules: do not override CFLAGS, hijack DEBUG_CFLAGS for this instead.
* d/patches: add regression fix for DNS.
Checksums-Sha1:
d779387601b43bdb1bcb7aacc0ef27d80452089a 2327 haproxy_2.0.4-1~bpo10+1.dsc
164624c82e8fdfc7496b6185b19ac65a6e94376e 2538442 haproxy_2.0.4.orig.tar.gz
f34f7613b0e49ec4442252400251102d57e369a1 68036 haproxy_2.0.4-1~bpo10+1.debian.tar.xz
e54258392cd48b512f357503a242204ba0bb363f 5055640 haproxy-dbgsym_2.0.4-1~bpo10+1_amd64.deb
1501def92ddba3082dd82fa6c2624bb6211c1be5 605288 haproxy-doc_2.0.4-1~bpo10+1_all.deb
c79aeee8bcb16f0699b1b606a90bef77ed1a8a8e 8269 haproxy_2.0.4-1~bpo10+1_amd64.buildinfo
896dec5e56a0c0cbeb5e1da379ded621c4f22e50 1711088 haproxy_2.0.4-1~bpo10+1_amd64.deb
8c5e212372e4ad97a4c1168167ef8626fea30497 228892 vim-haproxy_2.0.4-1~bpo10+1_all.deb
Checksums-Sha256:
e7776df5a21e5d1c09cb0f9a3197af90c7f82019aa7b730fac1c9ce42389bc57 2327 haproxy_2.0.4-1~bpo10+1.dsc
e2680696032c8b957cd26fd948fff239d2cfc17b00964e6d2dc5adf8155fcef1 2538442 haproxy_2.0.4.orig.tar.gz
dba7e20614ecdca3acc1697bcd9a26c5c35e4c62bafb20c0da40c518e2e9936d 68036 haproxy_2.0.4-1~bpo10+1.debian.tar.xz
5492723d2ebc69e46d4c459576d300e4505db552a75e6b1b44d4769870e4e5ae 5055640 haproxy-dbgsym_2.0.4-1~bpo10+1_amd64.deb
194c483f4c4a7252b586f836c2a5b3bdf92d3f72da998c22a4cac264c4f0535a 605288 haproxy-doc_2.0.4-1~bpo10+1_all.deb
ff936c18363259ff6e1c96963c5110f3a14f4203e5d843d3927ca0959bab4b42 8269 haproxy_2.0.4-1~bpo10+1_amd64.buildinfo
66e8328e6386f051c81d802d49511ae854e9b90d061d28dde8ccbfc1372d4049 1711088 haproxy_2.0.4-1~bpo10+1_amd64.deb
4b20579c7a4328696d3753ba6f45ea10d1a2fa24be397006697c68e69025d566 228892 vim-haproxy_2.0.4-1~bpo10+1_all.deb
Files:
227a5f467b1c341387c296cec5011b05 2327 net optional haproxy_2.0.4-1~bpo10+1.dsc
e0a295b3aa468f70ba261cc5ae9a5f83 2538442 net optional haproxy_2.0.4.orig.tar.gz
64f7d27c603c12102baf5187b6daa31c 68036 net optional haproxy_2.0.4-1~bpo10+1.debian.tar.xz
a50a6b90988755fa500f9c12e6c88e4e 5055640 debug optional haproxy-dbgsym_2.0.4-1~bpo10+1_amd64.deb
b7cad90f91b14d6795f9db9bf85654cd 605288 doc optional haproxy-doc_2.0.4-1~bpo10+1_all.deb
ffdab5250aeda392b1240443c948b574 8269 net optional haproxy_2.0.4-1~bpo10+1_amd64.buildinfo
3fed4711d3e1a20a298ea56798dfa3fa 1711088 net optional haproxy_2.0.4-1~bpo10+1_amd64.deb
fb4ac77d87541113fda0aff8ea744404 228892 net optional vim-haproxy_2.0.4-1~bpo10+1_all.deb
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCAAwFiEErvI0h2bzccaJpzYAlaQv6DU1JfkFAl1QC9MSHGJlcm5hdEBk
ZWJpYW4ub3JnAAoJEJWkL+g1NSX5RS0P/jqX+VQoa8s3PcENykcfn//1iWDxpkQR
sciNFozOavvWS79L+qhqAWjMd9Mm+p/mvjQbAX2URO0xTuH60piS656VtRIr5FMZ
cg4fHyrMwlzG8iAQiIvJ2xEpBjz0cGKK8oQIdjpYY/DfCwpAhduU4tV7poVzpd6d
GmpiaAgZCLMmfpLBWiOaROtFD8Fkj4Fw6y00ben/uqVmPzEJ3xWr/1HbMVp8QVkO
S8L+OqW49/NlSIvEmS6i6Ce3TRJsIKcsnlaf81FfFkMxCLD9yPh96pSKVD8018+v
LRCibT6zsdZAS+e2jor9CyjCq/m62sj6LzQZKCTnoG/4jASrlUdibUgCXFco7jd9
sGH8L1bwqLS5xH3VRyYeHPs1JDOekzdPMUsIuHv5hc0ohKa+wTjauFF1F6s05xnY
lREAC01m3zVxWd7krZjRjkr2HMi3X+38mku3pBKayvAIocmWUTSu5W8jCgZr/kSe
VZcofvfa5tnxaiQdhM26MuqWlUMtc4f9Ipy8FMZ0ea54TtYX8hg+ktBPjy/9OPTf
7oOfH8zBB4NISUTlOGEgGCcKUleGzJX4iwsE33CfANtS31eyIfHerHslv8OVPPnh
7ptHB/ivEAP8BIfUpSbjyx0QGflCFE8WC7M1yXLfk3vPBYsjRagNBGKepxyyo80S
NcXsGgr+00oZ
=rSKy
-----END PGP SIGNATURE-----
Reply to: