Hi. as usual the new images are also available on docker hub.
https://hub.docker.com/r/me2digital/haproxy18/ https://hub.docker.com/r/me2digital/openshift-ocp-router-hap18/ Best Regards Aleks Am 23.03.2018 um 17:18 schrieb Willy Tarreau: > Hi, > > HAProxy 1.8.5 was released on 2018/03/23. It added 51 new commits > after version 1.8.4, about a third of which are moderate bug fixes. > > The most important fix concerns the queue management when threads are > enabled. Till now, in case connections handled by different threads > would be handled by a same server where the maxconn limit is reached, > there were some non-thread safe operations during the dequeue, which > could cause freezes, memory corruption and crashes. This has been fixed. > > A small number of other issues were related to threads, and a other ones > to HTTP/2. Half of the fixes are mostly annoyance of low importance and > affect older versions as well. I won't enumerate all areas as it's spread > all over the code. > > Some known issues remain (we tried to address quite a number of them with > this release but delaying forever is not an option). One of them that I > want to work on is the fact that we don't use transfer-encoding for HTTP/2 > requests that miss a content-length. It requires delicate changes to the > H2 code that will be much easy to do in 1.9 than in 1.8 so I'll have to > figure how to do them without breaking anything. Some other issues were > reported, like a strange memory corruption on HTTP/2, which makes no > sense from the code perspective unless it was a side effect of the > "dbuf_wait" bug. It looks slightly possible for it to indirectly cause > this effect but the conditions to join together are hard to figure. For > this reason, I'd really appreciate it if future reports are made on 1.8.5 > only : previous ones suffer from a few known bugs making reports unreliable. > > Overall despite these few remaining issues, we're getting much better. > This version should have been emitted earlier. We try to issue them as > often as possible but when you're focused on your code, time flies very > quickly. Do not hesitate to ping us when you're waiting for a release > (and thanks Olivier for the reminder). > > So don't waste your time in front of TV on a possibly rainy week-end, > and have fun upgrading all your instances ;-) > > Please find the usual URLs below : > Site index : http://www.haproxy.org/ > Discourse : http://discourse.haproxy.org/ > Sources : http://www.haproxy.org/download/1.8/src/ > Git repository : http://git.haproxy.org/git/haproxy-1.8.git/ > Git Web browsing : http://git.haproxy.org/?p=haproxy-1.8.git > Changelog : http://www.haproxy.org/download/1.8/src/CHANGELOG > Cyril's HTML doc : http://cbonte.github.io/haproxy-dconv/ > > Willy > --- > Complete changelog : > Aurélien Nephtali (6): > BUG/MINOR: init: Add missing brackets in the code parsing -sf/-st > BUG/MINOR: cli: Fix a crash when passing a negative or too large value > to "show fd" > CLEANUP: ssl: Remove a duplicated #include > CLEANUP: cli: Remove a leftover debug message > BUG/MINOR: cli: Fix a typo in the 'set rate-limit' usage > BUG/MINOR: cli: Fix a crash when sending a command with too many > arguments > > Baptiste Assmann (3): > BUG/MINOR: dns: don't downgrade DNS accepted payload size automatically > BUG/MEDIUM: tcp-check: single connect rule can't detect DOWN servers > BUG/MINOR: tcp-check: use the server's service port as a fallback > > Bernard Spil (1): > BUILD: ssl: Fix build with OpenSSL without NPN capability > > Christopher Faulet (12): > BUG/MEDIUM: ssl: Shutdown the connection for reading on > SSL_ERROR_SYSCALL > BUG/MINOR: ssl/threads: Make management of the TLS ticket keys files > thread-safe > BUG/MEDIUM: http: Switch the HTTP response in tunnel mode as earlier as > possible > BUG/MINOR: h2: Set the target of dbuf_wait to h2c > BUG/MEDIUM: buffer: Fix the wrapping case in bo_putblk > BUG/MEDIUM: buffer: Fix the wrapping case in bi_putblk > CLEANUP: .gitignore: Ignore binaries from the contrib directory > BUG/MEDIUM: spoe: Remove idle applets from idle list when HAProxy is > stopping > BUG/MEDIUM: threads/unix: Fix a deadlock when a listener is temporarily > disabled > BUG/MAJOR: threads/queue: Fix thread-safety issues on the queues > management > BUG/MEDIUM: threads/queue: wake up other threads upon dequeue > BUG/MINOR: listener: Don't decrease actconn twice when a new session is > rejected > > Cyril Bonté (3): > BUG/MEDIUM: fix a 100% cpu usage with cpu-map and nbthread/nbproc > BUG/MINOR: force-persist and ignore-persist only apply to backends > DOC: log: more than 2 log servers are allowed > > Emeric Brun (2): > BUG/MEDIUM: ssl/sample: ssl_bc_* fetch keywords are broken. > BUG/MINOR: session: Fix tcp-request session failure if handshake. > > Emmanuel Hocdet (1): > Revert "BUG/MINOR: send-proxy-v2: string size must include ('\0')" > > Lukas Tribus (1): > DOC: don't suggest using http-server-close > > Olivier Houchard (3): > BUG/MEDIUM: ssl: Don't always treat SSL_ERROR_SYSCALL as unrecovarable. > BUG/MINOR: unix: Don't mess up when removing the socket from the > xfer_sock_list. > BUG/MINOR: seemless reload: Fix crash when an interface is specified. > > Thierry FOURNIER (3): > DOC: lua: new prototype for function "register_action()" > BUG/MINOR: spoa-example: unexpected behavior for more than 127 args > BUG/MINOR: lua: return bad error messages > > Thierry Fournier (1): > MINOR/BUILD: fix Lua build on Mac OS X > > Tim Duesterhus (4): > DOC: cfgparse: Warn on option (tcp|http)log in backend > MINOR: systemd: Add section for SystemD sandboxing to unit file > MINOR: systemd: Add SystemD's Protect*= options to the unit file > MINOR: systemd: Add SystemD's SystemCallFilter option to the unit file > > Willy Tarreau (10): > BUG/MINOR: threads: fix missing thread lock labels for 1.8 > BUG/MINOR: debug/pools: properly handle out-of-memory when building > with DEBUG_UAF > MINOR: debug/pools: make DEBUG_UAF also detect underflows > BUG/MEDIUM: h2: always consume any trailing data after end of output > buffers > BUILD/MINOR: fix Lua build on Mac OS X (again) > BUG/MEDIUM: h2: also arm the h2 timeout when sending > MINOR: log: stop emitting alerts when it's not possible to write on the > socket > BUILD/BUG: enable -fno-strict-overflow by default > BUG/MEDIUM: h2: properly account for DATA padding in flow control > BUG/MINOR: h2: ensure we can never send an RST_STREAM in response to an > RST_STREAM > > Yves Lafon (1): > MINOR: stats: display the number of threads in the statistics. > > --- > >
