SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 
Changelog for haproxy-debugsource-1.4.24-1.1.i586.rpm :
Tue Jun 18 14:00:00 2013 mrueckertAATTsuse.de
- update to 1.4.24 (bnc#825412)
- BUG/MAJOR: backend: consistent hash can loop forever in certain
circumstances
- BUG/MEDIUM: checks: disable TCP quickack when pure TCP checks
are used
- MEDIUM: protocol: implement a \"drain\" function in protocol
layers
- BUG/CRITICAL: fix a possible crash when using negative header
occurrences CVE-2013-2175

Wed Apr 3 14:00:00 2013 mrueckertAATTsuse.de
- update to 1.4.23 CVE-2013-1912
- CONTRIB: halog: sort URLs by avg bytes_read or total bytes_read
- BUG: fix garbage data when http-send-name-header replaces an
existing header
- BUG/MEDIUM: remove supplementary groups when changing gid
- BUG/MINOR: Correct logic in cut_crlf()
- BUG/MINOR: config: use a copy of the file name in proxy
configurations
- BUG/MINOR: epoll: correctly disable FD polling in fd_rem()
- MINOR: halog: sort output by cookie code
- BUG/MINOR: halog: -ad/-ac report the correct number of output
lines
- BUG/MINOR: halog: fix help message for -ut/-uto
- BUG/MEDIUM: http: set DONTWAIT on data when switching to tunnel
mode
- BUG/MEDIUM: command-line option -D must have precedence over
\"debug\"
- OPTIM: halog: keep a fast path for the lines-count only
- MINOR: halog: add a parameter to limit output line count
- BUG: halog: fix broken output limitation
- MEDIUM: checks: avoid accumulating TIME_WAITs during checks
- MEDIUM: checks: prevent TIME_WAITs from appearing also on
timeouts
- BUG/MAJOR: cli: show sess may randomly corrupt the
back-ref list
- BUG/MINOR: http: don\'t report client aborts as server errors
- BUG/MINOR: http: don\'t log a 503 on client errors while waiting
for requests
- BUG/MEDIUM: tcp: process could theorically crash on lack of
source ports
- BUG/MINOR: http: don\'t abort client connection on premature
responses
- BUILD: no need to clean up when making git-tar
- MINOR: http: always report PR-- flags for redirect rules
- BUG/MINOR: time: frequency counters are not totally accurate
- BUG/MINOR: http: don\'t process abortonclose when request was
sent
- BUG/MINOR: epoll: use a fix maxevents argument in epoll_wait()
- BUG/MINOR: config: fix improper check for failed memory alloc
in ACL parser
- BUG/MEDIUM: checks: ensure the health_status is always within
bounds
- CLEANUP: http: remove a useless null check
- BUG/MEDIUM: signal: signal handler does not properly check for
signal bounds
- BUG/MEDIUM: uri_auth: missing NULL check and memory leak on
memory shortage
- CLEANUP: config: slowstart is never negative
- BUILD: improve the makefile\'s support for libpcre
- BUG/MINOR: checks: fix an warning introduced by commit 2f61455a
- MEDIUM: halog: add support for counting per source address
(-ic)
- DOC: mention the new HTTP 307 and 308 redirect statues
(cherry picked from commit
b67fdc4cd8bde202f2805d98683ddab929469a05)
- MEDIUM: poll: do not use FD_
* macros anymore
- BUG/MAJOR: ev_select: disable the select() poller if maxsock >
FD_SETSIZE
- BUILD: enable poll() by default in the makefile
- BUILD: add explicit support for Mac OS/X
- BUG/CRITICAL: using HTTP information in tcp-request content may
crash the process CVE-2013-1912
- MEDIUM: http: implement redirect 307 and 308
- MINOR: http: status 301 should not be marked non-cacheable
- adapt haproxy-makefile_lib.patch to the rewritten Makefile

Mon Nov 12 13:00:00 2012 mrueckertAATTsuse.de
- switch license tag to spdx format.

Mon Nov 12 13:00:00 2012 mrueckertAATTsuse.de
- update to 1.4.22
- BUG/MEDIUM: option forwardfor if-none doesn\'t work with some
configurations
- MINOR: balance uri: added \'whole\' parameter to include query
string in hash calculation
- DOC: specify the default value for maxconn in the context of a
proxy
- BUG/MINOR: checks: expire on timeout.check if smaller than
timeout.connect
- REORG/MINOR: use dedicated proxy flags for the cookie handling
- BUG/MINOR: config: do not report twice the incompatibility
between cookie and non-http
- MINOR: http: add support for \"httponly\" and \"secure\" cookie
attributes
- MEDIUM: stats: add support for soft stop/soft start in the
admin interface
- BUILD: add support for linux kernels >= 2.6.28
- MINOR: contrib/iprange: add a network IP range to mask
converter
- BUILD: add an AIX 5.2 (and later) target.
- MINOR: halog: use the more recent dual-mode fgets2
implementation
- BUG/MEDIUM: ebtree: ebmb_insert() must not call cmp_bits on
full-length matches
- CLEANUP: halog: make clean should also remove .o files
(cherry picked from commit
8ad4193100aafa19f04929670371bf823dbe11d0)
- OPTIM: halog: make use of memchr() on platforms which provide a
fast one
- OPTIM: halog: improve cold-cache behaviour when loading a file
- [MINOR] config: make it possible to specify a cookie even
without a server
- MINOR: config: tolerate server \"cookie\" setting in non-HTTP
mode
- BUG/MINOR: tarpit: fix condition to return the HTTP 500 message

Tue Oct 30 13:00:00 2012 mrueckertAATTsuse.de
- fix description in the init script

Tue May 22 14:00:00 2012 pascal.bleserAATTopensuse.org
- update to 1.4.21 (bnc#763833) CVE-2012-2391
- MINOR: patch for minor typo (ressources/resources)
- CLEANUP: fix typo in findserver() log message
- DOC: cleanup indentation, alignment, columns and chapters
- DOC: fix some keywords arguments documentation
- MINOR: stats admin: allow unordered parameters in POST requests
- MINOR: stats admin: use the backend id instead of its name in
the form
- BUG/MAJOR: trash must always be the size of a buffer
- DOC: fix minor regex example issue and improve doc on stats
- BUG/MAJOR: possible crash when using capture headers on TCP
frontends
- MINOR: config: disable header captures in TCP mode and complain
- BUG/MEDIUM: balance source did not properly hash IPv6 addresses
- CLEANUP: http: message parser must ignore HTTP_MSG_ERROR
- CLEANUP: remove a few warning about unchecked return values in
debug code
- CLEANUP: http: remove unused http_msg->col
- BUG/MINOR: http: error snapshots are wrong if buffer wraps
- BUG/MAJOR: checks: don\'t call set_server_status_
* when no LB
algo is set
- MINOR: proxy: make findproxy() return proxies from numeric IDs
too
- BUILD: http: stop gcc-4.1.2 from complaining about possibly
uninitialized values
- BUG/MINOR: stop connect timeout when connect succeeds

Sun Mar 11 13:00:00 2012 pascal.bleserAATTopensuse.org
- update to 1.4.20:
- BUG/MINOR: fix typo in processing of http-send-name-header
- BUG/MEDIUM: correctly disable servers tracking another disabled servers.
- BUG/MEDIUM: zero-weight servers must not dequeue requests from the backend
- MINOR: halog: add some help on the command line (cherry picked from
commit 615674cdec067066a42f53f5d55628ab7b207e6c)
- BUG: queue: fix dequeueing sequence on HTTP keep-alive sessions
- BUG: http: disable TCP delayed ACKs when forwarding content-length data
- BUG: checks: fix server maintenance exit sequence
- BUG/MINOR: stream_sock: don\'t remove BF_EXPECT_MORE and BF_SEND_DONTWAIT on
partial writes
- DOC: enumerate valid status codes for \"observe layer7\"

Wed Feb 8 13:00:00 2012 mrueckertAATTsuse.de
- update to 1.4.19
- MEDIUM: http: add support for sending the server\'s name in the
outgoing request
- BUG/MINOR: fix options forwardfor if-none when an alternative
header name is specified
- MINOR: task: new function task_schedule() to schedule a wake up
- BUG/MEDIUM: checks: fix slowstart behaviour when server
tracking is in use
- BUG: tcp: option nolinger does not work on backends
- BUG: ebtree: ebst_lookup() could return the wrong entry
- BUG: http: re-enable TCP quick-ack upon incomplete HTTP
requests
- CLEANUP: ebtree: remove a few annoying signedness warnings
- CLEANUP: ebtree: remove 4-year old harmless typo in duplicates
insertion code
- CLEANUP: ebtree: remove another typo, a wrong initialization in
insertion code
- BUG: proto_tcp: set AF_INET on tproxy for use with recent
kernels
- MINOR: halog: add support for matching queued requests
- BUG: http: tighten the list of allowed characters in a URI

Wed Nov 9 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.4.18
- [MINOR] http:
*_dom matching header functions now also split on
\":\"
- [MINOR] halog: support backslash-escaped quotes
- BUILD/MINOR: fix the source URL in the spec file
- DOC: acl is http_first_req, not http_req_first
- BUG/MEDIUM: don\'t trim last spaces from headers consisting only
of spaces
- MINOR: acl: add new matches for header/path/url length
- [MINOR] halog: do not consider byte 0x8A as end of line
- [OPTIM] halog: make fgets parse more bytes by blocks
- [OPTIM] halog: add assembly version of the field lookup code
- [CLEANUP] startup: report only the basename in the usage
message
- [DOC] update the README file to reflect new naming rules for
patches

Mon Sep 5 14:00:00 2011 pascal.bleserAATTopensuse.org
- update to 1.4.17:
- [MINOR] halog: add support for termination code matching (-tcn/-TCN)
- [MINOR] halog: make SKIP_CHAR stop on field delimiters
- [MINOR] halog: add support for HTTP log matching (-H)
- [MINOR] halog: gain back performance before SKIP_CHAR fix
- [OPTIM] halog: cache some common fields positions
- [OPTIM] halog: check once for correct line format and reuse the pointer
- [OPTIM] halog: remove many \'if\' by using a function pointer for the filters
- [OPTIM] halog: remove support for tab delimiters in input data
- [MINOR] halog: add -hs/-HS to filter by HTTP status code range
- [CLEANUP] update the year in the copyright banner
- [BUG] check: http-check expect + regex would crash in defaults section
- [MEDIUM] http: make x-forwarded-for addition conditional
- [DOC] fixed a few \"sensible\" -> \"sensitive\" errors
- [MINOR] stats: display \"\" instead of the frontend name when unknown
- [BUG] http: trailing white spaces must also be trimmed after headers
- [MINOR] http: take a capture of too large requests and responses
- [MINOR] http: take a capture of truncated responses
- [MINOR] http: take a capture of bad content-lengths.

Sat Aug 13 14:00:00 2011 mrueckertAATTsuse.de
- update to version 1.4.16
- [BUG] checks: fix support of Mysqld >= 5.5 for mysql-check
- [DOC] Minor spelling fixes and grammatical enhancements
- [CLEANUP] Remove assigned but unused variables
- [BUG] checks: http-check expect could fail a check on
multi-packet responses
- [DOC] fix minor typo in the \"dispatch\" doc
- [MINOR] http: make the \"HTTP 200\" status code configurable.
- [MINOR] http: partially revert the chunking optimization for
now
- [MINOR] stream_sock: always clear BF_EXPECT_MORE upon complete
transfer
- [CLEANUP] stream_sock: remove unneeded FL_TCP and factor out
test
- [MEDIUM] http: add support for \"http-no-delay\"
- [OPTIM] http: optimize chunking again in non-interactive mode
- [OPTIM] stream_sock: avoid fast-forwarding of partial data
- [OPTIM] stream_sock: don\'t use splice on too small payloads
- [BUG] stats: support url-encoded forms
- [BUG] halog: correctly handle truncated last line
- [DOC] fix typos, \"#\" is a sharp, not a dash

Fri Apr 15 14:00:00 2011 pascal.bleserAATTopensuse.org
- revert splitting out the documentation

Thu Apr 14 14:00:00 2011 pascal.bleserAATTopensuse.org
- split out documentation and examples into haproxy-doc
- add rpmlintrc to suppress false positive warnings about
script examples in documentation files (without exec flag)
- fix license

Tue Apr 12 14:00:00 2011 mrueckertAATTsuse.de
- update to version 1.4.15
- [CRITICAL] fix risk of crash when dealing with space in
response cookies
- additional changes from 1.4.14
- [MINOR] config: fix endianness of server check port
- [BUG] http: fix possible incorrect forwarded wrapping chunk
size (take 2)
- [MINOR] tools: add two macros MID_RANGE and MAX_RANGE
- [BUG] http: fix content-length handling on 32-bit platforms
- [OPTIM] buffers: uninline buffer_forward()

Wed Mar 9 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.4.13
- config: don\'t crash on empty pattern files.
- additional changes from 1.4.12
- stats: add support for several packets in stats admin
- stats: admin commands must check the proxy state
- stats: admin web interface must check the proxy state
- http: update the header list\'s tail when removing the last
header
- fix typos (http-request instead of http-check) (cherry
picked from commit 8f2a1e72bebea700f37add40997b716fdfd86b9c)
- http: use correct ACL pointer when evaluating authentication
- cfgparse: correctly count one socket per port in ranges
- startup: set the rlimits before binding ports, not after.
- acl: srv_id must return no match when the server is NULL
- acl: fd leak when reading patterns from file
- fix minor typo in \"usesrc\"
- http: fix possible incorrect forwarded wrapping chunk size
- http: fix computation of message body length after forwarding
has started
- http: balance url_param did not work with first parameters on
POST
- update the url_param regression test to test check_post too
>>>>>>> ./haproxy.changes.r40

Tue Feb 15 13:00:00 2011 mrueckertAATTsuse.de
- update to 1.4.11
- cfgparse: Check whether the path given for the stats socket
actually fits into the sockaddr_un structure to avoid
truncation.
- fix a minor typo
- fix ignore-persist documentation
- http: fix http-pretend-keepalive and httpclose/tunnel mode
- add warnings on features not compatible with multi-process mode
- acl: add be_id/srv_id to match backend\'s and server\'s id
- log: add support for passing the forwarded hostname
- log: ability to override the syslog tag
- fix minor typos in the doc
- fix another typo in the doc
- http chunking: don\'t report a parsing error on connection
errors
- stream_interface: truncate buffers when sending error messages
- http: fix incorrect error reporting during data transfers
- session: correctly leave turn-around and queue states on abort
- session: release slot before processing pending connections
- stats: report HTTP message state and buffer flags in error
dumps
- http: support wrapping messages in error captures
- http: capture incorrectly chunked message bodies
- stats: add global event ID and count
- http: don\'t send each chunk in a separate packet
- acl: fix handling of empty lines in pattern files
- ebtree: fix ebmb_lookup() with len smaller than the tree\'s keys
- ebtree: ebmb_lookup: reduce stack usage by moving the return
code out of the loop

Mon Nov 29 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.10:

* a possible crash when using Cookie-based persistence with
appsessions was fixed

* header processing could become wrong after a single reqidel
rule removed exactly two headers

* some out-of-memory conditions were not correctly handled in
appsession or cookie captures

* users of appsessions are strongly encouraged to upgrade

Tue Nov 2 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.9:

* the Web interface now allows you to enable or disable servers

* the ECV and LDAPv3 checks were merged

* the MySQL check was improved to support a real login sequence

* persistence cookies can now be timestamped to support a maximum
idle time and a maximum life time, and can be removed by the
server if needed (e.g. logout)

* the SNMP plugin was improved to report socket stats

* some Cacti templates were merged

* the halog tool can now instantly report per-URL response times

Tue Aug 17 14:00:00 2010 mrueckertAATTsuse.de
- implement graceful restart in the init script

Tue Jun 22 14:00:00 2010 mrueckertAATTsuse.de
- update to 1.4.8:

* mention \'option http-server-close\' effect in Tq section

* summarize and highlight persistent connections behaviour

* add configuration samples

* stick_table: the fix for the memory leak caused a regression

* client: don\'t add a new session to the list too early

Thu Jun 10 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.7:

* fixes problems where consistent hashing was broken when no
server ID was specified in the configuration

* some errors were incorrectly reported as failed instead of
denied in the statistics

* the dispatch and http_proxy modes were fixed

* a few termination flags in the logs used for troubleshooting
were corrected

* a few other minor issues were fixed

* upgrading is recommended

Mon May 17 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.6:

* a minor precision about RDP cookies was added to the
documentation

* a new ACL keyword was added

* those who had no problem building and running 1.4.5 don\'t need
to upgrade
- drop haproxy-fix_dprintf.patch, merged upstream

Fri May 14 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.5:

* Haproxy can now read huge ACL pattern lists from files and
match inputs against them without any noticeable performance
impact, making geolocation possible

* adds a new \"ignore-persist\" directive, allowing it to ignore
the persistence cookie if an ACL-based condition is matched
(which is useful for static objects in stateful farms)

* a few other minor improvements

* a nice performance boost of the log analyzer, which can now
process more than 1 GB of logs per second and report request
counts by status codes

Thu Apr 8 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.4:

* brings a new option to work around optimization issues with
Tomcat and Jetty in server close mode, and for a bug in Jetty\'s
handling of Expect: 100-continue

* a very old appsession unexpected match of shorter cookie names
was also fixed

* a new feature to make it possible to connect to a server from
an IP found in a header was merged: it allows you to run
stunnel+haproxy in transparent mode together

Fri Apr 2 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.3:

* fxes a regression introduced in 1.4.2 which could cause a
connection to still be attempted on the server side in case of
an error on the client side; this issue could even lead to a
crash if a Layer7 hash algorithm was used, so this code was
strengthened

* the configuration parser now detects many more inappropriate
options in TCP mode and emits related warnings

* it is now possible to indicate in the configuration that a
server will start in the \"disabled\" state

* other very minor issues were fixed

Thu Mar 18 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.2:

* fixes a very rare case of stuck client sessions when using
keep-alive

* fixes a url_param hash bug which could result in a dead server
in very rare situations

* fixes status codes 501 and 505 which could cause a server to be
marked down if on-error was used

* fixes a risk of getting truncated HTTP responses when
chunk-encoding was used

* fixes an issue with anonymous ACLs

* improvements on health checks

Fri Mar 5 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.1:

* some errors were incorrectly reported as 502 with the flags
\"SL\" in the logs; this is now fixed

* other minor issues were fixed

* documentation was updated

Fri Feb 26 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.4.0:

* new features:
+ keep-alive
+ IP-based stickiness
+ consistent hashing
+ support for the RDP protocol
+ a much nicer stats interface
+ a much-improved performance level

* add -fno-strict-aliasing
- changes from 1.4rc1:

* new features:
+ server maintenance mode
+ HTTP authentication (server and proxy)
+ secure passwords
+ conditional request/response header rewriting using ACLs
+ anonymous ACLs that can be declared inline
+ support for HTTP/1.1 101+Upgrade status code to support non-
HTTP protocols such as WebSocket

Thu Feb 11 13:00:00 2010 mrueckertAATTsuse.de
- update to 1.3.23

Tue Sep 15 14:00:00 2009 mrueckertAATTsuse.de
- update to 1.3.20

Fri Apr 3 14:00:00 2009 mrueckertAATTsuse.de
- update to 1.3.17

Mon Mar 9 13:00:00 2009 mrueckertAATTsuse.de
- update to 1.3.15.8

Wed Feb 4 13:00:00 2009 mrueckertAATTsuse.de
- update to 1.3.15.7

Mon Sep 15 14:00:00 2008 mrueckertAATTsuse.de
- update to 1.3.15.4

Sun Nov 4 13:00:00 2007 mrueckertAATTsuse.de
- update to 1.3.13.1:
too many changes see changelog file

Sun Apr 1 14:00:00 2007 mrueckertAATTsuse.de
- prepared spec for easy split out of -snapshot packages.
- added vim syntax file

Mon Mar 19 13:00:00 2007 mrueckertAATTsuse.de
- update to 1.2.17:
- replaced the linked-list with a faster rbtree in the scheduler
- add user/group support (Marcus Rueckert)
- add the \"except\" keyword to the \"forwardfor\" option (Bryan
Germann)
- re-implemented support for multi-line headers (was
incidently reverted)
- fixed possible crash when no cookie was set on a server
- fixed various length checks in appsession
- fixed unlikely memory leak in appsession in case of memory
shortage
- updates to the architecture guide
- remove haproxy-1.2.16_username_groupname_support.patch:
patch included upstream

Sun Jan 7 13:00:00 2007 mrueckertAATTsuse.de
- initial package of 1.2.16
- added 2 patches:
haproxy-1.2.16_config_haproxy_user.patch
haproxy-1.2.16_username_groupname_support.patch
the patches allow to specify username and groupname instead of
uid/gid. The patches are needed as we do not have a static
uid/gid for the haproxy user/group.