[ubuntu/focal-proposed] haproxy 2.0.29-0ubuntu1 (Accepted)
Lucas Kanashiro
kanashiro at ubuntu.com
Fri Sep 9 12:40:55 UTC 2022
haproxy (2.0.29-0ubuntu1) focal; urgency=medium
* New upstream release (LP: #1987914).
- Major and critical bug fixes according to the upstream changelog:
+ http-ana: Always abort the request when a tarpit is triggered
+ list: fix invalid element address calculation
+ proxy_protocol: Properly validate TLV lengths
+ hpack: never index a header into the headroom after wrapping
+ stream-int: always detach a faulty endpoint on connect failure
+ stream: Mark the server address as unset on new outgoing connection
+ dns: Make the do-resolve action thread-safe
+ contrib/spoa-server: Fix unhandled python call leading to memory leak
+ mux-h2: Don't try to send data if we know it is no longer possible
+ spoe: Be sure to remove all references on a released spoe applet
+ filters: Always keep all offsets up to date during data filtering
+ peers: fix partial message decoding
+ spoa/python: Fixing return None
+ dns: fix null pointer dereference in snr_update_srv_status
+ dns: disabled servers through SRV records never recover
+ mux-h2: Properly detect too large frames when decoding headers
+ server: prevent deadlock when using 'set maxconn server'
+ htx: Fix htx_defrag() when an HTX block is expanded
+ queue: set SF_ASSIGNED when setting strm->target on dequeue
+ server: fix deadlock when changing maxconn via agent-check
+ h2: enforce stricter syntax checks on the :method pseudo-header
+ htx: fix missing header name length check in htx_add_header/trailer
+ lua: use task_wakeup() to properly run a task once
+ http/htx: prevent unbounded loop in http_manage_server_side_cookies
+ spoe: properly detach all agents when releasing the applet
+ mux-h2: Be sure to always report HTX parsing error to the app layer
+ sched: prevent rare concurrent wakeup of multi-threaded tasks
+ mux-pt: Always destroy the backend connection on detach
+ dns: multi-thread concurrency issue on UDP socket
+ mux_pt: always report the connection error to the conn_stream
- Refresh haproxy.service-*.patch.
- Remove patches applied by upstream in debian/patches:
+ 0001-2.0-2.3-BUG-MAJOR-htx-fix-missing-header-name-length-check-i.patch
+ 0001-BUG-CRITICAL-hpack-never-index-a-header-into-the-hea.patch
+ 2.0-0001-BUG-MAJOR-h2-enforce-checks-on-the-method-syntax-bef.patch
+ CVE-2022-0711.patch
+ lp1894879-BUG-MEDIUM-dns-*.patch
Date: Fri, 26 Aug 2022 17:07:24 -0300
Changed-By: Lucas Kanashiro <kanashiro at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/haproxy/2.0.29-0ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 26 Aug 2022 17:07:24 -0300
Source: haproxy
Architecture: source
Version: 2.0.29-0ubuntu1
Distribution: focal
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lucas Kanashiro <kanashiro at ubuntu.com>
Launchpad-Bugs-Fixed: 1987914
Changes:
haproxy (2.0.29-0ubuntu1) focal; urgency=medium
.
* New upstream release (LP: #1987914).
- Major and critical bug fixes according to the upstream changelog:
+ http-ana: Always abort the request when a tarpit is triggered
+ list: fix invalid element address calculation
+ proxy_protocol: Properly validate TLV lengths
+ hpack: never index a header into the headroom after wrapping
+ stream-int: always detach a faulty endpoint on connect failure
+ stream: Mark the server address as unset on new outgoing connection
+ dns: Make the do-resolve action thread-safe
+ contrib/spoa-server: Fix unhandled python call leading to memory leak
+ mux-h2: Don't try to send data if we know it is no longer possible
+ spoe: Be sure to remove all references on a released spoe applet
+ filters: Always keep all offsets up to date during data filtering
+ peers: fix partial message decoding
+ spoa/python: Fixing return None
+ dns: fix null pointer dereference in snr_update_srv_status
+ dns: disabled servers through SRV records never recover
+ mux-h2: Properly detect too large frames when decoding headers
+ server: prevent deadlock when using 'set maxconn server'
+ htx: Fix htx_defrag() when an HTX block is expanded
+ queue: set SF_ASSIGNED when setting strm->target on dequeue
+ server: fix deadlock when changing maxconn via agent-check
+ h2: enforce stricter syntax checks on the :method pseudo-header
+ htx: fix missing header name length check in htx_add_header/trailer
+ lua: use task_wakeup() to properly run a task once
+ http/htx: prevent unbounded loop in http_manage_server_side_cookies
+ spoe: properly detach all agents when releasing the applet
+ mux-h2: Be sure to always report HTX parsing error to the app layer
+ sched: prevent rare concurrent wakeup of multi-threaded tasks
+ mux-pt: Always destroy the backend connection on detach
+ dns: multi-thread concurrency issue on UDP socket
+ mux_pt: always report the connection error to the conn_stream
- Refresh haproxy.service-*.patch.
- Remove patches applied by upstream in debian/patches:
+ 0001-2.0-2.3-BUG-MAJOR-htx-fix-missing-header-name-length-check-i.patch
+ 0001-BUG-CRITICAL-hpack-never-index-a-header-into-the-hea.patch
+ 2.0-0001-BUG-MAJOR-h2-enforce-checks-on-the-method-syntax-bef.patch
+ CVE-2022-0711.patch
+ lp1894879-BUG-MEDIUM-dns-*.patch
Checksums-Sha1:
2b84e026f4fe4c7eb5bb02bd0f602cb32058b4b2 2415 haproxy_2.0.29-0ubuntu1.dsc
6e45a2c3aa4076e1d466508bc97b1c479d0692ac 2722893 haproxy_2.0.29.orig.tar.gz
53f727c4057d5d8df51234adc484134673ad57bc 69932 haproxy_2.0.29-0ubuntu1.debian.tar.xz
90e135e5db1a408fc406677e6e0e178c8111ef4e 8042 haproxy_2.0.29-0ubuntu1_source.buildinfo
Checksums-Sha256:
31721eda450694fb2d64548c37e3c928cbb8cb1f543cd8c4d1642ed114452364 2415 haproxy_2.0.29-0ubuntu1.dsc
39801aeede2e945aeae14e41bcbe7fe38bc63971c5d046ae11125b2da513ea5d 2722893 haproxy_2.0.29.orig.tar.gz
e6a51b01a7f3d31cb81fe4198f6af5591425703a00c38be0aa5cbe544979c300 69932 haproxy_2.0.29-0ubuntu1.debian.tar.xz
a27853267359133816a475b064f5a53f414e180cf0c42064556d5c5c4f359453 8042 haproxy_2.0.29-0ubuntu1_source.buildinfo
Files:
22945b6b08a4d52c7885437fc3d5ebd6 2415 net optional haproxy_2.0.29-0ubuntu1.dsc
a4c4983c7ed51946bdde1d0eceedd527 2722893 net optional haproxy_2.0.29.orig.tar.gz
f2d17cc618960bbfb286f72545dcd38c 69932 net optional haproxy_2.0.29-0ubuntu1.debian.tar.xz
e0d4273adc9de68ab9e48a0cdd8c2226 8042 net optional haproxy_2.0.29-0ubuntu1_source.buildinfo
Original-Maintainer: Debian HAProxy Maintainers <haproxy at tracker.debian.org>
Vcs-Git: https://git.launchpad.net/~lucaskanashiro/ubuntu/+source/haproxy
Vcs-Git-Commit: 79026a252a02524cbfd0c5620d667fa8f19b48cc
Vcs-Git-Ref: refs/heads/focal-mre
More information about the Focal-changes
mailing list