Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

haproxy-3.1.0+git0.f2b97918e-2.1 RPM for i586

From OpenSuSE Ports Tumbleweed for i586

Name: haproxy Distribution: openSUSE Tumbleweed
Version: 3.1.0+git0.f2b97918e Vendor: openSUSE
Release: 2.1 Build date: Tue Nov 26 15:57:39 2024
Group: Productivity/Networking/Web/Proxy Build host: reproducible
Size: 9570095 Source RPM: haproxy-3.1.0+git0.f2b97918e-2.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.haproxy.org/
Summary: The Reliable, High Performance TCP/HTTP Load Balancer
HAProxy implements an event-driven, mono-process model which enables support
for very high number of simultaneous connections at very high speeds.
Multi-process or multi-threaded models can rarely cope with thousands of
connections because of memory limits, system scheduler limits, and lock
contention everywhere. Event-driven models do not have these problems because
implementing all the tasks in user-space allows a finer resource and time
management. The down side is that those programs generally don't scale well on
multi-processor systems. That's the reason why they must be optimized to get
the most work done from every CPU cycle.

Provides

Requires

License

GPL-3.0+ and LGPL-2.1+

Changelog

* Tue Nov 26 2024 [email protected]
  - Update to version 3.1.0+git0.f2b97918e:
    https://www.mail-archive.com/[email protected]/msg45435.html
    https://www.haproxy.com/blog/announcing-haproxy-3-1
* Thu Nov 07 2024 [email protected]
  - Update to version 3.0.6+git0.c2c009086:
    * [RELEASE] Released version 3.0.6
    * MINOR: debug: move the "recover now" warn message after the optional notes
    * BUILD: Missing inclusion header for ssize_t type
    * BUILD: debug: also declare strlen() in __ABORT_NOW()
    * DEBUG: wdt: add a stats counter "BlockedTrafficWarnings" in show info
    * DEBUG: wdt: make the blocked traffic warning delay configurable
    * DEBUG: cli: make it possible for "debug dev loop" to trigger warnings
    * DEBUG: wdt: better detect apparently locked up threads and warn about them
    * MINOR: debug: add a function to dump a stuck thread
    * MINOR: wdt: move the local timers to a struct
    * MINOR: debug: remove the redundant process.thread_info array from post_mortem
    * MINOR: debug: also add fdtab and acitvity to struct post_mortem
    * MINOR: debug: also add a pointer to struct global to post_mortem
    * MINOR: debug: do not limit backtraces to stuck threads
    * MINOR: debug: print gdb hints when crashing
    * MINOR: connection: add new sample fetch functions fc_err_name and bc_err_name
    * MINOR: rawsock: set connection error codes when returning from recv/send/splice
    * MINOR: connection: add more connection error codes to cover common errno
    * BUG/MINOR: stats: Fix the name for the total number of streams created
    * MINOR: stream/stats: Expose the total number of streams ever created in stats
    * MINOR: stream/stats: Expose the current number of streams in stats
    * MINOR: cli/debug: show dev: add cmdline and version
    * BUG/MINOR: quic: fix malformed probing packet building
    * CLEANUP: connection: properly name the CO_ER_SSL_FATAL enum entry
    * DOC: config: document connection error 44 (reverse connect failure)
    * BUG/MEDIUM: promex: Fix dump of extra counters
    * MINOR: stream: Save last evaluated rule on invalid yield
    * BUG/MINOR: http-ana: Report internal error if an action yields on a final eval
    * BUG/MEDIUM: mux-h1: Fix how timeouts are applied on H1 connections
    * DOC: config: add missing glitch_{cnt,rate} sample definitions
    * DOC: config: add missing glitch_{cnt,rate} data types
    * BUG/MINOR: ssl/cli: 'set ssl cert' does not check the transaction name correctly
    * BUG/MINOR: trace: stop rewriting argv with -dt
    * MINOR: cli: remove non-printable characters from 'debug dev fd'
    * MINOR: debug: store important pointers in post_mortem
    * MINOR: debug: place the post_mortem struct in its own section.
    * MINOR: debug: place a magic pattern at the beginning of post_mortem
    * MINOR: pools: export the pools variable
    * BUILD: debug: silence a build warning with threads disabled
    * BUG/MEDIUM: server: fix race on servers_list during server deletion
    * BUG/MINOR: stconn: Don't disable 0-copy FF if EOS was reported on consumer side
    * BUG/MINOR: http-ana: Fix wrong client abort reports during responses forwarding
    * BUG/MEDIUM: stconn: Report blocked send if sends are blocked by an error
    * BUG/MINOR: server: fix dynamic server leak with check on failed init
    * MINOR: activity/memprofile: show per-DSO stats
    * MINOR: activity/memprofile: always return "other" bin on NULL return address
    * BUG/MEDIUM: connection/http-reuse: fix address collision on unhandled address families
    * BUG/MEDIUM: mux-h2: Remove H2S from send list if data are sent via 0-copy FF
    * BUG/MEDIUM: stats-html: Never dump more data than expected during 0-copy FF
    * BUG/MINOR: mux-quic: do not close STREAM with empty FIN if no data sent
    * BUG/MINOR: mworker: fix mworker-max-reloads parser
    * DOC: config: fix rfc7239 forwarded typo in desc
    * BUG/MEDIUM: quic: avoid freezing 0RTT connections
    * BUG/MINOR: quic: avoid leaking post handshake frames
    * REGTESTS: Never reuse server connection in http-messaging/truncated.vtc
    * BUG/MAJOR: filters/htx: Add a flag to state the payload is altered by a filter
    * BUG/MEDIUM: stconn: Check FF data of SC to perform a shutdown in sc_notify()
    * BUG/MINOR: http-ana: Don't report a server abort if response payload is invalid
    * BUG/MEDIUM: stconn: Wait iobuf is empty to shut SE down during a check send
    * BUG/MINOR: httpclient: return NULL when no proxy available during httpclient_new()
    * BUG/MEDIUM: queue: make sure never to queue when there's no more served conns
    * BUG/MEDIUM: mux-quic: ensure timeout server is active for short requests
    * BUG/MEDIUM: hlua: properly handle sample func errors in hlua_run_sample_{fetch,conv}()
    * BUG/MEDIUM: hlua: make hlua_ctx_renew() safe
    * BUG/MEDIUM: server: server stuck in maintenance after FQDN change
    * MEDIUM: debug: on panic, make the target thread automatically allocate its buf
    * MINOR: debug: replace ha_thread_dump() with its two components
    * MINOR: debug: make ha_thread_dump_done() take the pointer to be used
    * MINOR: debug: slightly change the thread_dump_pointer signification
    * MINOR: debug: split ha_thread_dump() in two parts
    * MINOR: chunk: drop the global thread_dump_buffer
    * MINOR: debug: make mark_tainted() return the previous value
    * BUG/MINOR: http-ana: Disable fast-fwd for unfinished req waiting for upgrade
    * BUG/MINOR: mux-h1: Fix condition to set EOI on SE during zero-copy forwarding
    * BUG/MEDIUM: queue: always dequeue the backend when redistributing the last server
    * MINOR: server: make srv_shutdown_sessions() call pendconn_redistribute()
    * BUG/MINOR: queue: make sure that maintenance redispatches server queue
    * BUG/MEDIUM: stream: make stream_shutdown() async-safe
    * MINOR: task: define two new one-shot events for use with WOKEN_OTHER or MSG
    * MINOR: tools: do not attempt to use backtrace() on linux without glibc
    * BUILD: tools: only include execinfo.h for the real backtrace() function
    * BUG/MINOR: cfgparse-global: fix allowed args number for setenv
    * BUG/MINOR: server: make sure the HMAINT state is part of MAINT
    * BUG/MEDIUM: cli: Deadlock when setting frontend maxconn
    * BUG/MEDIUM: cli: Be sure to catch immediate client abort
    * BUG/MINOR: mux-quic: report glitches to session
    * REGTESTS: shorten a bit the delay for the h1/h2 upgrade test
    * REGTESTS: h1/h2: Update script testing H1/H2 protocol upgrades
    * BUG/MEDIUM: mux-h1/mux-h2: Reject upgrades with payload on H2 side only
    * MINOR: mux-h1: Set EOI on SE during demux when both side are in DONE state
    * BUG/MINOR: h2: reject extended connect for h2c protocol
    * BUG/MINOR: h1: do not forward h2c upgrade header token
    * MINOR: connection: No longer include stconn type header in connection-t.h
* Mon Sep 30 2024 [email protected]
  - Update to version 3.0.5+git0.8e879a52e: (VUL-0: CVE-2024-49214 boo#1231612)
    * [RELEASE] Released version 3.0.5
    * BUG/MINOR: quic: prevent freeze after early QCS closure
    * BUG/MEDIUM: quic: handle retransmit for standalone FIN STREAM
    * MINOR: quic: implement function to check if STREAM is fully acked
    * MINOR: quic: convert qc_stream_desc release field to flags
    * BUG/MINOR: cfgparse-listen: fix option httpslog override warning message
    * BUG/MEDIUM: promex: Wait to have the request before sending the response
    * BUG/MEDIUM: cache/stats: Wait to have the request before sending the response
    * BUG/MEDIUM: sc_strm/applet: Wake applet after a successfull synchronous send
    * DOC: config: Explicitly list relaxing rules for accept-invalid-http-* options
    * BUG/MINOR: peers: local entries updates may not be advertised after resync
    * BUG/MEDIUM: queue: implement a flag to check for the dequeuing
    * BUG/MINOR: clock: validate that now_offset still applies to the current date
    * BUG/MINOR: clock: make time jump corrections a bit more accurate
    * BUG/MINOR: polling: fix time reporting when using busy polling
    * MEDIUM: h1: Accept invalid T-E values with accept-invalid-http-response option
    * BUG/MINOR: pattern: do not leave a leading comma on "set" error messages
    * BUG/MINOR: h1-htx: Don't flag response as bodyless when a tunnel is established
    * BUG/MAJOR: mux-h1: Wake SC to perform 0-copy forwarding in CLOSING state
    * BUG/MEDIUM: pattern: prevent UAF on reused pattern expr
    * BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()
    * BUG/MEDIUM: clock: detect and cover jumps during execution
    * REGTESTS: fix random failures with wrong_ip_port_logging.vtc under load
    * DOC: configuration: place the HAPROXY_HTTP_LOG_FMT example on the correct line
    * BUG/MINOR: quic: Too short datagram during packet building failures (aws-lc only)
    * BUG/MINOR: quic: Crash from trace dumping SSL eary data status (AWS-LC)
    * BUG/MEDIUM: quic: always validate sender address on 0-RTT
    * MINOR: quic: Add trace for QUIC_EV_CONN_IO_CB event.
    * MINOR: quic: Implement qc_ssl_eary_data_accepted().
    * MINOR: quic: Modify NEW_TOKEN frame structure (qf_new_token struct)
    * BUG/MINOR: quic: Missing incrementation in NEW_TOKEN frame builder
    * MINOR: quic: Token for future connections implementation.
    * MEDIUM: ssl/quic: implement quic crypto with EVP_AEAD
    * MINOR: quic: Implement quic_tls_derive_token_secret().
    * MINOR: tools: Implement ipaddrcpy().
    * BUG/MEDIUM: clock: also update the date offset on time jumps
    * BUILD: quic: 32bits build broken by wrong integer conversions for printf()
    * BUG/MINOR: cfgparse-global: remove tune.fast-forward from common_kw_list
    * DOC: config: correct the table for option tcplog
    * BUG/MINOR: pattern: pat_ref_set: return 0 if err was found
    * BUG/MINOR: pattern: pat_ref_set: fix UAF reported by coverity
    * BUG/MINOR: h3: properly reject too long header responses
    * BUG/MINOR: proto_uxst: delete fd from fdtab if listen() fails
    * BUG/MINOR: mux-quic: do not send too big MAX_STREAMS ID
    * REGTESTS: mcli: test the pipelined commands on master CLI
    * BUG/MEDIUM: mworker/cli: fix pipelined modes on master CLI
    * MINOR: channel: implement ci_insert() function
    * BUG/MINOR: proto_tcp: keep error msg if listen() fails
    * BUG/MINOR: proto_tcp: delete fd from fdtab if listen() fails
    * BUG/MINOR: quic/trace: make quic_conn_enc_level_init() emit NEW not CLOSE
    * BUG/MINOR: trace/quic: make "qconn" selectable as a lockon criterion
    * BUG/MINOR: trace: automatically start in waiting mode with "start <evt>"
    * BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED()
    * BUG/MINOR: trace/quic: permit to lock on frontend/connect/session etc
    * BUG/MINOR: trace/quic: enable conn/session pointer recovery from quic_conn
    * DOC: configuration: fix alphabetical ordering of {bs,fs}.aborted
    * BUG/MINOR: fcgi-app: handle a possible strdup() failure
    * BUG/MEDIUM: peer: Notify the applet won't consume data when it waits for sync
    * BUG/MEDIUM: mux-h2: Propagate term flags to SE on error in h2s_wake_one_stream
    * BUG/MEDIUM: h2: Only report early HTX EOM for tunneled streams
    * BUG/MEDIUM: http-ana: Report error on write error waiting for the response
    * BUG/MEDIUM: quic: prevent conn freeze on 0RTT undeciphered content
    * BUG/MEDIUM: ssl: 0-RTT initialized at the wrong place for AWS-LC
    * BUG/MEDIUM: ssl: reactivate 0-RTT for AWS-LC
    * BUG/MINOR: stconn: bs.id and fs.id had their dependencies incorrect
    * BUILD: mux-pt: Use the right name for the sedesc variable
    * BUG/MEDIUM: mux-pt/mux-h1: Release the pipe on connection error on sending path
    * BUG/MEDIUM: stconn: Report error on SC on send if a previous SE error was set
    * BUG/MEDIUM: server/addr: fix tune.events.max-events-at-once event miss and leak
* Tue Sep 03 2024 [email protected]
  - Update to version 3.0.4+git0.7a59afa93: (CVE-2024-45506 boo#1229993)
    * [RELEASE] Released version 3.0.4
    * BUG/MEDIUM: mux-pt: Fix condition to perform a shutdown for writes in mux_pt_shut()
    * BUG/MINOR: Crash on O-RTT RX packet after dropping Initial pktns
    * BUG/MINOR: quic: Too shord datagram during O-RTT handshakes (aws-lc only)
    * BUG/MAJOR: mux-h2: always clear MUX_MFULL and DEM_MROOM when clearing the mbuf
    * MINOR: mux-h2: try to clear DEM_MROOM and MUX_MFULL at more places
    * BUG/MEDIUM: mux-h1: Properly handle empty message when an error is triggered
    * BUG/MINOR: quic: unexploited retransmission cases for Initial pktns.
    * BUG/MEDIUM: cli: Always release back endpoint between two commands on the mcli
    * BUG/MEDIUM: mux-pt: Never fully close the connection on shutdown
    * BUG/MINIR: proxy: Match on 429 status when trying to perform a L7 retry
    * BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready
    * BUG/MEDIUM: mux-h2: Set ES flag when necessary on 0-copy data forwarding
    * MINOR: proxy: Add support of 429-Too-Many-Requests in retry-on status
    * DOC: quic: fix default minimal value for max window size
    * MEDIUM: log: relax some checks and emit diag warnings instead in lf_expr_postcheck()
    * Revert "MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface"
    * BUG/MEDIUM: init: fix fd_hard_limit default in compute_ideal_maxconn
    * MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD (take #2)
    * BUG/MEDIUM: queue: deal with a rare TOCTOU in assign_server_and_queue()
    * MINOR: queue: add a function to check for TOCTOU after queueing
    * MEDIUM: h1: allow to preserve keep-alive on T-E + C-L
    * MINOR: quic: Add information to "show quic" for CUBIC cc.
    * MINOR: quic: Dump TX in flight bytes vs window values ratio.
    * BUG/MEDIUM: jwt: Clear SSL error queue on error when checking the signature
    * BUG/MINOR: quic: Lack of precision when computing K (cubic only cc)
    * MEDIUM: sink: don't set NOLINGER flag on the outgoing stream interface
    * BUG/MINOR: quic: Non optimal first datagram.
    * BUG/MINOR: cli: Atomically inc the global request counter between CLI commands
    * BUG/MINOR: server: Don't warn fallback IP is used during init-addr resolution
    * BUG/MINOR: stick-table: fix crash for src_inc_gpc() without stkcounter
    * DOC: config: improve the http-keep-alive section
    * DOC: configuration: issuers-chain-path not compatible with OCSP
    * BUG/MAJOR: mux-h2: force a hard error upon short read with pending error
    * BUG/MEDIUM: ssl_sock: fix deadlock in ssl_sock_load_ocsp() on error path
    * DOC: install: don't reference removed CPU arg
    * BUG/MEDIUM: debug/cli: fix "show threads" crashing with low thread counts
    * BUG/MINOR: session: Eval L4/L5 rules defined in the default section
    * CLEANUP: quic: rename TID affinity elements
    * CLEANUP: proto: rename TID affinity callbacks
    * BUG/MEDIUM: quic: prevent crash on accept queue full
    * BUILD: listener: silence a build warning about unused value without threads
    * MINOR: proto: extend connection thread rebind API
* Thu Jul 11 2024 Marcus Rueckert <[email protected]>
  - refreshed patches:
    haproxy-1.6.0-makefile_lib.patch
    haproxy-1.6.0-sec-options.patch
* Thu Jul 11 2024 [email protected]
  - Update to version 3.0.3+git0.95a607c4b:
    * [RELEASE] Released version 3.0.3
    * BUG/MEDIUM: bwlim: Be sure to never set the analyze expiration date in past
    * DEV: flags/quic: decode quic_conn flags
    * BUG/MEDIUM: spoe: Be sure to create a SPOE applet if none on the current thread
    * BUG/MEDIUM: h1: Reject empty Transfer-encoding header
    * BUG/MINOR: h1: Reject empty coding name as last transfer-encoding value
    * BUG/MINOR: h1: Fail to parse empty transfer coding names
    * BUG/MINOR: jwt: fix variable initialisation
    * Revert "MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD"
    * BUG/MEDIUM: peers: Fix crash when syncing learn state of a peer without appctx
    * DOC: configuration: update maxconn description
    * MEDIUM: init: set default for fd_hard_limit via DEFAULT_MAXFD
    * BUG/MINOR: jwt: don't try to load files with HMAC algorithm
    * BUG/MEDIUM: server: fix race on server_atomic_sync()
    * DOC: configuration: more details about the master-worker mode
    * BUG/MEDIUM: hlua/cli: Fix lua CLI commands to work with applet's buffers
    * BUG/MINOR: promex: Remove Help prefix repeated twice for each metric
    * BUG/MEDIUM: quic: fix possible exit from qc_check_dcid() without unlocking
    * BUG/MINOR: quic: fix race-condition on trace for CID retrieval
    * BUG/MINOR: quic: fix race condition in qc_check_dcid()
    * BUG/MEDIUM: quic: fix race-condition in quic_get_cid_tid()
    * BUG/MEDIUM: h3: ensure the ":scheme" pseudo header is totally valid
    * BUG/MEDIUM: h3: ensure the ":method" pseudo header is totally valid
    * BUG/MEDIUM: server/dns: prevent DOWN/UP flap upon resolution timeout or error
    * MINOR: activity: make the memory profiling hash size configurable at build time
    * BUG/MINOR: server: fix first server template name lookup UAF
    * DOC: configuration: add details about crt-store in bind "crt" keyword
    * BUG/MEDIUM: stick-table: Decrement the ref count inside lock to kill a session
    * BUG/MINOR: hlua: report proper context upon error in hlua_cli_io_handler_fct()
    * DEV: flags/show-fd-to-flags: adapt to recent versions
    * BUG/MINOR: quic: fix BUG_ON() on Tx pkt alloc failure
    * BUG/MINOR: h3: fix BUG_ON() crash on control stream alloc failure
    * BUG/MINOR: mux-quic: fix crash on qcs SD alloc failure
    * BUG/MINOR: h3: fix crash on STOP_SENDING receive after GOAWAY emission
    * DOC: api/event_hdl: small updates, fix an example and add some precisions
    * SCRIPTS: git-show-backports: do not truncate git-show output
    * BUG/MAJOR: quic: fix padding with short packets
    * DOC: management: document ptr lookup for table commands
    * DOC: configuration: fix alphabetical order of bind options
    * BUG/MEDIUM: proxy: fix email-alert invalid free
    * REGTESTS: ssl: fix some regtests 'feature cmd' start condition
    * DEBUG: hlua: distinguish burst timeout errors from exec timeout errors
    * BUG/MINOR: log: fix broken '+bin' logformat node option
* Sun Jun 16 2024 [email protected]
  - Update to version 3.0.2+git0.a45a8e623:
    * [RELEASE] Released version 3.0.2
    * DOC: management: rename show stats domain cli "dns" to "resolvers"
    * DOC/MINOR: management: add -dZ option
    * DOC/MINOR: management: add missed -dR and -dv options
    * BUG/MINOR: quic: fix padding of INITIAL packets
    * BUG/MAJOR: mux-h1: Prevent any UAF on H1 connection after draining a request
    * CLEANUP: log/proxy: fix comment in proxy_free_common()
    * BUG/MEDIUM: proxy: fix UAF with {tcp,http}checks logformat expressions
    * MINOR: proxy: add proxy_free_common() helper function
    * BUG/MINOR: promex: Skip resolvers metrics when there is no resolver section
    * DOC: config: add missing context hint for new server and proxy keywords
    * DOC: config: add missing section hint for "guid" proxy keyword
    * DOC: config: move "hash-key" from proxy to server options
    * BUG/MEDIUM: log: fix lf_expr_postcheck() behavior with default section
    * BUG/MINOR: proxy: fix header_unique_id leak on deinit()
    * BUG/MINOR: proxy: fix source interface and usesrc leaks on deinit()
    * BUG/MINOR: proxy: fix dyncookie_key leak on deinit()
    * BUG/MINOR: proxy: fix check_{command,path} leak on deinit()
    * BUG/MINOR: proxy: fix email-alert leak on deinit()
    * BUG/MINOR: proxy: fix log_tag leak on deinit()
    * BUG/MINOR: proxy: fix server_id_hdr_name leak on deinit()
    * MINOR: log: fix "http-send-name-header" ignore warning message
* Mon Jun 10 2024 [email protected]
  - Update to version 3.0.1+git0.471a1b2f1:
    * [RELEASE] Released version 3.0.1
    * BUG/MINOR: mux-h1: Use the right variable to set NEGO_FF_FL_EXACT_SIZE flag
    * BUG/MAJOR: mux-h1:  Properly copy chunked input data during zero-copy nego
    * BUG/MEDIUM: stconn/mux-h1: Fix suspect change causing timeouts
    * BUG/MINOR: quic: ensure Tx buf is always purged
    * BUG/MINOR: quic: fix computed length of emitted STREAM frames
    * BUG/MEDIUM: ssl: bad auth selection with TLS1.2 and WolfSSL
    * BUG/MEDIUM: ssl: wrong priority whem limiting ECDSA ciphers in ECDSA+RSA configuration
    * BUG/MEDIUM: mux-quic: Don't unblock zero-copy fwding if blocked during nego
    * CLEANUP: hlua: simplify ambiguous lua_insert() usage in hlua_ctx_resume()
    * BUG/MINOR: hlua: fix leak in hlua_ckch_set() error path
    * BUG/MINOR: hlua: prevent LJMP in hlua_traceback()
    * BUG/MINOR: hlua: fix unsafe hlua_pusherror() usage
    * BUG/MINOR: hlua: don't use lua_pushfstring() when we don't expect LJMP
    * CLEANUP: hlua: use hlua_pusherror() where relevant
    * BUG/MINOR: quic: prevent crash on qc_kill_conn()
    * BUG/MEDIUM: mux-quic: Unblock zero-copy forwarding if the txbuf can be released
    * MEDIUM: stconn: Be able to unblock zero-copy data forwarding from done_fastfwd
    * BUG/MEDIUM: h1-htx: Don't state interim responses are bodyless
    * BUG/MINOR: hlua: use CertCache.set() from various hlua contexts
    * DOC: configuration: add an example for keywords from crt-store
    * BUG/MINOR: tools: fix possible null-deref in env_expand() on out-of-memory
    * BUG/MINOR: tcpcheck: report correct error in tcp-check rule parser
    * BUG/MINOR: cfgparse: remove the correct option on httpcheck send-state warning
* Fri May 31 2024 Marcus Rueckert <[email protected]>
  - AppArmor: allow haproxy to read the files needed for the
    "p post_mortem" support
* Wed May 29 2024 [email protected]
  - Update to version 3.0.0+git0.5590ada47:
    https://www.haproxy.com/blog/announcing-haproxy-3-0
    https://www.mail-archive.com/[email protected]/msg44993.html
* Mon Feb 26 2024 [email protected]
  - Update to version 2.9.6+git0.9eafce5dc:
    * [RELEASE] Released version 2.9.6
    * BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI
    * BUG/MAJOR: promex: fix crash on deleted server
* Mon Feb 26 2024 [email protected]
  - Update to version 2.9.5+git0.260dbb8a6:
    * [RELEASE] Released version 2.9.5
    * BUG/MEDIUM: mux-h2: Don't report error on SE for closed H2 streams
    * BUG/MEDIUM: mux-h2: Don't report error on SE if error is only pending on H2C
    * BUG/MEDIUM: mux-h2: Only Report H2C error on read error if demux buffer is empty
    * BUG/MEDIUM: mux-h2: Switch pending error to error if demux buffer is empty
    * MINOR: muxes/applet: Simplify checks on options to disable zero-copy forwarding
    * BUG/MAJOR: stconn: Check support for zero-copy forwarding on both sides
    * MINOR: muxes: Announce support for zero-copy forwarding on consumer side
    * MINOR: stconn: Add SE flag to announce zero-copy forwarding on consumer side
    * MINOR: stconn: Rename SE_FL_MAY_FASTFWD and reorder bitfield
    * CLEANUP: stconn: Move SE flags set by app layer at the end of the bitfield
    * BUG/MEDIUM: stconn: Don't check pending shutdown to wake an applet up
    * BUG/MEDIUM: stconn: Allow expiration update when READ/WRITE event is pending
    * MINOR: quic: Add a counter for reordered packets
    * MINOR: quic: Dynamic packet reordering threshold
    * MINOR: quic: Update K CUBIC calculation (RFC 9438)
    * BUG/MEDIUM: quic: Wrong K CUBIC calculation.
    * BUG/MEDIUM: ssl: Fix crash when calling "update ssl ocsp-response" when an update is ongoing
    * BUG/MEDIUM: pool: fix rare risk of deadlock in pool_flush()
    * BUILD: address a few remaining calloc(size, n) cases
    * CI: Update to actions/cache@v4
    * BUG/MEDIUM: cli: fix once for all the problem of missing trailing LFs
    * BUG/MINOR: vars/cli: fix missing LF after "get var" output
    * DOC: internal: update missing data types in peers-v2.0.txt
    * DOC: config: fix misplaced "bytes_{in,out}"
    * DOC: config: fix typos for "bytes_{in,out}"
    * DOC: config: fix misplaced "txn.conn_retries"
    * DOC: install: recommend pcre2
    * REGTESTS: ssl: Add OCSP related tests
    * REGTESTS: ssl: Fix empty line in cli command input
    * BUG/MINOR: ssl: Reenable ocsp auto-update after an "add ssl crt-list"
    * BUG/MINOR: ssl: Destroy ckch instances before the store during deinit
    * BUG/MEDIUM: ocsp: Separate refcount per instance and per store
    * MINOR: ssl: Use OCSP_CERTID instead of ckch_store in ckch_store_build_certid
    * BUG/MINOR: ssl: Clear the ckch instance when deleting a crt-list line
    * BUG/MINOR: ssl: Duplicate ocsp update mode when dup'ing ckch
    * MINOR: debug: make BUG_ON() catch build errors even without DEBUG_STRICT
    * BUILD: debug: remove leftover parentheses in ABORT_NOW()
    * MINOR: debug: make ABORT_NOW() store the caller's line number when using abort
    * MINOR: debug: make sure calls to ha_crash_now() are never merged
    * MINOR: compiler: add a new DO_NOT_FOLD() macro to prevent code folding
    * MINOR: quic: Stop using 1024th of a second.
    * BUG/MINOR: quic: fix possible integer wrap around in cubic window calculation
    * CLEANUP: quic: Code clarifications for QUIC CUBIC (RFC 9438)
    * BUG/MINOR: ssl: Fix error message after ssl_sock_load_ocsp call
    * BUILD: quic: Variable name typo inside a BUG_ON().
    * BUG/MINOR: quic: Wrong ack ranges handling when reaching the limit.
    * BUG/MINOR: diag: run the final diags before quitting when using -c
    * BUG/MINOR: diag: always show the version before dumping a diag warning
* Mon Feb 26 2024 [email protected]
  - Update to version 2.9.4+git0.4e071ad92:
    * [RELEASE] Released version 2.9.4
    * BUG/MEDIUM: h1: always reject the NUL character in header values
    * BUG/MINOR: h1-htx: properly initialize the err_pos field
    * DOC: httpclient: add dedicated httpclient section
    * BUG/MEDIUM: h1: Don't support LF only to mark the end of a chunk size
    * BUG/MINOR: h1: Don't support LF only at the end of chunks
    * BUG/MEDIUM: quic: fix crash on invalid qc_stream_buf_free() BUG_ON
    * BUG/MEDIUM: qpack: allow 6xx..9xx status codes
    * BUG/MEDIUM: h3: do not crash on invalid response status code
    * MINOR: h3: add traces for stream sending function
    * BUG/MAJOR: ssl_sock: Always clear retry flags in read/write functions
    * DOC: configuration: clarify http-request wait-for-body
    * BUG/MEDIUM: quic: remove unsent data from qc_stream_desc buf
    * MINOR: quic: extract qc_stream_buf free in a dedicated function
    * MINOR: quic: Stop hardcoding a scale shifting value (CUBIC_BETA_SCALE_FACTOR_SHIFT)
    * CLEANUP: quic: Remove unused CUBIC_BETA_SCALE_FACTOR_SHIFT macro.
    * BUG/MINOR: quic: newreno QUIC congestion control algorithm no more available
    * BUG/MEDIUM: cache: Fix crash when deleting secondary entry
    * BUG/MINOR: hlua: fix uninitialized var in hlua_core_get_var()
    * BUG/MINOR: jwt: fix jwt_verify crash on 32-bit archs
    * BUG/MEDIUM: cli: some err/warn msg dumps add LR into CSV output on stat's CLI
    * MINOR: mux-h2/traces: add a missing trace on connection WU with negative inc
    * BUG/MEDIUM: mux-h2: refine connection vs stream error on headers
    * DOC: configuration: fix set-dst in actions keywords matrix
    * BUG/MINOR: h3: fix checking on NULL Tx buffer
* Sun Feb 04 2024 Georg Pfuetzenreuter <[email protected]>
  - Set /run/haproxy as the default PID file and socket location
    Adds haproxy-service.patch
  - Allow custom stats socket names
* Wed Jan 24 2024 [email protected]
  - Update to version 2.9.3+git0.de3ab549a:
    * [RELEASE] Released version 2.9.3
    * BUG/MEDIUM: quic: keylog callback not called (USE_OPENSSL_COMPAT)
    * BUG/MINOR: mux-h2: also count streams for refused ones
    * BUG/MINOR: mux-quic: do not prevent non-STREAM sending on flow control
    * BUILD: quic: missing include for quic_tp
    * [RELEASE] Released version 2.9.2
    * DOC: configuration: corrected description of keyword tune.ssl.ocsp-update.mindelay
    * REGTESTS: add a test to ensure map-ordering is preserved
    * BUG/MINOR: map: list-based matching potential ordering regression
    * CLEANUP: quic: Double quic_dgram_parse() prototype declaration.
    * MINOR: ssl: Update ssl_fc_curve/ssl_bc_curve to use SSL_get0_group_name
    * MINOR: ot: logsrv struct becomes logger
    * MINOR: mux-h2: support limiting the total number of H2 streams per connection
    * BUG/MEDIUM: spoe: Never create new spoe applet if there is no server up
    * BUG/MEDIUM: stconn: Set fsb date if zero-copy forwarding is blocked during nego
    * BUG/MEDIUM: stconn: Forward shutdown on write timeout only if it is forwardable
    * BUG/MEDIUM: h3: fix incorrect snd_buf return value
    * BUILD: quic: Missing quic_ssl.h header protection
    * CLEANUP: quic: Remaining useless code into server part
    * REGTESTS: check attach-srv out of order declaration
    * MINOR: debug: add features and build options to "show dev"
    * MINOR: global: export a way to list build options
    * CI: use semantic version compare for determing "latest" OpenSSL
    * BUG/MINOR: h3: disable fast-forward on buffer alloc failure
    * BUG/MINOR: h3: close connection on sending alloc errors
    * BUG/MINOR: h3: properly handle alloc failure on finalize
    * MINOR: h3: add traces for connection init stage
    * BUG/MINOR: h3: close connection on header list too big
    * MINOR: h3: check connection error during sending
    * BUG/MINOR: quic: Missing call to TLS message callbacks
    * BUG/MINOR: quic: Wrong keylog callback setting.
    * BUG/MINOR: mux-quic: disable fast-fwd if connection on error
    * BUG/MINOR: mux-quic: always report error to SC on RESET_STREAM emission
    * DOC: fix typo for fastfwd QUIC option
    * BUG/MINOR: server/event_hdl: propagate map port info through inetaddr event
    * MINOR: server/event_hdl: update _srv_event_hdl_prepare_inetaddr prototype
    * MINOR: server/event_hdl: add server_inetaddr struct to facilitate event data usage
    * BUG/MEDIUM: stats: unhandled switching rules with TCP frontend
    * MINOR: stats: store the parent proxy in stats ctx (http)
    * BUG/MAJOR: stconn: Disable zero-copy forwarding if consumer is shut or in error
    * BUG/MINOR: server: Use the configured address family for the initial resolution
    * DOC: config: Update documentation about local haproxy response
    * BUG/MINOR: resolvers: default resolvers fails when network not configured
* Fri Dec 15 2023 [email protected]
  - Update to version 2.9.1+git0.f72603ceb:
    * [RELEASE] Released version 2.9.1
    * DOC: config: also add arguments to the converters in the table
    * DOC: config: add arguments to sample fetch methods in the table
    * BUG/MEDIUM: mux-quic: report early error on stream
    * BUG/MEDIUM: mux-h2: Report too large HEADERS frame only when rxbuf is empty
    * CLEANUP: mux-h1: Fix a trace message about C-L header addition
    * BUG/MEDIUM: mux-h1: Explicitly skip request's C-L header if not set originally
    * BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding
    * BUG/MEDIUM: stconn: Block zero-copy forwarding if EOS/ERROR on consumer side
    * BUG/MEDIUM: quic: QUIC CID removed from tree without locking
    * MINOR: version: mention that it's stable now
    * BUG/MINOR: ext-check: cannot use without preserve-env
    * BUG/MEDIUM: map/acl: pat_ref_{set,delete}_by_id regressions
    * BUILD: ssl: update types in wolfssl cert selection callback
    * BUG/MEDIUM: quic: Possible buffer overflow when building TLS records
    * BUG/MINOR: mworker/cli: fix set severity-output support
    * DOC: configuration: typo req.ssl_hello_type
    * BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
    * BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
    * MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
    * BUG/MINOR: ssl: Double free of OCSP Certificate ID
* Mon Dec 11 2023 Dirk Müller <[email protected]>
  - Update to version 2.9.0+git0.fddb8c13b:
    new major branch:
    https://www.haproxy.com/blog/announcing-haproxy-2-9
    https://www.mail-archive.com/[email protected]/msg44400.html
* Thu Dec 07 2023 [email protected]
  - Update to version 2.8.5+git0.aaba8d090:
    * [RELEASE] Released version 2.8.5
    * BUG/MEDIUM: proxy: always initialize the default settings after init
    * BUG/MINOR: lua: Wrong OCSP CID after modifying an SSL certficate (LUA)
    * BUG/MINOR: ssl: Wrong OCSP CID after modifying an SSL certficate
    * MINOR: ssl/cli: Add ha_(warning|alert) msgs to CLI ckch callback
    * BUG/MINOR: ssl: Double free of OCSP Certificate ID
    * BUG/MINOR: quic: Packet number spaces too lately initialized
    * BUG/MINOR: quic: Missing QUIC connection path member initialization
    * BUG/MINOR: quic: Possible leak of TX packets under heavy load
    * BUG/MEDIUM: quic: Possible crash during retransmissions and heavy load
    * BUG/MINOR: cache: Remove incomplete entries from the cache when stream is closed
    * BUG/MEDIUM: peers: fix partial message decoding
    * DOC: Clarify the differences between field() and word()
    * BUG/MINOR: sample: Make the `word` converter compatible with `-m found`
    * REGTESTS: sample: Test the behavior of consecutive delimiters for the field converter
    * DOC: config: fix monitor-fail typo
    * DOC: config: add matrix entry for "max-session-srv-conns"
    * DOC: config: specify supported sections for "max-session-srv-conns"
    * BUG/MINOR: cfgparse-listen: fix warning being reported as an alert
    * BUG/MINOR: config: Stopped parsing upon unmatched environment variables
    * BUG/MINOR: quic_tp: fix preferred_address decoding
    * DOC: config: fix missing characters in set-spoe-group action
    * BUG/MINOR: h3: always reject PUSH_PROMISE
    * BUG/MINOR: h3: fix TRAILERS encoding
    * BUG/MEDIUM: master/cli: Properly pin the master CLI on thread 1 / group 1
    * BUG/MINOR: compression: possible NULL dereferences in comp_prepare_compress_request()
    * BUG/MINOR: quic: fix CONNECTION_CLOSE_APP encoding
    * DOC: lua: fix Proxy.get_mode() output
    * DOC: lua: add sticktable class reference from Proxy.stktable
    * REGTESTS: connection: disable http_reuse_be_transparent.vtc if !TPROXY
    * DOC: config: fix timeout check inheritance restrictions
    * DOC: 51d: updated 51Degrees repo URL for v3.2.10
    * BUG/MINOR: server: do not leak default-server in defaults sections
    * BUG/MINOR: quic: Possible RX packet memory leak under heavy load
    * BUG/MEDIUM: quic: Possible crash for connections to be killed
    * BUG/MINOR: sock: mark abns sockets as non-suspendable and always unbind them
    * BUG/MINOR: startup: set GTUNE_SOCKET_TRANSFER correctly
    * REGTESTS: http: add a test to validate chunked responses delivery
    * BUG/MINOR: proxy/stktable: missing frees on proxy cleanup
    * MINOR: stktable: add stktable_deinit function
    * BUG/MINOR: stream/cli: report correct stream age in "show sess"
    * BUG/MEDIUM: mux-fcgi: fail earlier on malloc in takeover()
    * BUG/MEDIUM: mux-h1: fail earlier on malloc in takeover()
    * BUG/MEDIUM: mux-h2: fail earlier on malloc in takeover()
    * BUG/MAJOR: quic: complete thread migration before tcp-rules
* Fri Nov 24 2023 [email protected]
  - Update to version 2.8.4+git0.a4ebf9d3b:
    * [RELEASE] Released version 2.8.4
    * BUG/MINOR: stconn: Report read activity on non-indep streams for partial sends
    * BUG/MINOR: stconn/applet: Report send activity only if there was output data
    * BUG/MINOR: stconn: Use HTX-aware channel's functions to get info on buffer
    * BUG/MINOR: stconn: Fix streamer detection for HTX streams
    * MINOR: channel: Add functions to get info on buffers and deal with HTX streams
    * MINOR: htx: Use a macro for overhead induced by HTX
    * BUG/MEDIUM: stconn: Update fsb date on partial sends
    * BUG/MEDIUM: stream: Don't call mux .ctl() callback if not implemented
    * BUG/MEDIUM: mworker: set the master variable earlier
    * BUG/MEDIUM: applet: Report a send activity everytime data were sent
    * BUG/MEDIUM: stconn: Report a send activity everytime data were sent
    * REGTESTS: http: Improve script testing abortonclose option
    * BUG/MEDIUM: stream: Properly handle abortonclose when set on backend only
    * MEDIUM: mux-h1: Handle MUX_SUBS_RECV flag in h1_ctl() and susbscribe for reads
    * MINOR: connection: Add a CTL flag to notify mux it should wait for reads again
    * BUG/MINOR: stconn: Handle abortonclose if backend connection was already set up
    * BUG/MEDIUM: connection: report connection errors even when no mux is installed
    * DOC: quic: Wrong syntax for "quic-cc-algo" keyword.
    * BUG/MINOR: sink: don't learn srv port from srv addr
    * BUG/MEDIUM: applet: Remove appctx from buffer wait list on release
    * DOC: config: use the word 'backend' instead of 'proxy' in 'track' description
    * BUG/MINOR: quic: fix retry token check inconsistency
    * DOC: management: -q is quiet all the time
    * BUG/MEDIUM: stconn: Don't update stream expiration date if already expired
    * BUG/MEDIUM: quic: Avoid some crashes upon TX packet allocation failures
    * BUG/MEDIUM: quic: Possible crashes when sending too short Initial packets
    * BUG/MEDIUM: quic: Avoid trying to send ACK frames from an empty ack ranges tree
    * BUG/MINOR: quic: idle timer task requeued in the past
    * BUG/MEDIUM: pool: fix releasable pool calculation when overloaded
    * BUG/MEDIUM: freq-ctr: Don't report overshoot for long inactivity period
    * BUG/MINOR: mux-h1: Properly handle http-request and http-keep-alive timeouts
    * BUG/MINOR: stick-table/cli: Check for invalid ipv4 key
    * BUG/MEDIUM: quic: fix sslconns on quic_conn alloc failure
    * BUG/MEDIUM: quic: fix actconn on quic_conn alloc failure
    * CLEANUP: htx: Properly indent htx_reserve_max_data() function
    * BUG/MINOR: stconn: Sanitize report for read activity
    * BUG/MEDIUM: Don't apply a max value on room_needed in sc_need_room()
    * BUG/MEDIUM: stconn: Don't report rcv/snd expiration date if SC cannot epxire
    * BUG/MEDIUM: pattern: don't trim pools under lock in pat_ref_purge_range()
    * BUG/MINOR: cfgparse/stktable: fix error message on stktable_init() failure
    * BUG/MINOR: stktable: missing free in parse_stick_table()
    * BUG/MINOR: tcpcheck: Report hexstring instead of binary one on check failure
    * BUG/MEDIUM: ssl: segfault when cipher is NULL
    * BUG/MINOR: mux-quic: fix early close if unset client timeout
    * BUG/MINOR: ssl: suboptimal certificate selection with TLSv1.3 and dual ECDSA/RSA
    * MEDIUM: quic: count quic_conn for global sslconns
    * MEDIUM: quic: count quic_conn instance for maxconn
    * MINOR: frontend: implement a dedicated actconn increment function
    * BUG/MINOR: ssl: use a thread-safe sslconns increment
    * BUG/MINOR: quic: do not consider idle timeout on CLOSING state
    * BUG/MEDIUM: server: "proto" not working for dynamic servers
    * MINOR: connection: add conn_pr_mode_to_proto_mode() helper func
    * DEBUG: mux-h2/flags: fix list of h2c flags used by the flags decoder
    * MINOR: lua: Add flags to configure logging behaviour
    * BUG/MINOR: ssl: load correctly @system-ca when ca-base is define
    * DOC: internal: filters: fix reference to entities.pdf
    * BUG/MINOR: mux-h2: update tracked counters with req cnt/req err
    * BUG/MINOR: mux-h2: commit the current stream ID even on reject
    * BUG/MEDIUM: peers: Fix synchro for huge number of tables
    * BUG/MEDIUM: peers: Be sure to always refresh recconnect timer in sync task
    * BUG/MINOR: trace: fix trace parser error reporting
    * BUG/MINOR: mux-h2: fix http-request and http-keep-alive timeouts again
    * BUG/MEDIUM: mux-h2: Don't report an error on shutr if a shutw is pending
    * BUG/MINOR: mux-h2: make up other blocked streams upon removal from list
    * BUG/MINOR: mux-h1: Send a 400-bad-request on shutdown before the first request
    * BUG/MEDIUM: quic-conn: free unsent frames on retransmit to prevent crash
    * BUG/MINOR: mux-quic: fix free on qcs-new fail alloc
    * BUG/MINOR: h3: strengthen host/authority header parsing
    * BUG/MINOR: mux-quic: support initial 0 max-stream-data
    * BUG/MEDIUM: mux-quic: fix RESET_STREAM on send-only stream
    * BUG/MINOR: quic: reject packet with no frame
    * BUG/MINOR: quic: Avoid crashing with unsupported cryptographic algos
    * BUG/MEDIUM: stconn: Fix comparison sign in sc_need_room()
    * BUG/MINOR: hq-interop: simplify parser requirement
    * BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
    * BUG/MINOR: mux-h1: Ignore C-L when sending H1 messages if T-E is also set
    * BUG/MINOR: mux-h1: Handle read0 in rcv_pipe() only when data receipt was tried
    * BUG/MEDIUM: hlua: Initialize appctx used by a lua socket on connect only
    * MINOR: hlua: Test the hlua struct first when the lua socket is connecting
    * MINOR: hlua: Save the lua socket's server in its context
    * MINOR: hlua: Save the lua socket's timeout in its context
    * MINOR: hlua: Don't preform operations on a not connected socket
    * MINOR: hlua: Set context's appctx when the lua socket is created
    * BUG/MEDIUM: http-ana: Try to handle response before handling server abort
    * BUG/MEDIUM: quic_conn: let the scheduler kill the task when needed
    * BUG/MEDIUM: actions: always apply a longest match on prefix lookup
    * BUG/MINOR: mux-quic: remove full demux flag on ncbuf release
    * BUG/MEDIUM: server/cli: don't delete a dynamic server that has streams
    * MINOR: pattern: fix pat_{parse,match}_ip() function comments
    * BUG/MINOR: server: add missing free for server->rdr_pfx
    * BUG/MAJOR: mux-h2: Report a protocol error for any DATA frame before headers
    * BUG/MINOR: freq_ctr: fix possible negative rate with the scaled API
    * BUG/MEDIUM: master/cli: Pin the master CLI on the first thread of the group 1
    * BUG/MINOR: promex: fix backend_agg_check_status
    * BUG/MEDIUM: mux-fcgi: Don't swap trash and dbuf when handling STDERR records
    * BUG/MINOR: hlua/init: coroutine may not resume itself
    * BUG/MEDIUM: hlua: don't pass stale nargs argument to lua_resume()
    * CI: musl: drop shopt in workflow invocation
    * CI: musl: highlight section if there are coredumps
    * Revert "BUG/MEDIUM: quic: missing check of dcid for init pkt including a token"
    * BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread
    * MINOR: hlua: add hlua_stream_ctx_prepare helper function
    * BUILD: quic: fix build on centos 8 and USE_QUIC_OPENSSL_COMPAT
    * BUG/MINOR: quic: ssl_quic_initial_ctx() uses error count not error code
    * BUG/MINOR: quic: allow-0rtt warning must only be emitted with quic bind
    * BUILD: Makefile: add USE_QUIC_OPENSSL_COMPAT to make help
    * MINOR: quic+openssl_compat: Emit an alert for "allow-0rtt" option
    * MINOR: quic+openssl_compat: Do not start without "limited-quic"
    * MINOR: quic: Warning for OpenSSL wrapper QUIC bindings without "limited-quic"
    * BUG/MINOR: quic+openssl_compat: Non initialized TLS encryption levels
    * DOC: quic: Add "limited-quic" new tuning setting
    * MINOR: quic: Add "limited-quic" new tuning setting
    * MINOR: quic: SSL context initialization with QUIC OpenSSL wrapper.
    * MINOR: quic: Add a quic_openssl_compat struct to quic_conn struct
    * MINOR: quic: Call the keylog callback for QUIC openssl wrapper from SSL_CTX_keylog()
    * MINOR: quic: Initialize TLS contexts for QUIC openssl wrapper
    * MINOR: quic: Export some KDF functions (QUIC-TLS)
    * MINOR: quic: Add a compilation option for the QUIC OpenSSL wrapper
    * MINOR: quic: Do not enable 0RTT with SSL_set_quic_early_data_enabled()
    * MINOR: quic: Set the QUIC connection as extra data before calling SSL_set_quic_method()
    * MINOR: quic: Do not enable O-RTT with USE_QUIC_OPENSSL_COMPAT
    * MINOR: quic: Include QUIC opensssl wrapper header from TLS stacks compatibility header
    * MINOR: quic: QUIC openssl wrapper implementation
    * BUG/MINOR: quic: Wrong cluster secret initialization
    * BUG/MINOR: quic: Leak of frames to send.
    * BUILD: bug: make BUG_ON() void to avoid a rare warning
* Thu Sep 07 2023 [email protected]
  - Update to version 2.8.3+git0.86e043add:
    * [RELEASE] Released version 2.8.3
    * CI: Update to actions/checkout@v4
    * MEDIUM: capabilities: enable support for Linux capabilities
    * BUG/MINOR: hlua/action: incorrect message on E_YIELD error
    * BUG/MINOR: ring/cli: Don't expect input data when showing events
    * BUG/MINOR: applet: Always expect data when CLI is waiting for a new command
    * NUG/MEDIUM: stconn: Always update stream's expiration date after I/O
    * BUG/MEDIUM: stconn/stream: Forward shutdown on write timeout
    * BUG/MEDIUM: applet: Report an error if applet request more room on aborted SC
    * BUG/MEDIUM: stconn: Report read activity when a stream is attached to front SC
    * BUG/MEDIUM: applet: Fix API for function to push new data in channels buffer
    * BUG/MINOR: quic: Wrong RTT computation (srtt and rrt_var)
    * BUG/MINOR: quic: Wrong RTT adjusments
    * MINOR: httpclient: allow to configure the timeout.connect
    * MINOR: httpclient: allow to configure the retries
    * DOC: configuration: update examples for req.ver
    * BUG/MINOR: stream: further protect stream_dump() against incomplete sessions
    * BUG/MEDIUM: h1-htx: Ensure chunked parsing with full output buffer
    * BUG/MAJOR: quic: Really ignore malformed ACK frames.
    * BUG/MINOR: quic: Possible skipped RTT sampling
    * BUG/MEDIUM: stconn: Don't block sends if there is a pending shutdown
    * BUG/MEDIUM: stconn: Wake applets on sending path if there is a pending shutdown
    * BUG/MINOR: stconn: Don't report blocked sends during connection establishment
    * BUG/MEDIUM: stconn: Update stream expiration date on blocked sends
    * DEBUG: applet: Properly report opposite SC expiration dates in traces
    * BUG/MINOR: checks: do not queue/wake a bounced check
    * DOC: config: mention uid dependency on the tune.quic.socket-owner option
    * BUG/MINOR: stream: protect stream_dump() against incomplete streams
    * BUG/MINOR: ssl/cli: can't find ".crt" files when replacing a certificate
    * BUILD: import: guard plock.h against multiple inclusion
    * BUG/MINOR: ssl_sock: fix possible memory leak on OOM
    * DOC: lua: fix core.register_action typo
    * BUG/MINOR: hlua_fcn: potentially unsafe stktable_data_ptr usage
    * CI: fedora: fix "dnf" invocation syntax
    * IMPORT: xxhash: update xxHash to version 0.8.2
    * MINOR: atomic: make sure to always relax after a failed CAS
    * MINOR: threads: inline the wait function for pthread_rwlock emulation
    * IMPORT: plock: also support inlining the int code
    * BUILD: Makefile: add the USE_QUIC option to make help
    * DOC: jwt: Add explicit list of supported algorithms
    * REGTESTS: Do not use REQUIRE_VERSION for HAProxy 2.5+ (3)
    * SCRIPTS: git-show-backports: automatic ref and base detection with -m
    * DOC: typo: fix sc-set-gpt references
    * BUG/MINOR: stktable: allow sc-add-gpc from tcp-request connection
    * BUG/MINOR: stktable: allow sc-set-gpt(0) from tcp-request connection
    * DEV: flags/show-sess-to-flags: properly decode fd.state
    * BUG/MINOR: hlua: fix invalid use of lua_pop on error paths
    * BUG/MEDIUM: quic: fix tasklet_wakeup loop on connection closing
    * CI: get rid of travis-ci wrapper for Coverity scan
    * CI: do not use "groupinstall" for Fedora Rawhide builds
  - drop 0001-IMPORT-xxhash-update-xxHash-to-version-0.8.2.patch:
    part of the version update
* Wed Aug 30 2023 Peter Varkoly <[email protected]>
  - Apply upstream patch for the ppc64le issue:
    Add patch:
    0001-IMPORT-xxhash-update-xxHash-to-version-0.8.2.patch
    Remove patch:
    fix-invalid-parameter-combination-for-AltiVec-intrinsic-__builtin_vec_ld.patch
* Mon Aug 21 2023 Peter Varkoly <[email protected]>
  - Build error on ppc64le: include/import/xxhash.h:4148:9: error: invalid parameter combination for AltiVec intrinsic __builtin_vec_ld
    Add patch:
    fix-invalid-parameter-combination-for-AltiVec-intrinsic-__builtin_vec_ld.patch
* Wed Aug 09 2023 [email protected]
  - Update to version 2.8.2+git0.61a0f576a: (boo#1214102) CVE-2023-40225
    * [RELEASE] Released version 2.8.2
    * BUG/MINOR: http: skip leading zeroes in content-length values
    * DOC: clarify the handling of URL fragments in requests
    * REGTESTS: http-rules: verify that we block '#' by default for normalize-uri
    * BUG/MINOR: h3: reject more chars from the :path pseudo header
    * BUG/MINOR: h2: reject more chars from the :path pseudo header
    * BUG/MINOR: h1: do not accept '#' as part of the URI component
    * REGTESTS: http-rules: add accept-invalid-http-request for normalize-uri tests
    * MINOR: h2: pass accept-invalid-http-request down the request parser
    * MINOR: http: add new function http_path_has_forbidden_char()
    * MINOR: ist: add new function ist_find_range() to find a character range
    * BUG/MAJOR: http: reject any empty content-length header value
    * BUG/MAJOR: h3: reject header values containing invalid chars
    * REORG: http: move has_forbidden_char() from h2.c to http.h
    * BUG/MAJOR: http-ana: Get a fresh trash buffer for each header value replacement
    * BUILD: quic: fix wrong potential NULL dereference
    * BUG/MINOR: quic: reappend rxbuf buffer on fake dgram alloc error
    * BUG/MINOR: http-client: Don't forget to commit changes on HTX message
    * BUG/MEDIUM: quic: consume contig space on requeue datagram
    * BUG/MEDIUM: bwlim: Reset analyse expiration date when then channel analyse ends
    * BUG/MEDIUM: h3: Be sure to handle fin bit on the last DATA frame
    * BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full
    * DOC: configuration: describe Td in Timing events
    * BUG/MEDIUM: h3: Properly report a C-L header was found to the HTX start-line
    * BUG/MINOR: ssl: OCSP callback only registered for first SSL_CTX
    * MINOR: quic: Useless call to SSL_CTX_set_quic_method()
    * MINOR: quic: Make ->set_encryption_secrets() be callable two times
    * BUG/MEDIUM: listener: Acquire proxy's lock in relax_listener() if necessary
    * BUG/MINOR: server-state: Avoid warning on 'file not found'
    * BUG/MINOR: server-state: Ignore empty files
    * BUG/MINOR: quic: Missing parentheses around PTO probe variable.
    * BUG/MINOR: server: Don't warn on server resolution failure with init-addr none
    * BUG/MINOR: init: set process' affinity even in foreground
    * BUG/MINOR: cpuset: remove the bogus "proc" from the cpu_map struct
    * BUG/MINOR: config: do not detect NUMA topology when cpu-map is configured
    * MINOR: cpuset: add cpu_map_configured() to know if a cpu-map was found
    * BUG/MINOR: h1-htx: Return the right reason for 302 FCGI responses
    * BUG/MINOR: hlua: add check for lua_newstate
    * BUILD: quic: fix warning during compilation using gcc-6.5
    * CI: explicitely highlight VTest result section if there's something
    * CI: add naming convention documentation
    * BUG/MINOR: http: Return the right reason for 302
    * BUG/MINOR: sample: Fix wrong overflow detection in add/sub conveters
    * DOC: config: Fix fc_src description to state the source address is returned
    * BUG/MEDIUM: hlua_fcn/queue: bad pop_wait sequencing
    * BUG/MINOR: hlua: hlua_yieldk ctx argument should support pointers
    * CLEANUP: quic: remove useless parameter 'key' from quic_packet_encrypt
    * BUG/MEDIUM: quic: timestamp shared in token was using internal time clock
    * BUG/MEDIUM: quic: missing check of dcid for init pkt including a token
    * BUG/MINOR: quic: retry token remove one useless intermediate expand
    * BUG/MEDIUM: quic: token IV was not computed using a strong secret
    * BUG/MINOR: config: Remove final '\n' in error messages
    * BUG/MINOR: hlua_fcn/queue: use atomic load to fetch queue size
    * EXAMPLES: maintain haproxy 2.8 retrocompatibility for lua mailers script
    * BUG/MINOR: sink/log: properly deinit srv in sink_new_from_logsrv()
    * MINOR: hlua_fcn/mailers: handle timeout mail from mailers section
    * BUG/MINOR: server: set rid default value in new_server()
    * BUG/MINOR: sink: fix errors handling in cfg_post_parse_ring()
    * BUG/MINOR: sink: invalid sft free in sink_deinit()
    * BUG/MINOR: log: free errmsg on error in cfg_parse_log_forward()
    * BUG/MINOR: log: fix multiple error paths in cfg_parse_log_forward()
    * BUG/MINOR: log: fix missing name error message in cfg_parse_log_forward()
    * BUG/MEDIUM: log: improper use of logsrv->maxlen for buffer targets
    * MINOR: sink/api: pass explicit maxlen parameter to sink_write()
    * BUG/MINOR: log: LF upsets maxlen for UDP targets
    * BUG/MINOR: ring: maxlen warning reported as alert
    * BUG/MINOR: ring: size warning incorrectly reported as fatal error
    * BUG/MINOR: sink: missing sft free in sink_deinit()
    * BUG/MINOR: http_ext: unhandled ERR_ABORT in proxy_http_parse_7239()
    * BUG/MEDIUM: sink: invalid server list in sink_new_from_logsrv()
    * BUG/MINOR: cache: A 'max-age=0' cache-control directive can be overriden by a s-maxage
    * BUG/MINOR: tcp_sample: bc_{dst,src} return IP not INT
    * DOC: ssl: Add ocsp-update troubleshooting clues and emphasize on crt-list only aspect
    * DOC: ssl: Fix typo in 'ocsp-update' option
* Mon Jul 03 2023 [email protected]
  - Update to version 2.8.1+git0.a90123aa8:
    * [RELEASE] Released version 2.8.1
    * CLEANUP: quic: Remove server specific about Initial packet number space
    * MINOR: quic: Reduce the maximum length of TLS secrets
    * MINOR: quic: Move packet number space related functions
    * MINOR: quic: Move QUIC encryption level structure definition
    * BUILD: debug: avoid a build warning related to epoll_wait() in debug code
    * MINOR: compression/slz: add support for a pure flush of pending bytes
    * IMPORT: slz: implement a synchronous flush() operation
    * BUG/MINOR: quic: Wrong endianess for version field in Retry token
    * BUG/MINOR: quic: Wrong Retry paquet version field endianess
    * BUG/MINOR: quic: Missing random bits in Retry packet header
    * BUG/MINOR: config: fix stick table duplicate name check
    * BUG/MEDIUM: quic: error checking buffer large enought to receive the retry tag
    * BUG/MINOR: quic: Prevent deadlock with CID tree lock
    * BUG/MINOR: mworker: leak of a socketpair during startup failure
    * BUG/MINOR: http_ext: fix if-none regression in forwardfor option
    * DOC: Attempt to fix dconv parsing error for tune.h2.fe.initial-window-size
    * REGTESTS: h1_host_normalization : Add a barrier to not mix up log messages
    * DOC: Add tune.h2.max-frame-size option to table of contents
    * DOC: Add tune.h2.be.* and tune.h2.fe.* options to table of contents
    * BUG/MINOR: quic: ticks comparison without ticks API use
    * BUG/MEDIUM: mworker: increase maxsock with each new worker
    * BUG/MINOR: quic: Possible endless loop in quic_lstnr_dghdlr()
    * BUG/MINOR: quic: Possible crash in quic_conn_prx_cntrs_update()
    * BUG/MINOR: quic: Missing initialization (packet number space probing)
    * BUG/MINOR: namespace: missing free in netns_sig_stop()
    * BUG/MINOR: server: inherit from netns in srv_settings_cpy()
    * BUG/MINOR: quic: Address inversion in "show quic full"
    * BUG/MINOR: quic: Wrong encryption level flags checking
    * BUG/MINOR: ssl: log message non thread safe in SSL Hanshake failure
    * REG-TESTS: stickiness: Delay haproxys start to properly resolv variables
    * BUG/MINOR: peers: Improve detection of config errors in peers sections
    * BUG/MEDIUM: hlua: Use front SC to detect EOI in HTTP applets' receive functions
    * BUG/MINOR: proxy/server: free default-server on deinit
    * BUG/MINOR: proxy: add missing interface bind free in free_proxy
    * BUG/MINOR: cfgparse-tcp: leak when re-declaring interface from bind line
    * DOC: config: fix rfc7239 converter examples (again)
    * DOC: config: fix jwt_verify() example using var()
    * DOC: quic: fix misspelled tune.quic.socket-owner
    * BUG/MINOR: spoe: Only skip sending new frame after a receive attempt
    * CONTRIB: Add vi file extensions to .gitignore
    * BUG/MINOR: quic: Possible crash when SSL session init fails
    * BUG/MINOR: stream: do not use client-fin/server-fin with HTX
    * BUG/MINOR: stats: Fix Lua's `get_stats` function
* Wed May 31 2023 Marcus Rueckert <[email protected]>
  - Refreshed patches to apply cleanly again:
    haproxy-1.6.0-makefile_lib.patch
    haproxy-1.6.0-sec-options.patch
  - Updated series file: removed outdated patches
* Wed May 31 2023 [email protected]
  - Update to version 2.8.0+git0.fdd8154ed:
    https://www.mail-archive.com/[email protected]/msg43600.html
* Tue May 02 2023 [email protected]
  - Update to version 2.7.8+git0.58c657f26:
    * [RELEASE] Released version 2.7.8
    * MINOR: listener: remove the now useless LI_F_QUIC_LISTENER flag
* Tue May 02 2023 Marcus Rueckert <[email protected]>
  - Add handling for the new startup logs in /dev/shm in the apparmor
    profile
* Tue May 02 2023 [email protected]
  - Update to version 2.7.7+git0.feedf1414:
    * [RELEASE] Released version 2.7.7
    * BUG/MINOR: tools: check libssl and libcrypto separately
    * MINOR: pools: report a replaced memory allocator instead of just malloc_trim()
    * BUG/MINOR: pools: restore detection of built-in allocator
    * MEDIUM: tools: further relax dlopen() checks too consider grouped symbols
    * MINOR: tools: relax dlopen() on malloc/free checks
    * MINOR: pattern: use trim_all_pools() instead of a conditional malloc_trim()
    * MINOR: pools: export trim_all_pools()
    * MEDIUM: pools: move the compat code from trim_all_pools() to malloc_trim()
    * MINOR: pools: intercept malloc_trim() instead of trying to plug holes
    * MINOR: pools: make sure 'no-memory-trimming' is always used
    * BUG/MINOR: illegal use of the malloc_trim() function if jemalloc is used
    * BUG/MINOR: quic: fix race on quic_conns list during affinity rebind
    * MINOR: quic: finalize affinity change as soon as possible
    * MINOR: mux-quic: do not allocate Tx buf for empty STREAM frame
    * MINOR: mux-quic: do not set buffer for empty STREAM frame
    * BUG/MINOR: quic: prevent buggy memcpy for empty STREAM
    * BUG/MEDIUM: mux-quic: improve streams fairness to prevent early timeout
    * BUG/MEDIUM: mux-quic: do not emit RESET_STREAM for unknown length
    * CLEANUP: quic: Rename several <buf> variables into quic_sock.c
    * CLEANUP: quic: Rename <buf> variable into qc_parse_hd_form()
    * CLEANUP: quic: Rename <buf> variable into quic_packet_read_long_header()
    * CLEANUP: quic: Rename several <buf> variables at low level
    * CLEANUP: quic: Rename quic_get_dgram_dcid() <buf> variable
    * CLEANUP: quic: Make qc_build_pkt() be more readable
    * CLEANUP: quic: Rename <buf> variable for several low level functions
    * CLEANUP: quic: Rename <buf> variable into quic_rx_pkt_parse()
    * CLEANUP: quic: Rename <buf> variable into quic_padding_check()
    * CLEANUP: quic: Rename <buf> variable to <token> in quic_generate_retry_token()
    * CLEANUP: quic: Remove useless parameters passes to qc_purge_tx_buf()
    * CLEANUP: quic: rename frame variables
    * CLEANUP: quic: rename frame types with an explicit prefix
    * BUG/MINOR: quic: Useless I/O handler task wakeups (draining, killing state)
    * BUG/MINOR: quic: Useless probing retransmission in draining or killing state
    * BUG/MINOR: quic: Possible leak during probing retransmissions
    * BUG/MINOR: quic: Possible memory leak from TX packets
    * MINOR: quic: Move traces at proto level
    * BUILD: proto_tcp: export the correct names for proto_tcpv[46]
    * BUILD: sock_inet: forward-declare struct receiver
    * BUG/MINOR: config: fix NUMA topology detection on FreeBSD
    * CI: cirrus-ci: bump FreeBSD image to 13-1
    * BUG/MINOR: cli: clarify error message about stats bind-process
    * MINOR: listener: remove unneeded local accept flag
    * MAJOR: quic: support thread balancing on accept
    * MINOR: quic: properly finalize thread rebinding
    * MEDIUM: quic: implement thread affinity rebinding
    * MINOR: fd: implement fd_migrate_on() to migrate on a non-local thread
    * MINOR: fd: add a lock bit with the tgid
    * MINOR: fd: optimize fd_claim_tgid() for use in fd_insert()
    * MINOR: quic: delay post handshake frames after accept
    * MINOR: protocol: define new callback set_affinity
    * MINOR: quic: do not proceed to accept for closing conn
    * MEDIUM: quic: handle conn bootstrap/handshake on a random thread
    * MINOR: quic: remove TID encoding in CID
    * MEDIUM: quic: use a global CID trees list
    * BUG/MINOR: server: don't use date when restoring last_change from state file
    * BUG/MINOR: server: don't miss server stats update on server state transitions
    * BUG/MINOR: server: don't miss proxy stats update on server state transitions
    * MINOR: server: explicitly commit state change in srv_update_status()
    * BUG/MINOR: server: incorrect report for tracking servers leaving drain
    * BUG/MEDIUM: Update read expiration date on synchronous send
    * BUG/MINOR: quic: consume Rx datagram even on error
    * BUG/MINOR: quic: prevent crash on qc_new_conn() failure
    * BUG/MINOR: h3: fix crash on h3s alloc failure
    * BUG/MINOR: mux-quic: properly handle STREAM frame alloc failure
    * BUG/MINOR: mux-quic: fix crash with app ops install failure
    * BUG/MINOR: quic: Wrong Retry token generation timestamp computing
    * BUG/MINOR: quic: Unchecked buffer length when building the token
    * MINOR: quic: Do not allocate too much ack ranges
    * BUG/MINOR: quic: Stop removing ACK ranges when building packets
    * BUG/MINOR: cfgparse: make sure to include openssl-compat
    * BUG/MEDIUM: quic: prevent crash on Retry sending
    * CLEANUP: backend: Remove useless debug message in assign_server()
    * BUG/MINOR: quic: transform qc_set_timer() as a reentrant function
    * MINOR: quic: remove TID ref from quic_conn
    * MINOR: quic: adjust quic CID derive API
    * MINOR: quic: adjust Rx packet type parsing
    * MINOR: quic: remove uneeded tasklet_wakeup after accept
    * CLEANUP: quic: rename quic_connection_id vars
    * CLEANUP: quic: remove unused qc param on stateless reset token
    * CLEANUP: quic: remove unused scid_node
    * CLEANUP: quic: remove unused QUIC_LOCK label
    * BUG/MINOR: task: allow to use tasklet_wakeup_after with tid -1
    * BUG/MEDIUM: log: Properly handle client aborts in syslog applet
    * MINOR: ssl: remove OpenSSL 1.0.2 mention into certificate loading error
    * BUG/MINOR: quic: Do not use ack delay during the handshakes
    * REGTESTS: fix the race conditions in log_uri.vtc
    * BUG/MINOR: stream: Fix test on SE_FL_ERROR on the wrong entity
    * CI: bump "actions/checkout" to v3 for cross zoo matrix
    * BUG/MINOR: quic: Wrong Application encryption level selection when probing
    * MINOR: quic: Remove a useless test about probing in qc_prep_pkts()
    * MINOR: quic: Display the packet number space flags in traces
    * BUG/MINOR: quic: SIGFPE in quic_cubic_update()
    * BUG/MINOR: quic: Possible wrapped values used as ACK tree purging limit.
    * BUG/MEDIUM: quic: Code sanitization about acknowledgements requirements
    * MINOR: quic: Add connection flags to traces
    * BUG/MINOR: quic: Ignored less than 1ms RTTs
    * MINOR: quic: Add packet loss and maximum cc window to "show quic"
    * BUG/MEDIUM: fd: don't wait for tmask to stabilize if we're not in it.
    * BUG/MINOR: stick_table: alert when type len has incorrect characters
    * MINOR: activity: add a line reporting the average CPU usage to "show activity"
    * MINOR: quic: Add a trace for packet with an ACK frame
    * MINOR: quic: Dump more information at proto level when building packets
    * MINOR: quic: Modify qc_try_rm_hp() traces
    * BUG/MINOR: quic: Wrong packet number space probing before confirmed handshake
    * MINOR: quic: Trace fix in quic_pto_pktns() (handshaske status)
    * BUG/MEDIUM: resolvers: Force the connect timeout for DNS resolutions
    * BUG/MINOR: resolvers: Wakeup DNS idle task on stopping
    * BUG/MEDIUM: dns: Kill idle DNS sessions during stopping stage
    * BUILD: compiler: fix __equals_1() on older compilers
    * BUG/MINOR: errors: invalid use of memprintf in startup_logs_init()
    * BUG/MINOR: mworker: unset more internal variables from program section
    * MINOR: quic: remove address concatenation to ODCID
    * MINOR: quic: remove ODCID dedicated tree
    * MINOR: quic: derive first DCID from client ODCID
    * BUG/MINOR: quic: Possible crashes in qc_idle_timer_task()
    * BUG/MINOR: http-ana: Don't switch message to DATA when waiting for payload
    * MINOR: http-ana: Add a HTTP_MSGF flag to state the Expect header was checked
    * BUG/MEDIUM: hlua: prevent deadlocks with main lua lock
    * MINOR: hlua: simplify lua locking
    * BUG/MINOR: hlua: prevent function and table reference leaks on errors
    * BUG/MINOR: hlua: fix reference leak in hlua_post_init_state()
    * BUG/MINOR: hlua: fix reference leak in core.register_task()
    * MINOR: hlua: add simple hlua reference handling API
    * CLEANUP: hlua: fix conflicting comment in hlua_ctx_destroy()
    * BUG/MINOR: hlua: enforce proper running context for register_x functions
    * BUG/MINOR: hlua: hook yield does not behave as expected
    * BUG/MINOR: log: free log forward proxies on deinit()
    * BUG/MINOR: sink: free forward_px on deinit()
    * BUG/MINOR: stats: properly handle server stats dumping resumption
    * BUG/MINOR: server/del: fix srv->next pointer consistency
    * MINOR: server: add SRV_F_DELETED flag
    * BUG/MEDIUM: dns: Properly handle error when a response consumed
    * BUG/MEDIUM: channel: Improve reports for shut in co_getblk()
    * BUG/MINOR: quic: Possible wrong PTO computing
    * BUILD: quic: 32bits compilation issue in cli_io_handler_dump_quic()
    * BUG/MINOR: quic: Wrong idle timer expiration (during 20s)
    * BUG/MINOR: quic: Unexpected connection closures upon idle timer task execution
    * MINOR: quic: Add trace to debug idle timer task issues
    * DOC: config: strict-sni allows to start without certificate
    * MINOR: http-act: emit a warning when a header field name contains forbidden chars
    * BUG/MINOR: quic: Remove useless BUG_ON() in newreno and cubic algo implementation
    * BUG/MAJOR: quic: Congestion algorithms states shared between the connection
    * MINOR: quic: Add missing traces in cubic algorithm implementation
    * BUG/MINOR: quic: Cubic congestion control window may wrap
    * BUG/MINOR: quic: Remaining useless statements in cubic slow start callback
    * BUG/MINOR: quic: Wrong rtt variance computing
    * MEDIUM: quic: Ack delay implementation
    * MINOR: quic: Traces adjustments at proto level.
    * MINOR: quic: Adjustments for generic control congestion traces
    * MINOR: quic: Implement cubic state trace callback
    * BUG/MINOR: quic: Missing max_idle_timeout initialization for the connection
    * BUG/MINOR: quic: Wrong use of now_ms timestamps (newreno algo)
    * MINOR: quic: Add recovery related information to "show quic"
    * BUG/MINOR: quic: Wrong use of now_ms timestamps (cubic algo)
    * BUG/MINOR: backend: make be_usable_srv() consistent when stopping
    * BUG/MEDIUM: proxy/sktable: prevent watchdog trigger on soft-stop
    * DOC/MINOR: reformat configuration.txt's "quoting and escaping" table
    * MINOR: proxy/pool: prevent unnecessary calls to pool_gc()
    * BUG/MINOR: quic: Missing padding in very short probe packets
    * BUG/MEDIUM: mux-h2: Be able to detect connection error during handshake
    * BUILD: da: extends CFLAGS to support API v3 from 3.1.7 and onwards.
    * Revert "BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached"
    * BUG/MINOR: ssl: ssl-(min|max)-ver parameter not duplicated for bundles in crt-list
* Tue Mar 28 2023 [email protected]
  - Update to version 2.7.6+git0.4dadaaafb:
    * [RELEASE] Released version 2.7.6
    * BUG/MINOR: quic: Missing STREAM frame type updated
    * BUG/MINOR: applet/new: fix sedesc freeing logic
    * BUG/MEDIUM: mux-h1: Wakeup H1C on shutw if there is no I/O subscription
    * DOC: config: set-var() dconv rendering issues
    * BUG/MEDIUM: stats: Consume the request except when parsing the POST payload
    * MINOR: mux-quic: close on frame alloc failure
    * MINOR: mux-quic: close on qcs allocation failure
    * MINOR: mux-quic: ensure CONNECTION_CLOSE is scheduled once per conn
    * MINOR: mux-quic: interrupt qcc_recv*() operations if CC scheduled
    * BUG/MINOR: mux-quic: prevent CC status to be erased by shutdown
    * BUG/MINOR: h3: properly handle incomplete remote uni stream type
    * MINOR: mux-quic: add flow-control info to minimal trace level
    * MINOR: mux-quic: adjust trace level for MAX_DATA/MAX_STREAM_DATA recv
    * MINOR: mux-quic: complete traces for qcs emission
    * BUG/MEDIUM: mux-quic: release data from conn flow-control on qcs reset
    * BUG/MINOR: trace: fix hardcoded level for TRACE_PRINTF
    * BUG/MINOR: quic: ignore congestion window on probing for MUX wakeup
    * BUG/MINOR: quic: wake up MUX on probing only for 01RTT
    * BUG/MEDIUM: applet: only set appctx->sedesc on successful allocation
    * BUG/MEDIUM: mux-h1: properly destroy a partially allocated h1s
    * BUG/MINOR: stconn: fix sedesc memory leak on stream allocation failure
    * BUG/MEDIUM: stconn: don't set the type before allocation succeeds
    * BUG/MEDIUM: mux-h2: erase h2c->wait_event.tasklet on error path
    * BUG/MEDIUM: mux-h2: do not try to free an unallocated h2s->sd
    * BUG/MEDIUM: stream: do not try to free a failed stream-conn
    * BUG/MINOR: quic: Dysfunctional 01RTT packet number space probing
    * MINOR: quic: Stop stressing the acknowledgments process (RX ACK frames)
    * MINOR: proto_ux: ability to dump ABNS names in error messages
    * MEDIUM: proto_ux: properly suspend named UNIX listeners
    * BUG/MEDIUM: listener/proxy: fix listeners notify for proxy resume
    * MINOR: listener: pause_listener() becomes suspend_listener()
    * BUG/MEDIUM: resume from LI_ASSIGNED in default_resume_listener()
    * BUG/MINOR: listener: fix resume_listener() resume return value handling
    * BUG/MEDIUM: listener: fix pause_listener() suspend return value handling
    * MINOR: listener: make sure we don't pause/resume bypassed listeners
    * MINOR: listener: workaround for closing a tiny race between resume_listener() and stopping
    * MINOR: listener: add relax_listener() function
    * MINOR: listener/api: add lli hint to listener functions
    * MINOR: proto_uxst: add resume method
* Fri Mar 17 2023 [email protected]
  - Update to version 2.7.5+git0.8d230219e:
    * [RELEASE] Released version 2.7.5
    * OPTIM: mux-h1: limit first read size to avoid wrapping
    * BUG/MAJOR: qpack: fix possible read out of bounds in static table
    * BUG/MINOR: sock_unix: match finalname with tempname in sock_unix_addrcmp()
    * BUG/MINOR: protocol: fix minor memory leak in protocol_bind_all()
    * BUG/MINOR: proto_ux: report correct error when bind_listener fails
    * BUG/MEDIUM: spoe: Don't set the default traget for the SPOE agent frontend
    * BUG/MINOR: mux-h2: Fix possible null pointer deref on h2c in _h2_trace_header()
    * MEDIUM: mux-h2/trace: add tracing support for headers
    * MINOR: h2: add h2_phdr_to_ist() to make ISTs from pseudo headers
    * MEDIUM: bwlim: Support constants limit or period on set-bandwidth-limit actions
    * BUG/MEDIUM: listener: duplicate inherited FDs if needed
    * BUG/MINOR: quic: Missing STREAM frame data pointer updates
    * BUG/MINOR: mux-h2: set CO_SFL_STREAMER when sending lots of data
    * BUG/MEDIUM: mux-h2: only restart sending when mux buffer is decongested
    * MINOR: buffer: add br_single() to check if a buffer ring has more than one buf
    * BUG/MINOR: mux-h2: make sure the h2c task exists before refreshing it
    * BUG/MEDIUM: connection: Preserve flags when a conn is removed from an idle list
    * BUG/MINOR: quic: Missing STREAM frame length updates
    * BUG/MINOR: tcp_sample: fix a bug in fc_dst_port and fc_dst_is_local sample fetches
    * BUG/MEDIUM: mux-h1: Don't block SE_FL_ERROR if EOS is not reported on H1C
    * DEBUG: ssl-sock/show_fd: Display SSL error code
    * DEBUG: cli/show_fd: Display connection error code
    * BUG/MEDIUM: resolvers: Properly stop server resolutions on soft-stop
    * BUG/MEDIUM: proxy: properly stop backends on soft-stop
    * BUG/MINOR: mux-h1: Don't report an H1C error on client timeout
    * BUG/MEDIUM: mux-pt: Set EOS on error on sending path if read0 was received
* Sun Mar 12 2023 Marcus Rueckert <[email protected]>
  - switch to autopatch to simplify patch handling
* Sun Mar 12 2023 [email protected]
  - Update to version 2.7.4+git0.d28541d1f:
    * [RELEASE] Released version 2.7.4
    * DOC/CLEANUP: fix typos
    * MINOR: quic_sock: un-statify quic_conn_sock_fd_iocb()
    * BUG/MINOR: quic: Missing listener accept queue tasklet wakeups
    * BUG/MINOR: mworker: use MASTER_MAXCONN as default maxconn value
    * BUG/MAJOR: fd/threads: close a race on closing connections after takeover
    * BUG/MINOR: thread: report thread and group counts in the correct order
    * BUG/MINOR: init: properly detect NUMA bindings on large systems
    * MINOR: quic: Do not stress the peer during retransmissions of lost packets
    * MINOR: fd/cli: report the polling mask in "show fd"
    * BUG/MINOR: quic: Wrong RETIRE_CONNECTION_ID sequence number check
    * MEDIUM: quic: release closing connections on stopping
    * MINOR: quic: handle new closing list in show quic
    * MINOR: quic: create a global list dedicated for closing QUIC conns
    * MINOR: h3: add traces on h3_init_uni_stream() error paths
    * MINOR: quic: Add transport parameters to "show quic"
    * MINOR: quic: Add spin bit support
    * MINOR: quic: Useless TLS context allocations in qc_do_rm_hp()
    * MINOR: quic: RETIRE_CONNECTION_ID frame handling (RX)
    * MINOR: quic: Typo fix for ACK_ECN frame
    * MINOR: quic: Store the next connection IDs sequence number in the connection
    * MINOR: quic: Do not accept wrong active_connection_id_limit values
    * BUG/MINOR: mux-quic: properly init STREAM frame as not duplicated
    * BUG/MAJOR: fd/thread: fix race between updates and closing FD
    * BUG/MEDIUM: quic: do not crash when handling STREAM on released MUX
    * MINOR: quic: Send PING frames when probing Initial packet number space
    * BUG/MINOR: quic: Missing detections of amplification limit reached
    * BUG/MINOR: quic: Do not resend already acked frames
    * BUG/MINOR: quic: Ensure not to retransmit packets with no ack-eliciting frames
    * BUG/MINOR: quic: Remove force_ack for Initial,Handshake packets
    * MINOR: quic: Add traces about QUIC TLS key update
    * BUG/MINOR: quic: v2 Initial packets decryption failed
    * BUG/MINOR: quic: Ensure to be able to build datagrams to be retransmitted
    * MINOR: quic: Add a BUG_ON_HOT() call for too small datagrams
    * BUG/MINOR: quic: Do not send too small datagrams (with Initial packets)
    * BUG/MINOR: cli: fix CLI handler "set anon global-key" call
    * BUG/MEDIUM: quic: properly handle duplicated STREAM frames
    * BUG/MINOR: config: crt-list keywords mistaken for bind ssl keywords
    * MINOR: ssl: rename confusing ssl_bind_kws
    * BUG/MINOR: ssl: Use 'date' instead of 'now' in ocsp stapling callback
    * BUG/MINOR: mxu-h1: Report a parsing error on abort with pending data
    * BUG/MINOR: http-ana: Do a L7 retry on read error if there is no response
    * BUG/MINOR: http-ana: Don't increment conn_retries counter before the L7 retry
    * MINOR: quic: notify on send ready
    * MEDIUM: quic: implement poller subscribe on sendto error
    * MINOR: quic: purge txbuf before preparing new packets
    * MINOR: quic: implement qc_notify_send()
    * MINOR: quic: simplify return path in send functions
    * BUG/MINOR: http-check: Skip C-L header for empty body when it's not mandatory
    * BUG/MINOR: http-check: Don't set HTX_SL_F_BODYLESS flag with a log-format body
    * BUG/MINOR: mux-h1: Don't report an error on an early response close
    * BUG/MEDIUM: connection: Clear flags when a conn is removed from an idle list
    * MINOR: quic: consider EBADF as critical on send()
    * MEDIUM: quic: improve fatal error handling on send
    * CLEANUP: listener: only store conn counts for local threads
    * BUG/MEDIUM: fd: make fd_delete() support being called from a different group
    * BUG/MINOR: fd: used the update list from the fd's group instead of tgid
    * DOC: config: Clarify the meaning of 'hold' in the 'resolvers' section
    * BUG/MEDIUM: h1-htx: Never copy more than the max data allowed during parsing
    * BUG/MEDIUM: fd: avoid infinite loops in fd_add_to_fd_list and fd_rm_from_fd_list
    * BUILD: thead: Fix several 32 bits compilation issues with uint64_t variables
    * BUG/MINOR: ring: do not realign ring contents on resize
    * BUILD: quic: 32-bits compilation issue with %zu in quic_rx_pkts_del()
    * BUG/MINOR: cache: Check cache entry is complete in case of Vary
    * BUG/MINOR: cache: Cache response even if request has "no-cache" directive
    * REGTESTS: Fix ssl_errors.vtc script to wait for connections close
    * DOC: config: Add the missing tune.fail-alloc option from global listing
    * DOC: config: Fix description of options about HTTP connection modes
    * BUG/MEDIUM: quic: Missing TX buffer draining from qc_send_ppkts()
    * MINOR: mux-h2/traces: add a missing TRACE_LEAVE() in h2s_frt_handle_headers()
    * MINOR: mux-h2/traces: do not log h2s pointer for dummy streams
    * MEDIUM: quic: trigger fast connection closing on process stopping
    * MINOR: quic: mark quic-conn as jobs on socket allocation
    * MEDIUM: mux-quic: properly implement soft-stop
    * MINOR: mux-quic: implement client-fin timeout
    * MINOR: mux-quic: define qc_process()
    * MINOR: mux-quic: define qc_shutdown()
    * MEDIUM: h3: enforce GOAWAY by resetting higher unhandled stream
    * BUG/MINOR: h3: prevent hypothetical demux failure on int overflow
    * BUG/MINOR: quic: acknowledge STREAM frame even if MUX is released
    * BUG/MINOR: quic: also send RESET_STREAM if MUX released
    * MINOR: quic: adjust request reject when MUX is already freed
    * BUG/MINOR: quic: Missing padding for short packets
    * BUG/MINOR: quic: Do not drop too small datagrams with Initial packets
    * BUG/MINOR: quic: Wrong initialization for io_cb_wakeup boolean
    * BUG/MINOR: quic: Do not probe with too little Initial packets
    * MINOR: quic: Add <pto_count> to the traces
    * MINOR: quic: Add a trace to identify connections which sent Initial packet.
    * BUG/MINOR: quic: Missing call to task_queue() in qc_idle_timer_do_rearm()
    * MINOR: quic: Make qc_dgrams_retransmit() return a status.
    * MINOR: quic: Add traces to qc_kill_conn()
    * MINOR: quic: Kill the connections on ICMP (port unreachable) packet receipt
    * MINOR: quic: Simplication for qc_set_timer()
    * BUG/MINOR: quic: Really cancel the connection timer from qc_set_timer()
    * MINOR: quic: Move code to wakeup the timer task to avoid anti-amplication deadlock
    * MINOR: quic: Add new traces about by connection RX buffer handling
    * BUG/MINOR: quic: Possible unexpected counter incrementation on send*() errors
    * MINOR: h3: add traces on decode_qcs callback
    * BUG/MINOR: mworker: prevent incorrect values in uptime
    * BUG/MINOR: mux-quic: transfer FIN on empty STREAM frame
    * MINOR: h3/hq-interop: handle no data in decode_qcs() with FIN set
    * BUG/MEDIUM: sched: allow a bit more TASK_HEAVY to be processed when needed
    * BUG/MINOR: sched: properly report long_rq when tasks remain in the queue
    * BUG/MEDIUM: wdt: fix wrong thread being checked for sleeping
    * BUG/MEDIUM: stconn: Don't rearm the read expiration date if EOI was reached
    * BUG/MEDIUM: httpclient/lua: fix a race between lua GC and hlua_ctx_destroy
    * BUG/MINOR: lua/httpclient: missing free in hlua_httpclient_send()
    * MINOR: startup: HAPROXY_STARTUP_VERSION contains the version used to start
    * BUG/MEDIUM: mworker: don't register mworker_accept_wrapper() when master FD is wrong
    * BUG/MEDIUM: mworker: prevent inconsistent reload when upgrading from old versions
    * BUG/MINOR: mworker: stop doing strtok directly from the env
* Tue Feb 14 2023 [email protected]
  - Update to version 2.7.3+git0.1065b1000: (boo#1208132 CVE-2023-25725)
    * [RELEASE] Released version 2.7.3
    * BUG/CRITICAL: http: properly reject empty http header field names
    * BUG/MINOR: quic: Wrong datagram dispatch because of qc_check_dcid()
    * DOC: proxy-protocol: fix wrong byte in provided example
    * BUG/MEDIUM: quic: Buffer overflow when looking through QUIC CLI keyword list
    * BUG/MINOR: clock/stats: also use start_time not start_date in HTML info
    * BUG/MINOR: mworker: fix uptime for master process
    * BUG/MINOR: quic: fix type bug on "show quic" for 32-bits arch
    * BUG/MINOR: quic: fix filtering of closing connections on "show quic"
    * MINOR: quic: filter closing conn on "show quic"
    * MINOR: quic: display Tx stream info on "show quic"
    * MINOR: quic: display infos about various encryption level on "show quic"
    * MINOR: quic: display socket info on "show quic"
    * MINOR: quic: display CIDs and state in "show quic"
    * MINOR: quic: implement a basic "show quic" CLI handler
    * BUG/MEDIUM: quic: fix crash when "option nolinger" is set in the frontend
    * BUG/MEDIUM: stconn: Schedule a shutw on shutr if data must be sent first
    * BUG/MINOR: server/add: ensure minconn/maxconn consistency when adding server
    * MINOR: cfgparse/server: move (min/max)conn postparsing logic into dedicated function
    * BUG/MINOR: h3: fix crash due to h3 traces
    * DOC: config: 'http-send-name-header' option may be used in default section
    * DOC: config: fix option spop-check proxy compatibility
    * BUG/MEDIUM: cache: use the correct time reference when comparing dates
    * BUG/MINOR: clock: do not mix wall-clock and monotonic time in uptime calculation
    * BUG/MEDIUM: stick-table: do not leave entries in end of window during purge
    * BUG/MINOR: ssl/crt-list: warn when a line is malformated
    * MINOR: quic: Update version_information transport parameter to draft-14
    * BUG/MEDIUM: quic: do not split STREAM frames if no space
    * BUG/MINOR: quic: Unchecked source connection ID
    * MEDIUM: quic: Remove qc_conn_finalize() from the ClientHello TLS callbacks
    * BUG/MAJOR: quic: Possible crash when processing 1-RTT during 0-RTT session
    * MINOR: quic: When probing Handshake packet number space, also probe the Initial one
    * BUG/MINOR: quic: Do not ignore coalesced packets in qc_prep_fast_retrans()
    * MINOR: quic: Add a trace about variable states in qc_prep_fast_retrans()
    * BUG/MINOR: quic: Too big PTO during handshakes
    * BUG/MINOR: quic: Possible stream truncations under heavy loss
    * CLEANUP: quic: no need for atomics on packet refcnt
    * MINOR: quic: add config for retransmit limit
    * MEDIUM: quic: implement a retransmit limit per frame
    * MINOR: quic: refactor frame deallocation
    * MINOR: quic: define new functions for frame alloc
    * MINOR: quic: ensure offset is properly set for STREAM frames
    * MINOR: quic: remove fin from quic_stream frame type
    * BUG/MINOR: stats: Prevent HTTP "other sessions" counter underflows
    * MINOR: stats: add by HTTP version cumulated number of sessions and requests
    * BUG/MINOR: stats: fix STAT_STARTED behavior with full htx
    * BUG/MINOR: stats: fix show stats field ctx for servers
    * BUG/MINOR: stats: fix ctx->field update in stats_dump_proxy_to_buffer()
    * BUG/MEDIUM: stats: fix resolvers dump
    * BUG/MINOR: stats: fix source buffer size for http dump
    * BUG/MINOR: stats: use proper buffer size for http dump
    * BUG/MINOR: h3: fix crash due to h3 traces
    * BUG/MEDIUM: ssl: wrong eviction from the session cache tree
    * MINOR: h3: add missing traces on closure
    * BUG/MINOR: h3: reject RESET_STREAM received for control stream
    * BUG/MEDIUM: h3: handle STOP_SENDING on control stream
    * MINOR: mux-quic/h3: define stream close callback
    * OPTIM: h3: skip buf realign if no trailer to encode
    * BUG/MEDIUM: h3: do not crash if no buf space for trailers
    * BUG/MINOR: fcgi-app: prevent 'use-fcgi-app' in default section
    * MINOR: trace: add the long awaited TRACE_PRINTF()
    * MINOR: trace: add a trace_no_cb() dummy callback for when to use no callback
    * MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active
    * DEV: hpack: fix `trash` build regression
    * BUG/MINOR: sink: free the forwarding task on exit
    * BUG/MINOR: ring: release the backing store name on exit
    * BUG/MINOR: log: release global log servers on exit
    * BUG/MEDIUM: hpack: fix incorrect huffman decoding of some control chars
    * BUG/MEDIUM: mux-quic: fix crash on H3 SETTINGS emission
    * BUG/MINOR: h3: fix GOAWAY emission
    * MINOR: mux-quic/h3: send SETTINGS as soon as transport is ready
    * MINOR: connection: add a BUG_ON() to detect destroying connection in idle list
    * DEV: haring: add a new option "-r" to automatically repair broken files
    * BUG/MINOR: sink: make sure to always properly unmap a file-backed ring
    * MEDIUM: quic-sock: fix udp source address for send on listener socket
    * BUG/MINOR: quic: Do not request h3 clients to close its unidirection streams
    * BUG/MINOR: jwt: Wrong return value checked
* Tue Feb 14 2023 [email protected]
  - Update to version 2.7.2+git0.7e295dd2c:
    * [RELEASE] Released version 2.7.2
    * BUILD: hpack: include global.h for the trash that is needed in debug mode
    * BUG/MINOR: mux-h2: add missing traces on failed headers decoding
    * BUG/MINOR: mux-h2: make sure to produce a log on invalid requests
    * MINOR: h3: implement TRAILERS decoding
    * MINOR: h3: implement TRAILERS encoding
    * MINOR: h3: extend function for QUIC varint encoding
    * BUG/MINOR: h3: properly handle connection headers
    * BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions
    * BUG/MINOR: bwlim: Check scope for period expr for set-bandwitdh-limit actions
    * BUG/MEDIUM: debug/thread: make the debug handler not wait for !rdv_requests
    * MINOR: threads: add a thread_harmless_end() version that doesn't wait
    * BUG/MINOR: thread: always reload threads_enabled in loops
    * BUG/MEDIUM: fd/threads: fix again incorrect thread selection in wakeup broadcast
    * BUG/MINOR: listener: close tiny race between resume_listener() and stopping
    * BUG/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 (missing ECDSA_SIG_set0)
    * BUG/MEDIUM: jwt: Properly process ecdsa signatures (concatenated R and S params)
    * DOC: config: fix "Address formats" chapter syntax
    * BUG/MINOR: mux-fcgi: Correctly set pathinfo
    * MINOR: quic: Replace v2 draft definitions by those of the final 2 version
    * MINOR: sample: Add "quic_enabled" sample fetch
    * MINOR: quic: Add "no-quic" global option
    * MINOR: quic: Disable the active connection migrations
    * MINOR: quic: Useless test about datagram destination addresses
    * BUG/MEDIUM: stconn: also consider SE_FL_EOI to switch to SE_FL_ERROR
    * CLEANUP: stconn: always use se_fl_set_error() to set the pending error
    * MINOR: listener: also support "quic+" as an address prefix
    * DOC: config: mention the missing "quic4@" and "quic6@" in protocol prefixes
    * DOC: config: fix aliases for protocol prefixes "udp4@" and "udp6@"
    * DOC: config: fix wrong section number for "protocol prefixes"
    * BUG/MINOR: listeners: fix suspend/resume of inherited FDs
    * BUG/MINOR: http-ana: make set-status also update txn->status
    * BUG/MEDIUM: mux-h2: Don't send CANCEL on shutw when response length is unkown
    * BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state
    * BUG/MINOR: http-ana: Report SF_FINST_R flag on error waiting the request body
    * BUG/MINOR: promex: Don't forget to consume the request on error
    * BUG/MEDIUM: peers: make "show peers" more careful about partial initialization
    * DEV: tcploop: add minimal support for unix sockets
    * BUG/MINOR: resolvers: Wait the resolution execution for a do_resolv action
    * BUG/MINOR: hlua: Fix Channel.line and Channel.data behavior regarding the doc
    * BUG/MINOR: h1-htx: Remove flags about protocol upgrade on non-101 responses
    * MINOR: mux-quic: use send-list for immediate sending retry
    * MINOR: mux-quic: use send-list for STOP_SENDING/RESET_STREAM emission
    * MEDIUM: h3: send SETTINGS before STREAM frames
    * MAJOR: mux-quic: rework stream sending priorization
    * MINOR: mux-quic: add traces for flow-control limit reach
    * BUG/MINOR: mux-quic: fix transfer of empty HTTP response
    * DOC: management: add details about @system-ca in "show ssl ca-file"
    * DOC: management: add details on "Used" status
    * DOC: config: added optional rst-ttl argument to silent-drop in action lists
    * CLEANUP: htx: fix a typo in an error message of http_str_to_htx
    * BUG/MINOR: http: Memory leak of http redirect rules' format string
    * BUG/MINOR: fd: avoid bad tgid assertion in fd_delete() from deinit()
    * REGTEST: fix the race conditions in hmac.vtc
    * REGTEST: fix the race conditions in digest.vtc
    * REGTEST: fix the race conditions in add_item.vtc
    * REGTEST: fix the race conditions in json_query.vtc
    * BUG/MINOR: proxy: free orgto_hdr_name in free_proxy()
    * DOC: config: remove duplicated "http-response sc-set-gpt0" directive
    * DOC: config: fix alphabetical ordering of http-after-response rules
    * BUG/MAJOR: buf: Fix copy of wrapping output data when a buffer is realigned
    * BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set
    * MINOR: config: add environment variables for default log format
    * CI: Reformat `matrix.py` using `black`
    * CI: Explicitly check environment variable against `None` in matrix.py
    * CI: Unify the `GITHUB_TOKEN` name across matrix.py and vtest.yml
    * CI: Use proper `if` blocks instead of conditional expressions in matrix.py
    * CI: Add in-memory cache for the latest OpenSSL/LibreSSL
    * CI: Improve headline in matrix.py
    * BUG/MINOR: stick-table: report the correct action name in error message
    * MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn()
    * BUG/MINOR: debug: don't mask the TH_FL_STUCK flag before dumping threads
    * BUILD: makefile: make sure to also ignore SSL_INC when using wolfssl
    * BUILD: makefile: clean the wolfssl include and lib generation rules
    * BUILD: makefile: sort the features list
    * BUILD: makefile: build the features list dynamically
    * CI: github: use the GITHUB_TOKEN instead of a manually generated token
    * BUG/MINOR: mux-quic: ignore remote unidirectional stream close
    * CI: github: enable github api authentication for OpenSSL tags read
    * MINOR: h3: use stream error when needed instead of connection
    * MEDIUM: mux-quic: implement STOP_SENDING emission
    * MINOR: mux-quic: handle RESET_STREAM reception
    * MINOR: mux-quic: do not count stream flow-control if already closed
    * MEDIUM: mux-quic: implement shutw
    * MINOR: httpclient: don't add body when istlen is empty
    * BUG/MINOR: pool/stats: Use ullong to report total pool usage in bytes in stats
    * BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
    * BUG/MINOR: quic: do not allocate more rxbufs than necessary
    * BUG/MEDIUM: quic: properly take shards into account on bind lines
    * BUG/MEDIUM: mux-quic: fix double delete from qcc.opening_list
    * REGTESTS: ssl: enable the ssl_reuse.vtc test for WolfSSL
    * OPTIM: pool: split the read_mostly from read_write parts in pool_head
* Sun Dec 25 2022 [email protected]
  - Update to version 2.7.1+git0.3e4af0ed7:
    * [RELEASE] Released version 2.7.1
    * BUG/MEDIUM: stats: Rely on a local trash buffer to dump the stats
    * BUG/MINOR:: mux-h1: Never handle error at mux level for running connection
    * BUG/MINOR: mux-h1: Report EOS on parsing/internal error for not running stream
    * BUG/MEDIUM: tests: use tmpdir to create UNIX socket
    * REGTESTS: startup: disable automatic_maxconn.vtc
    * BUG/MINOR: quic: fix crash on PTO rearm if anti-amplification reset
    * BUG/MINOR: stats: fix show stat json buffer limitation
    * MINOR: stats: introduce stats field ctx
    * MINOR: stats: provide ctx for dumping functions
    * BUG/MINOR: ssl: Fix memory leak of find_chain in ssl_sock_load_cert_chain
    * MINOR: h3: check return values of htx_add_* on headers parsing
    * BUG/MINOR: h3: fix memleak on HEADERS parsing failure
    * BUG/MEDIUM: h3: fix cookie header parsing
    * BUG/MINOR: mux-h1: Fix test instead a BUG_ON() in h1_send_error()
    * BUG/MEDIUM: mux-h1: Don't release H1 stream upgraded from TCP on error
    * LICENSE: wurfl: clarify the dummy library license.
    * BUG/MINOR: mux-quic: handle properly alloc error in qcs_new()
    * BUG/MINOR: mux-quic: remove qcs from opening-list on free
    * CLEANUP: mux-quic: remove unused attribute on qcs_is_close_remote()
    * BUG/MINOR: quic: handle alloc failure on qc_new_conn() for owned socket
    * BUG/MINOR: quic: properly handle alloc failure in qc_new_conn()
    * BUG/MINOR: quic: fix fd leak on startup check quic-conn owned socket
    * MINOR: quic: reconnect quic-conn socket on address migration
    * MEDIUM: quic: requeue datagrams received on wrong socket
    * MINOR: mux-quic: rename duplicate function names
    * MEDIUM: quic: move receive out of FD handler to quic-conn io-cb
    * MEDIUM: quic: use quic-conn socket for reception
    * MINOR: quic: use connection socket for emission
    * MINOR: quic: allocate a socket per quic-conn
    * MINOR: quic: define config option for socket per conn
    * MINOR: quic: test IP_PKTINFO support for quic-conn owned socket
    * MINOR: quic: startup detect for quic-conn owned socket support
    * MINOR: quic: ignore address migration during handshake
    * MINOR: quic: detect connection migration
    * MINOR: tools: add port for ipcmp as optional criteria
    * MINOR: quic: extract datagram parsing code
    * MINOR: quic: complete traces in qc_rx_pkt_handle()
    * MINOR: quic: remove qc from quic_rx_packet
    * BUILD: peers: peers-t.h depends on stick-table-t.h
    * CI: github: split matrix for development and stable branches
    * CI: github: remove redundant ASAN loop
    * MINOR: debug: add a balance of alloc - free at the end of the memstats dump
    * MINOR: debug: support pool filtering on "debug dev memstats"
    * BUG/MEDIUM: h3: parse content-length and reject invalid messages
    * MINOR: http: extract content-length parsing from H2
    * BUG/MEDIUM: h3: reject request with invalid pseudo header
    * BUG/MEDIUM: h3: reject request with invalid header name
    * REGTESTS: startup: add alternatives values in automatic_maxconn.vtc
    * BUG/MEDIUM: resolvers: Use tick_first() to update the resolvers task timeout
    * BUG/MEDIUM: freq-ctr: Don't compute overshoot value for empty counters
    * CLEANUP: ssl: remove check on srv->proxy
    * REGTESTS: startup: activate automatic_maxconn.vtc
    * CI: github: set ulimit -n to a greater value
    * REGTESTS: startup: change the expected maxconn to 11000
    * BUG/MINOR: startup: don't use internal proxies to compute the maxconn
    * REGTESTS: startup: check maxconn computation
    * REGTESTS: fix the race conditions in iff.vtc
    * BUG/MAJOR: fcgi: Fix uninitialized reserved bytes
    * DOC: promex: Add missing backend metrics
    * MINOR: promex: introduce haproxy_backend_agg_check_status
    * BUG/MINOR: promex: create haproxy_backend_agg_server_status
    * MINOR: pools: make DEBUG_UAF a runtime setting
    * DEBUG: pool: show a few examples in -dMhelp
    * CLEANUP: pools: get rid of CONFIG_HAP_POOLS
    * REORG: pool: move all the OS specific code to pool-os.h
    * CLEANUP: pool: only include pool-os from pool.c not pool.h
    * CLEANUP: pools: move the write before free to the uaf-only function
    * BUG/MEDIUM: httpclient/lua: double LIST_DELETE on end of lua task
    * BUILD: makefile/da: also clean Os/ in Device Atlas dummy lib dir
    * BUILD: atomic: atomic.h may need compiler.h on ARMv8.2-a
    * BUG/MINOR: init/threads: continue to limit default thread count to max per group
    * BUG/MINOR: checks: restore legacy on-error fastinter behavior
    * BUG/MEDIUM: mworker: create the mcli_reload socketpairs in case of upgrade
    * BUG/MEDIUM: mworker: fix segv in early failure of mworker mode with peers
    * MINOR: mworker: display an alert upon a wait-mode exit
    * BUG/MINOR: checks: make sure fastinter is used even on forced transitions
    * BUG/MEDIUM: checks: do not reschedule a possibly running task on state change
    * CI: github: split ssl lib selection based on git branch
    * CI: github: reintroduce openssl 1.1.1
    * BUG/MEDIIM: stconn: Flush output data before forwarding close to write side
    * BUG/MINOR: ssl: initialize WolfSSL before parsing
    * BUG/MINOR: ssl: initialize SSL error before parsing
* Thu Dec 01 2022 [email protected]
  - Update to version 2.7.0+git0.437fd289f:
    https://www.haproxy.com/blog/announcing-haproxy-2-7/
    https://www.mail-archive.com/[email protected]/msg42914.html
* Tue Nov 22 2022 Marcus Rueckert <[email protected]>
  - reenable the pcre jit after the last change
* Fri Oct 14 2022 Stephan Kulow <[email protected]>
  - Switch from unmaintained pcre 8.45 to pcre2 10
* Mon Sep 26 2022 [email protected]
  - Update to version 2.6.6+git0.274d1a4df:
    * [RELEASE] Released version 2.6.6
    * BUG/MINOR: log: improper behavior when escaping log data
    * REGTESTS: ssl: fix grep invocation to use extended regex in ssl_generate_certificate.vtc
    * REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
    * REGTESTS: ssl: adopt tests to OpenSSL-3.0.N
    * BUG/MEDIUM: mux-quic: properly trim HTX buffer on snd_buf reset
    * MINOR: mux-quic: refactor snd_buf
    * REORG: mux-quic: export HTTP related function in a dedicated file
    * REORG: mux-quic: extract traces in a dedicated source file
    * BUG/MINOR: mux-quic: do not keep detached qcs with empty Tx buffers
    * BUG/MEDIUM: mux-quic: fix nb_hreq decrement
    * SCRIPTS: announce-release: update some URLs to https
    * BUILD: fd: fix a build warning on the DWCAS
    * BUG/MEDIUM: captures: free() an error capture out of the proxy lock
    * CLEANUP: quic,ssl: fix tiny typos in C comments
    * BUG/MEDIUM: server: segv when adding server with hostname from CLI
    * BUG/MINOR: mux-quic: do not remotely close stream too early
    * CLEANUP: mux-quic: remove stconn usage in h3/hq
    * BUG/MEDIUM: mux-quic: fix crash on early app-ops release
    * MEDIUM: quic: separate path for rx and tx with set_encryption_secrets
    * DOC: fix TOC in starter guide for subsection 3.3.8. Statistics
    * REGTESTS: ssl/log: test the log-forward with SSL
    * BUG/MEDIUM: sink: bad init sequence on tcp sink from a ring.
    * REGTESTS: log: test the log-forward feature
    * BUG/MINOR: listener: null pointer dereference suspected by coverity
    * CLEANUP: listener: function comment typo in stop_listener()
    * REGTESTS: healthcheckmail: Relax matching on the healthcheck log message
    * BUG/MINOR: mux-h1: Increment open_streams counter when H1 stream is created
    * CLEANUP: pollers: remove dead code in the polling loop
    * BUG/MINOR: stats: fixing stat shows disabled frontend status as 'OPEN'
    * MINOR: proxy/listener: support for additional PAUSED state
    * MINOR: listener: small API change
    * BUG/MEDIUM: proxy: ensure pause_proxy() and resume_proxy() own PROXY_LOCK
    * DEV: flags: add missing CO_FL_FDLESS connection flag
    * DEV: flags: fix usage message to reflect available options
    * CI: cirrus-ci: bump FreeBSD image to 13-1
    * BUG/MINOR: signals/poller: ensure wakeup from signals
    * MINOR: h3: Send the h3 settings with others streams (requests)
    * MINOR: h3: Missing connection argument for a TRACE_LEAVE() argument
    * MINOR: h3: Add the quic_conn object to h3 traces
    * BUG/MINOR: h3: Crash when h3 trace verbosity is "minimal"
    * BUG/MINOR: quic: Trace fix about packet number space information.
    * BUG/MINOR: quic: Speed up the handshake completion only one time
    * BUG/MINOR: signals/poller: set the poller timeout to 0 when there are signals
    * BUG/MINOR: stream/sched: take into account CPU profiling for the last call
    * MINOR: sched: store the current profile entry in the thread context
    * BUG/MINOR: sched: properly account for the CPU time of dying tasks
    * BUG/MINOR: task: Fix detection of tasks profiling in tasklet_wakeup_after()
    * CLEANUP: task: rename ->call_date to ->wake_date
    * MINOR: task: permanently enable latency measurement on tasklets
    * BUG/MINOR: task: make task_instant_wakeup() work on a task not a tasklet
    * BUG/MINOR: task: always reset a new tasklet's call date
    * BUG/MINOR: quic: Wrong connection ID to thread ID association
    * MINOR: quic: No TRACE_LEAVE() in retrieve_qc_conn_from_cid()
    * MINOR: quic: Add traces about sent or resent TX frames
    * MINOR: quic: add QUIC support when no client_hello_cb
    * BUILD: quic: fix the #ifdef in ssl_quic_initial_ctx()
    * BUILD: ssl: fix the ifdef mess in ssl_sock_initial_ctx
    * BUILD: quic: enable early data only with >= openssl 1.1.1
    * BUILD: quic: temporarly ignore chacha20_poly1305 for libressl
    * BUILD: ssl: fix ssl_sock_switchtx_cbk when no client_hello_cb
    * BUILD: quic: add some ifdef around the SSL_ERROR_* for libressl
    * BUG/MINOR: quic: Possible crash when verifying certificates
    * BUG/MINOR: h1: Support headers case adjustment for TCP proxies
    * BUG/MINOR: quic: Possible crash with "tls-ticket-keys" on QUIC bind lines
    * BUG/MINOR: quic: Retransmitted frames marked as acknowledged
    * BUILD: makefile: enable crypt(3) for NetBSD
    * MINOR: Revert part of clarifying samples support per os commit
    * MEDIUM: peers: limit the number of updates sent at once
* Sat Sep 17 2022 [email protected]
  - Update to version 2.6.5+git0.987a4e248:
    * [RELEASE] Released version 2.6.5
    * BUG/MINOR: http-act: initialize http fmt head earlier
    * MINOR: debug: report applet pointer and handler in crashes when known
    * DEBUG: stream: minor rearrangement of a few fields in struct stream.
    * BUG/MINOR: mux-fcgi: fix the "show fd" dest buffer for the subscriber
    * BUG/MINOR: mux-h1: fix the "show fd" dest buffer for the subscriber
    * BUG/MINOR: mux-h2: fix the "show fd" dest buffer for the subscriber
    * BUG/MINOR: httpclient: keep-alive was accidentely disabled
    * BUG/MEDIUM: httpclient: always detach the caller before self-killing
    * BUG/MINOR: h2: properly set the direction flag on HTX response
    * BUG/MINOR: quic: Frames leak during retransmissions
    * MINOR: quic: Trace typo fix in qc_release_frm()
    * MINOR: quic: Add TX frames addresses to traces to several trace events
    * BUG/MINOR: quic: Do not ack when probing
    * MINOR: backend: always satisfy the first req reuse rule with l7 retries
    * BUG/MEDIUM: mux-h1: always use RST to kill idle connections in pools
    * REGTESTS: http_request_buffer: Add a barrier to not mix up log messages
    * BUG/MINOR: regex: Properly handle PCRE2 lib compiled without JIT support
    * BUILD: debug: make sure debug macros are never empty
    * CLEANUP: exclude haring with .gitignore
    * DEV: haring: support remapping LF in contents with CR VT
    * DEV: haring: add a simple utility to read file-backed rings
    * MINOR: sink/ring: rotate non-empty file-backed contents only
    * MINOR: ring: archive a previous file-backed ring on startup
    * BUILD: sink: replace S_IRUSR, S_IWUSR with their octal value
    * MINOR: ring: add support for a backing-file
    * MINOR: ring: support creating a ring from a linear area
    * BUILD: ring: forward-declare struct appctx to avoid a build warning
    * BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free() v2
    * BUG/MINOR: quic: TX frames memleak
    * MINOR: quic: Move traces about RX/TX bytes from QUIC_EV_CONN_PRSAFRM event
    * MINOR: quic: Add a trace to distinguish the datagram from the packets inside
    * BUG/MINOR: quic: Missing header protection AES cipher context initialisations (draft-v2)
    * BUG/MINOR: quic: Frames added to packets even if not built.
    * BUG/MINOR: quic: Null packet dereferencing from qc_dup_pkt_frms() trace
    * Revert "MINOR: quic: Remove useless traces about references to TX packets"
    * MINOR: quic: Remove useless traces about references to TX packets
    * CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
    * CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
    * BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
    * BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
    * Revert "BUG/MINOR: quix: Memleak for non in flight TX packets"
    * MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
    * BUG/MINOR: quic: Safer QUIC frame builders
    * BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
    * BUG/MINOR: quix: Memleak for non in flight TX packets
    * BUG/MINOR: mux-quic: Fix memleak on QUIC stream buffer for unacknowledged data
    * MINOR: quic: Add reusable cipher contexts for header protection
    * MINOR: quic: Trace fix in qc_release_frm()
    * MINOR: quic: Add the QUIC connection to mux traces
    * BUG/MINOR: quic: Wrong splitted duplicated frames handling
    * MINOR: quic: Add frame addresses to QUIC_EV_CONN_PRSAFRM event traces
    * BUG/MINOR: quic: Possible crashes when dereferencing ->pkt quic_frame struct member
    * MEDIUM: h3: concatenate multiple cookie headers
    * REGTESTS: add test for HTTP/2 cookies concatenation
    * REORG: h2: extract cookies concat function in http_htx
    * BUG/MEDIUM: quic: fix crash on MUX send notification
    * BUG/MINOR: quic: Missing initializations for ducplicated frames.
    * BUG/MINOR: quic: do not notify MUX on frame retransmit
    * MINOR: quic: refactor application send
    * MINOR: mux-quic: add missing args on some traces
    * MINOR: mux-quic: adjust traces on stream init
    * BUG/MEDIUM: mux-quic: reject uni stream ID exceeding flow control
    * MINOR: qpack: report error on enc/dec stream close
    * MINOR: h3: report error on control stream close
    * MINOR: quic: adjust quic_frame flag manipulation
    * BUG/MINOR: quic: Wrong status returned by qc_pkt_decrypt()
    * BUG/MINOR: quic: MIssing check when building TX packets
    * BUG/MINOR: mux-quic: fix crash with traces in qc_detach()
    * BUG/MEDIUM: quic: Wrong use of <token_odcid> in qc_lsntr_pkt_rcv()
    * BUG/MEDIUM: quic: Possible use of uninitialized <odcid> variable in qc_lstnr_params_init()
    * BUG/MEDIUM: mux-quic: fix crash due to invalid trace arg
    * MINOR: mux-quic: define new traces
    * CLEANUP: mux-quic: adjust traces level
    * MINOR: mux-quic: define protocol error traces
    * MINOR: mux-quic: adjust enter/leave traces
    * CLEANUP: quic: Remove trailing spaces
    * MINOR: quic: Remove useless lock for RX packets
    * MEDIUM: quic: xprt traces rework
    * BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level
    * BUG/MINOR: mux-quic: open stream on STOP_SENDING
    * MINOR: quic: skip sending if no frame to send in io-cb
    * MINOR: quic: refactor datagram commit in Tx buffer
    * MINOR: quic: release Tx buffer on each send
    * MINOR: quic: replace custom buf on Tx by default struct buffer
    * MINOR: quic: Replace pool_zalloc() by pool_malloc() for fake datagrams
    * BUG/MINOR: quic: adjust errno handling on sendto
    * MINOR: quic: Add two new stats counters for sendto() errors
    * MEDIUM: mux-quic: implement http-request timeout
    * MINOR: mux-quic: refactor refresh timeout function
    * MINOR: mux-quic: refresh timeout on frame decoding
    * MINOR: h3: support HTTP request framing state
    * MEDIUM: mux-quic: implement http-keep-alive timeout
    * MINOR: mux-quic: count in-progress requests
    * MEDIUM: mux-quic: adjust timeout refresh
    * MINOR: mux-quic: use timeout server for backend conns
    * MINOR: mux-quic: save proxy instance into qcc
    * MINOR: h3: implement graceful shutdown with GOAWAY
    * MINOR: h3: store control stream in h3c
    * MINOR: mux-quic: send one last time before release
    * CLEANUP: mux-quic: move qc_release()
    * MEDIUM: quic: send CONNECTION_CLOSE on released MUX
    * MINOR: mux-quic/h3: prepare CONNECTION_CLOSE on release
    * MINOR: mux-quic: support app graceful shutdown
    * MINOR: quic: define a generic QUIC error type
    * CLEANUP: quic: clean up include on quic_frame-t.h
    * MEDIUM: mux-quic: implement STOP_SENDING handling
    * MEDIUM: mux-quic: implement RESET_STREAM emission
    * MINOR: mux-quic: use stream states to mark as detached
    * MINOR: mux-quic: define basic stream states
    * MINOR: mux-quic: support stream opening via MAX_STREAM_DATA
    * MINOR: mux-quic: do not ack STREAM frames on unrecoverable error
    * MINOR: mux-quic: filter send/receive-only streams on frame parsing
    * MINOR: mux-quic: implement qcs_alert()
    * MINOR: mux-quic: add traces on frame parsing functions
    * MINOR: mux-quic: rename stream purge function
    * REORG: mux-quic: rename stream initialization function
    * MINOR: mux-quic: emit FINAL_SIZE_ERROR on invalid STREAM size
    * MINOR: mux-quic: rename qcs flag FIN_RECV to SIZE_KNOWN
    * MEDIUM: mux-quic: refactor streams opening
    * MINOR: mux-quic: implement accessor for sedesc
    * REORG: mux-quic: reorganize flow-control fields
    * CLEANUP: mux-quic: do not export qc_get_ncbuf
    * CLEANUP: mux-quic: adjust comment on qcs_consume()
    * BUG/MINOR: qpack: abort on dynamic index field line decoding
    * BUG/MINOR: qpack: fix build with QPACK_DEBUG
    * CLEANUP: pool/quic: remove suffix "_pool" from certain pool names
    * MINOR: quic: Dump version_information transport parameter
    * BUG/MINOR: qpack: abort on dynamic index field line decoding
    * BUILD: quic: Wrong HKDF label constant variable initializations
    * CLEANUP: quic: Remove any reference to boringssl
    * MEDIUM: quic: Compatible version negotiation implementation (draft-08)
    * MINOR: quic: Released QUIC TLS extension for QUIC v2 draft
    * MEDIUM: quic: Add QUIC v2 draft support
    * CLEANUP: quid: QUIC draft-28 no more supported
    * MINOR: quic: Parse long packet version from qc_parse_hd_form()
    * MINOR: quic: Add several nonce and key definitions for Retry tag
    * MINOR: qpack: improve decoding function
    * MINOR: qpack: add ABORT_NOW on unimplemented decoding
    * MINOR: qpack: reduce dependencies on other modules
    * CLEANUP: quic: use task_new_on() for single-threaded tasks
    * MINOR: mux-quic: complete BUG_ON on TX flow-control enforcing
    * BUG/MEDIUM: h3: fix SETTINGS parsing
    * BUG/MINOR: h3: fix incorrect BUG_ON assert on SETTINGS parsing
    * BUG/MINOR: h3: fix return value on decode_qcs on error
    * MINOR: mux-quic/h3: adjust demuxing function return values
    * MINOR: mux-quic: simplify decode_qcs API
    * CLEANUP: Re-apply xalloc_size.cocci (2)
    * MINOR: connection: support HTTP/3.0 for smp_*_http_major fetch
    * BUG/MINOR: dev/udp: properly preset the rx address size
    * BUG/MEDIUM: mux-h1: do not refrain from signaling errors after end of input
    * BUG/MINOR: ssl: revert two wrong fixes with ckhi_link
    * MINOR: quic: Revert recent QUIC commits
    * BUG/MEDIUM: ssl: Fix a UAF when old ckch instances are released
    * BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
    * BUG/MINOR: ssl: fix deinit of the ca-file tree
    * BUG/MINOR: tcpcheck: Disable QUICKACK for default tcp-check (with no rule)
    * MINOR: quic: Add a trace to distinguish the datagram from the packets inside
    * BUG/MINOR: applet: make the call_rate only count the no-progress calls
    * BUG/MEDIUM: applet: fix incorrect check for abnormal return condition from handler
    * MINOR: quic: Replace MT_LISTs by LISTs for RX packets.
    * BUG/MINOR: hlua: Rely on CF_EOI to detect end of message in HTTP applets
    * BUG/MEDIUM: peers: Don't start resync on reload if local peer is not up-to-date
    * BUG/MEDIUM: peers: Don't use resync timer when local resync is in progress
    * BUG/MEDIUM: peers: Add connect and server timeut to peers proxy
    * BUG/MEDIUM: spoe: Properly update streams waiting for a ACK in async mode
    * BUG/MINOR: quic: Frames added to packets even if not built.
    * DOC: configuration.txt: do-resolve must use host_only to remove its port.
    * BUG/MINOR: httpclient: fix resolution with port
    * MINOR: sample: add the host_only and port_only converters
    * DOC: configuration: do-resolve doesn't work with a port in the string
    * CLEANUP: quic: Remove a useless check in qc_lstnr_pkt_rcv()
    * CLEANUP: quic: No more use ->rx_list MT_LIST entry point (quic_rx_packet)
    * BUG/MINOR: quic: Stalled connections (missing I/O handler wakeup)
    * BUG/MINOR: quic: Leak in qc_release_lost_pkts() for non in flight TX packets
    * MINOR: resolvers: shut the warning when "default" resolvers is implicit
    * REGTESTS: Fix prometheus script to perform HTTP health-checks
    * BUG/MINOR: tcpcheck: Disable QUICKACK only if data should be sent after connect
    * BUG/MINOR: mworker: does not create the "default" resolvers in wait mode
    * BUG/MINOR: resolvers: return the correct value in resolvers_finalize_config()
    * BUILD: tcp_sample: fix build of get_tcp_info() on OpenBSD
    * BUG/MINOR: quic: Safer QUIC frame builders
    * BUG/MINOR: quic: Wrong list_for_each_entry() use when building packets from qc_do_build_pkt()
* Mon Aug 22 2022 [email protected]
  - Update to version 2.6.4+git0.2a2078cba:
    * [RELEASE] Released version 2.6.4
    * BUG/MAJOR: mworker: fix infinite loop on master with no proxies.
    * BUG/MINOR: ssl/cli: error when the ca-file is empty
* Fri Aug 19 2022 [email protected]
  - Update to version 2.6.3+git0.76f187b36:
    * [RELEASE] Released version 2.6.3
    * BUG/MAJOR: log-forward: Fix ssl layer not initialized on bind even if configured
    * BUG/MAJOR: log-forward: Fix log-forward proxies not fully initialized
    * BUG/MEDIUM: mux-h2: do not fiddle with ->dsi to indicate demux is idle
    * BUG/MEDIUM: cli: always reset the service context between commands
    * MINOR: applet: add a function to reset the svcctx of an applet
    * BUG/MEDIUM: http-ana: fix crash or wrong header deletion by http-restrict-req-hdr-names
    * MINOR: stick-table: Add table_expire() and table_idle() new converters
    * BUG/MINOR: quic: memleak on wrong datagram receipt
    * BUG/MEDIUM: ring: fix too lax 'size' parser
    * BUG/MINOR: quic: Possible infinite loop in quic_build_post_handshake_frames()
    * BUILD: debug: silence warning on gcc-5
    * BUILD: stconn: fix build warning at -O3 about possible null sc
    * BUG/MEDIUM: task: relax one thread consistency check in task_unlink_wq()
    * BUG/MEDIUM: poller: use fd_delete() to release the poller pipes
    * BUG/MEDIUM: quic: always remove the connection from the accept list on close
    * CLEANUP: mux-quic: remove loop on sending frames
    * BUG/MEDIUM: quic: Missing AEAD TAG check after removing header protection
    * MINOR: quic: Too much useless traces in qc_build_frms()
    * BUG/MEDIUM: quic: Wrong packet length check in qc_do_rm_hp()
    * BUILD: cfgparse: always defined _GNU_SOURCE for sched.h and crypt.h
    * CLEANUP: assorted typo fixes in the code and comments
    * BUG/MEDIUM: quic: break out of the loop in quic_lstnr_dghdlr
    * MINOR: quic: explicitely ignore sendto error
    * BUG/MINOR: quic: Missing Initial packet dropping case
    * BUG/MINOR: quic: do not reject datagrams matching minimum permitted size
    * BUG/MINOR: sink: fix a race condition between the writer and the reader
    * BUG/MEDIUM: sink: Set the sink ref for forwarders created during ring parsing
    * BUG/MINOR: ring/cli: fix a race condition between the writer and the reader
    * BUG/MINOR: quic: Avoid sending truncated datagrams
    * BUILD: http: silence an uninitialized warning affecting gcc-5
    * BUG/MEDIUM: quic: Floating point exception in cubic_root()
    * BUG/MINOR: quic: Missing in flight ack eliciting packet counter decrement
    * MINOR: peers: Add a warning about incompatible SSL config for the local peer
    * BUG/MEDIUM: proxy: Perform a custom copy for default server settings
    * REORG: server: Export srv_settings_cpy() function
    * MINOR: server: Constify source server to copy its settings
    * BUG/MINOR: backend: Don't increment conn_retries counter too early
    * BUG/MEDIUM: dns: Properly initialize new DNS session
    * BUG/MINOR: peers: Use right channel flag to consider the peer as connected
    * BUG/MEDIUM: peers: limit reconnect attempts of the old process on reload
    * MINOR: peers: Use a dedicated reconnect timeout when stopping the local peer
    * BUG/MINOR: mux-quic: do not free conn if attached streams
    * CLEANUP: mux-quic: remove useless app_ops is_active callback
    * BUG/MINOR: mux-quic: prevent crash if conn released during IO callback
    * BUG/MEDIUM: pattern: only visit equivalent nodes when skipping versions
    * MINOR: ebtree: add ebmb_lookup_shorter() to pursue lookups
    * BUG/MEDIUM: queue/threads: limit the number of entries dequeued at once
    * MINOR: quic: Send packets as much as possible from qc_send_app_pkts()
    * BUG/MAJOR: quic: Useless resource intensive loop qc_ackrng_pkts()
    * MINOR: quic: Stop looking for packet loss asap
    * BUG/MINOR: quic: loss time limit variable computed but not used
    * MINOR: quic: New "quic-cc-algo" bind keyword
    * MEDIUM: quic: Cubic congestion control algorithm implementation
    * MINOR: quic: Congestion control architecture refactoring
    * BUG/MEDIUM: mux-quic: fix missing EOI flag to prevent streams leaks
    * BUG/MINOR: mworker: PROC_O_LEAVING used but not updated
    * MEDIUM: resolvers: continue startup if network is unavailable
    * DEBUG: fd: split the fd check
    * Revert "BUG/MINOR: peers: set the proxy's name to the peers section name"
    * BUG/MINOR: sockpair: wrong return value for fd_send_uxst()
* Thu Jul 28 2022 [email protected]
  - Update to version 2.6.2+git0.16a3646fd:
    * [RELEASE] Released version 2.6.2
    * BUG/MINOR: backend: Fallback on RR algo if balance on source is impossible
    * BUILD: quic: fix anonymous union for gcc-4.4
    * BUG/MEDIUM: stconn: Only reset connect expiration when processing backend side
    * BUILD: add detection for unsupported compiler models
    * BUG/MEDIUM: mworker: proc_self incorrectly set crashes upon reload
    * BUG/MAJOR: mux_quic: fix invalid PROTOCOL_VIOLATION on POST data overlap
    * BUG/MINOR: mworker/cli: relative pid prefix not validated anymore
    * BUG/MINOR: quic: do not send CONNECTION_CLOSE_APP in initial/handshake
    * BUG/MINOR: tools: fix statistical_prng_range()'s output range
    * BUG/MINOR: ssl: allow duplicate certificates in ca-file directories
    * BUG/MINOR: resolvers: shut off the warning for the default resolvers
    * MINOR: resolvers: resolvers_destroy() deinit and free a resolver
    * BUG/MEDIUM: tools: avoid calling dlsym() in static builds (try 2)
    * BUILD: makefile: Fix install(1) handling for OpenBSD/NetBSD/Solaris/AIX
    * BUG/MEDIUM: tools: avoid calling dlsym() in static builds
    * BUG/MINOR: debug: enter ha_panic() only once
    * BUG/MEDIUM: cli/threads: make "show threads" more robust on applets
    * BUG/MINOR: quic: fix closing state on NO_ERROR code sent
    * BUG/MEDIUM: mux-quic: fix server chunked encoding response
    * CLEANUP: h2: Typo fix in h2_unsubcribe() traces
    * MINOR: qpack: properly handle invalid dynamic table references
    * MINOR: h3: handle errors on HEADERS parsing/QPACK decoding
    * MINOR: h3: add h3c pointer into h3s instance
    * BUG/MINOR: mux-quic: do not signal FIN if gap in buffer
    * MINOR: ncbuf: implement ncb_is_fragmented()
    * MINOR: quic: Increase the QUIC connections RX buffer size (upto 64Kb)
    * MINOR: quic: Improvements for the datagrams receipt
    * MINOR: task: Add tasklet_wakeup_after()
    * MINOR: quic: Duplicated QUIC_RX_BUFSZ definition
    * MINOR: quic: Add new stats counter to diagnose RX buffer overrun
    * BUG/MINOR: quic: Dropped packets not counted (with RX buffers full)
    * BUILD: quic+h3: 32-bit compilation errors fixes
    * BUG/MAJOR: quic: Big RX dgrams leak with POST requests
    * BUG/MAJOR: quic: Big RX dgrams leak when fulfilling a buffer
    * BUG/MINOR: quic: Wrong reuse of fulfilled dgram RX buffer
    * BUG/MINOR: quic: Missing acknowledgments for trailing packets
    * MEDIUM: mworker: set the iocb of the socketpair without using fd_insert()
    * BUG/MEDIUM: mux-h1: Handle connection error after a synchronous send
    * BUG/MEDIUM: http-ana: Don't wait to have an empty buf to switch in TUNNEL state
    * BUG/MINOR: mux-h1: Be sure to commit htx changes in the demux buffer
    * REGTEESTS: filters: Fix CONNECT request in random-forwarding script
    * BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream
    * MINOR: http-htx: Use new HTTP functions for the scheme based normalization
    * BUG/MEDIUM: h1: Improve authority validation for CONNCET request
    * MINOR: http: Add function to detect default port
    * MINOR: http: Add function to get port part of a host
    * BUG/MINOR: http-htx: Fix scheme based normalization for URIs wih userinfo
    * BUG/MINOR: peers: fix possible NULL dereferences at config parsing
    * BUG/MINOR: http-act: Properly generate 103 responses when several rules are used
    * BUG/MINOR: http-check: Preserve headers if not redefined by an implicit rule
    * BUG/MINOR: peers/config: always fill the bind_conf's argument
    * MINOR: fd: Add BUG_ON checks on fd_insert()
    * CI: re-enable gcc asan builds
    * BUILD: Makefile: Add Lua 5.4 autodetect
    * BUG/MEDIUM: ssl/fd: unexpected fd close using async engine
    * MINOR: fd: add a new FD_DISOWN flag to prevent from closing a deleted FD
    * BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch
    * BUG/MINOR: http-ana: Set method to HTTP_METH_OTHER when an HTTP txn is created
    * BUG/MINOR: ssl: Do not look for key in extra files if already in pem
    * MEDIUM: mux-h2: try to coalesce outgoing WINDOW_UPDATE frames
  - drop lua54.patch (upstream)
* Sat Jul 09 2022 [email protected]
  - Update to version 2.6.1+git0.f6ca66d44:
    * [RELEASE] Released version 2.6.1
    * REGTESTS: ssl: add the same cert for client/server
    * BUG/MEDIUM: mworker: use default maxconn in wait mode
    * BUG/MINOR: quic: Acknowledgement must be forced during handshake
    * BUG/MEDIUM: ssl/cli: crash when crt inserted into a crt-list
    * BUG/MINOR: quic: free rejected Rx packets
    * BUG/MINOR: quic: purge conn Rx packet list on release
    * BUG/MINOR: quic_stats: Duplicate "quic_streams_data_blocked_bidi" field name
    * BUG/MINOR: quic: Unexpected half open connection counter wrapping
    * BUG/MINOR: log: Properly test connection retries to fix dontlog-normal option
    * MINOR: stream: Rely on stconn flags to abort stream destructive upgrade
    * BUG/MEDIUM: stream: Properly handle destructive client connection upgrades
    * BUG/MINOR: task: fix thread assignment in tasklet_kill()
    * BUG/MINOR: quic: Wrong PTO calculation
    * BUG/MINOR: quic: Stop hardcoding Retry packet Version field
    * BUG/BUILD: h3: fix wrong label name
    * BUG/MINOR: h3/qpack: deal with too many headers
    * MINOR: qpack: add comments and remove a useless trace
    * BUG/MINOR: qpack: support header litteral name decoding
    * BUG/MEDIUM: mux-quic: fix segfault on flow-control frame cleanup
    * BUG/MEDIUM: cli: Notify cli applet won't consume data during request processing
    * BUG/MEDIUM: stconn: Don't wakeup applet for send if it won't consume data
    * BUG/MINOR: tcp-rules: Make action call final on read error and delay expiration
    * BUG/MINOR: mux-quic: fix memleak on frames rejected by transport
    * BUG/MEDIUM: mux-quic: fix flow control connection Tx level
    * BUG/MINOR: cli/stats: add missing trailing LF after "show info json"
    * BUG/MINOR: server: do not enable DNS resolution on disabled proxies
    * BUG/MINOR: cli/stats: add missing trailing LF after JSON outputs
    * BUG/MINOR: h3: fix frame type definition
    * REGTESTS: healthcheckmail: Relax health-check failure condition
    * REGTESTS: healthcheckmail: Update the test to be functionnal again
    * BUG/MINOR: checks: Properly handle email alerts in trace messages
    * BUG/MINOR: trace: Test server existence for health-checks to get proxy
    * BUG/MEDIUM: mailers: Set the object type for check attached to an email alert
    * BUILD: compiler: implement unreachable for older compilers too
    * REGTESTS: restrict_req_hdr_names: Extend supported versions
    * REGTESTS: http_abortonclose: Extend supported versions
    * BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_crlfile I/O handler
    * BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cafile I/O handler
    * BUG/MINOR: ssl_ckch: Fix possible uninitialized value in show_cert I/O handler
    * BUG/MINOR: ssl_ckch: Init right field when parsing "commit ssl crl-file" cmd
    * BUG/MINOR: ssl_ckch: Dump cert transaction only once if show command yield
    * BUG/MINOR: ssl_ckch: Dump CA transaction only once if show command yield
    * BUG/MINOR: ssl_ckch: Dump CRL transaction only once if show command yield
    * BUG/MINOR: ssl_ckch: Use right type for old entry in show_crlfile_ctx
    * REGTESTS: http_request_buffer: Increase client timeout to wait "slow" clients
    * REGTESTS: abortonclose: Add a barrier to not mix up log messages
    * MEDIUM: httpclient: Don't close CLI applet at the end of a response
    * MEDIUM: http-ana: Always report rewrite failures as PRXCOND in logs
    * BUG/MEDIUM: httpclient: Rework CLI I/O handler to handle full buffer cases
    * BUG/MEDIUM: httpclient: Don't remove HTX header blocks before duplicating them
    * BUG/MEDIUM: ssl/crt-list: Rework 'add ssl crt-list' to handle full buffer cases
    * BUG/MEDIUM: ssl_ckch: Rework 'commit ssl ca-file' to handle full buffer cases
    * BUG/MEDIUM: ssl_ckch: Rework 'commit ssl cert' to handle full buffer cases
    * BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a CA/CRL entry
    * BUG/MINOR: ssl_ckch: Don't duplicate path when replacing a cert entry
    * BUG/MEDIUM: ssl_ckch: Don't delete CA/CRL entry if it is being modified
    * BUG/MEDIUM: ssl_ckch: Don't delete a cert entry if it is being modified
    * BUG/MINOR: ssl_ckch: Free error msg if commit changes on a CA/CRL entry fails
    * BUG/MINOR: ssl_ckch: Free error msg if commit changes on a cert entry fails
* Tue May 31 2022 [email protected]
  - Update to version 2.6.0+git0.a1efc048b:
    https://www.mail-archive.com/[email protected]/msg42371.html
  - refreshed patches
    - haproxy-1.6.0-makefile_lib.patch
    - haproxy-1.6.0-sec-options.patch
    - haproxy-1.6.0_config_haproxy_user.patch
    - lua54.patch
* Fri May 13 2022 [email protected]
  - Update to version 2.5.7+git0.2ef551d02:
    * [RELEASE] Released version 2.5.7
    * CLEANUP: mux-h1: Fix comments and error messages for global options
    * MINOR: mux-h1: Add global option accpet payload for any HTTP/1.0 requests
    * BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized
    * CLEANUP: applet: make appctx_new() initialize the whole appctx
    * BUG/MINOR: conn_stream: do not confirm a connection from the frontend path
    * DOC/MINOR: fix typos in the lua-api document
    * BUG/MEDIUM: lua: fix argument handling in data removal functions
    * BUG/MINOR: server: Make SRV_STATE_LINE_MAXLEN value from 512 to 2kB (2000 bytes).
    * DOC: install: update gcc version requirements
    * BUG/MEDIUM: ssl: fix the gcc-12 broken fix :-(
    * BUILD: listener: shut report of possible null-deref in listener_accept()
    * BUILD: debug: work around gcc-12 excessive -Warray-bounds warnings
    * BUILD: ssl: work around bogus warning in gcc 12's -Wformat-truncation
    * BUG/MINOR: ssl: Fix typos in crl-file related CLI commands
    * CI: dynamically determine actual version of h2spec
    * DOC: fix typo "ant" for "and" in INSTALL
    * BUG/MINOR: ssl/cli: fix "show ssl cert" not to mix cli+ssl contexts
    * BUG/MINOR: ssl/cli: fix "show ssl crl-file" not to mix cli+ssl contexts
    * BUG/MINOR: ssl/cli: fix "show ssl ca-file <name>" not to mix cli+ssl contexts
    * BUG/MINOR: ssl/cli: fix "show ssl ca-file/crl-file" not to mix cli+ssl contexts
    * BUG/MEDIUM: ssl/cli: fix yielding in show_cafile_detail
    * BUG/MINOR: map/cli: make sure patterns don't vanish under "show map"'s init
    * BUG/MINOR: map/cli: protect the backref list during "show map" errors
    * BUG/MINOR: proxy/cli: don't enumerate internal proxies on "show backend"
    * BUG/MEDIUM: cli: make "show cli sockets" really yield
    * BUG/MEDIUM: resolvers: make "show resolvers" properly yield
    * BUG/MINOR: startup: usage() when no -cc arguments
    * BUG/MINOR: tcp/http: release the expr of set-{src,dst}[-port]
    * DOC: config: Update doc for PR/PH session states to warn about rewrite failures
    * MINOR: mux-h2: report a trace event when failing to create a new stream
    * BUG/MINOR: mux-h2: mark the stream as open before processing it not after
    * BUG/MAJOR: dns: multi-thread concurrency issue on UDP socket
    * BUG/MEDIUM: mux-h1: Be able to handle trailers when C-L header was specified
    * BUG/MEDIUM: mux-fcgi: Be sure to never set EOM flag on an empty HTX message
    * SCRIPTS: announce-release: add URL of dev packages
    * CI: github actions: update LibreSSL to 3.5.2
    * BUG/MEDIUM: httpclient: Fix loop consuming HTX blocks from the response channel
    * MINOR: ssl: add a new global option "tune.ssl.hard-maxrecord"
    * BUG/MINOR: pools: make sure to also destroy shared pools in pool_destroy_all()
    * BUG/MINOR: resolvers: Fix memory leak in resolvers_deinit()
    * BUG/MEDIUM: http-ana: Fix memleak in redirect rules with ignore-empty option
    * MINOR: connection: Add way to disable active connection closing during soft-stop
    * BUILD: compiler: properly distinguish weak and global symbols
* Tue Apr 26 2022 [email protected]
  - Update to version 2.5.6+git0.ba44b4312:
    * [RELEASE] Released version 2.5.6
    * REGTESTS: fix the race conditions in be2dec.vtc ad field.vtc
    * BUG/MINOR: connection: "connection:close" header added despite 'close-spread-time'
    * BUG/MINOR: sample: add missing use_backend/use-server contexts in smp_resolve_args
    * Revert "CI: github actions: disable -Wno-deprecated"
    * BUG/MINOR: rules: Fix check_capture() function to use the right rule arguments
    * BUG/MEDIUM: rules: Be able to use captures defined in defaults section
    * BUG/MINOR: rules: Forbid captures in defaults section if used by a backend
    * DOC: remove my name from the config doc
    * MEDIUM: queue: use tasklet_instant_wakeup() to wake tasks
    * MINOR: task: add a new task_instant_wakeup() function
    * BUG/MAJOR: connection: Never remove connection from idle lists outside the lock
    * BUG/MINOR: cache: Disable cache if applet creation fails
    * BUILD: calltrace: fix wrong include when building with TRACE=1
    * SCRIPTS: announce-release: add shortened links to pending issues
    * DOC: lua: update a few doc URLs
    * SCRIPTS: announce-release: update the doc's URL
    * BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags
    * BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added
    * BUG/MEDIUM: stream: do not abort connection setup too early
    * BUILD: compiler: use a more portable set of asm(".weak") statements
    * BUILD: sched: workaround crazy and dangerous warning in Clang 14
    * BUG/MEDIUM: mux-h1: Don't request more room on partial trailers
    * BUG/MINOR: mux-h2: use timeout http-request as a fallback for http-keep-alive
    * BUG/MINOR: mux-h2: do not use timeout http-keep-alive on backend side
    * BUILD: debug: mark the __start_mem_stats/__stop_mem_stats symbols as weak
    * BUG/MINOR: cache: do not display expired entries in "show cache"
    * BUG/MINOR: mux-h2: do not send GOAWAY if SETTINGS were not sent
    * CI: cirrus: switch to FreeBSD-13.0
    * CI: github actions: disable -Wno-deprecated
    * BUG/MINOR: stats: define the description' background color in dark color scheme
    * CI: Update to actions/cache@v3
    * CI: Update to actions/checkout@v3
    * MEDIUM: global: Add a "close-spread-time" option to spread soft-stop on time window
    * Revert "BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time"
    * MAJOR: opentracing: reenable usage of vars to transmit opentracing context
    * DEBUG: opentracing: display the contents of the err variable after setting
    * CLEANUP: opentracing: added FLT_OT_PARSE_INVALID_enum enum
    * DEBUG: opentracing: show return values of all functions in the debug output
    * MINOR: opentracing: improved normalization of context variable names
    * CLEANUP: opentracing: added variable to store variable length
    * CLEANUP: opentracing: added flt_ot_smp_init() function
    * MINOR: opentracing: only takes the variables lock on shared entries
    * Revert "MINOR: opentracing: change the scope of the variable 'ot.uuid' from 'sess' to 'txn'"
    * CLEANUP: opentracing: removed unused function flt_ot_var_get()
    * CLEANUP: opentracing: removed unused function flt_ot_var_unset()
    * DOC: opentracing: corrected comments in function descriptions
    * EXAMPLES: opentracing: refined shell scripts for testing filter performance
    * BUG/BUILD: opentracing: fixed OT_DEFINE variable setting
    * BUG/MINOR: opentracing: setting the return value in function flt_ot_var_set()
    * BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid
    * BUG/MEDIUM: http-conv: Fix url_enc() to not crush const samples
    * BUG/MEDIUM: mux-h1: Set outgoing message to DONE when payload length is reached
    * BUG/MEDIUM: promex: Be sure to never set EOM flag on an empty HTX message
    * BUG/MEDIUM: hlua: Don't set EOM flag on an empty HTX message in HTTP applet
    * BUG/MEDIUM: stats: Be sure to never set EOM flag on an empty HTX message
    * BUG/MINOR: fcgi-app: Don't add C-L header on response to HEAD requests
    * BUG/MINOR: httpclient: end callback in applet release
    * BUG/MINOR: ssl/cli: Remove empty lines from CLI output
    * CI: github actions: update OpenSSL to 3.0.2
    * DOC: remove double blanks in configuration.txt
    * BUG/MAJOR: mux_pt: always report the connection error to the conn_stream
    * BUG/MINOR: cli/stream: fix "shutdown session" to iterate over all threads
    * BUG/MINOR: samples: add missing context names for sample fetch functions
    * REGTESTS: ssl: use X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY for cert check
    * BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing
    * BUG/MEDIUM: mux-fcgi: Properly handle return value of headers/trailers parsing
    * DOC: reflect H2 timeout changes
    * BUG/MINOR: tools: url2sa reads too far when no port nor path
    * DOC: config: Explictly add supported MQTT versions
    * MEDIUM: mqtt: support mqtt_is_valid and mqtt_field_value converters for MQTTv3.1
    * BUG/MINOR: rules: Initialize the list element when allocating a new rule
    * BUG/MEDIUM: mux-h2: make use of http-request and keep-alive timeouts
    * MEDIUM: mux-h2: slightly relax timeout management rules
    * BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner
    * BUG/MEDIUM: stream-int: do not rely on the connection error once established
    * BUG/MEDIUM: mux-h1: only turn CO_FL_ERROR to CS_FL_ERROR with empty ibuf
    * CI: github actions: switch to LibreSSL-3.5.1
    * BUG/MINOR: httpclient: CF_SHUTW_NOW should be tested with channel_is_empty()
    * BUG/MINOR: httpclient: process the response when received before the end of the request
    * BUG/MINOR: httpclient: only check co_data() instead of HTTP_MSG_DATA
    * BUG/MINOR: server/ssl: free the SNI sample expression
    * BUILD: httpclient: fix build without SSL
    * BUG/MINOR: httpclient: send the SNI using the host header
    * MINOR: server: export server_parse_sni_expr() function
    * BUG/MINOR: httpclient/lua: stuck when closing without data
    * BUG/MINOR: tools: fix url2sa return value with IPv4
* Mon Mar 14 2022 [email protected]
  - Update to version 2.5.5+git0.384c5c59a:
    * [RELEASE] Released version 2.5.5
    * REGTESTS: fix the race conditions in be2hex.vtc
    * BUG/MEDIUM: httpclient: must manipulate head, not first
    * BUG/MINOR: httpclient: remove the UNUSED block when parsing headers
    * BUG/MINOR: httpclient: consume partly the blocks when necessary
    * CLEANUP: htx: remove unused co_htx_remove_blk()
    * BUG/MEDIUM: httpclient: don't consume data before it was analyzed
    * BUG/MINOR: session: fix theoretical risk of memleak in session_accept_fd()
    * BUG/MAJOR: mux-pt: Always destroy the backend connection on detach
    * DEBUG: stream: Fix stream trace message to print response buffer state
    * DEBUG: stream: Add the missing descriptions for stream trace events
    * BUG/MEDIUM: mcli: Properly handle errors and timeouts during reponse processing
    * DEBUG: cache: Update underlying buffer when loading HTX message in cache applet
    * BUG/MEDIUM: stream: Use the front analyzers for new listener-less streams
    * BUG/MINOR: promex: Set conn-stream/channel EOI flags at the end of request
    * BUG/MINOR: cache: Set conn-stream/channel EOI flags at the end of request
    * BUG/MINOR: stats: Set conn-stream/channel EOI flags at the end of request
    * BUG/MINOR: hlua: Set conn-stream/channel EOI flags at the end of request
    * BUG/MINOR: httpclient: Set conn-stream/channel EOI flags at the end of request
    * BUG/MINOR: cli: shows correct mode in "show sess"
    * BUG/MINOR: add missing modes in proxy_mode_str()
    * BUILD: fix recent build breakage of freebsd caused by kFreeBSD build fix
    * BUILD: pools: fix backport of no-memory-trimming on non-linux OS
    * MINOR: stats: Add dark mode support for socket rows
    * MINOR: pools: add a new global option "no-memory-trimming"
    * BUILD: fix kFreeBSD build.
    * BUG/MEDIUM: pools: fix ha_free() on area in the process of being freed
    * BUG/MINOR: pool: always align pool_heads to 64 bytes
    * BUG/MEDIUM: httpclient/lua: infinite appctx loop with POST
    * REGTESTS: fix the race conditions in secure_memcmp.vtc
    * REGTESTS: fix the race conditions in normalize_uri.vtc
    * BUG/MEDIUM: htx: Fix a possible null derefs in htx_xfer_blks()
    * BUG/MEDIUM: mux-fcgi: Don't rely on SI src/dst addresses for FCGI health-checks
    * BUILD: tree-wide: mark a few numeric constants as explicitly long long
    * BUILD: atomic: make the old HA_ATOMIC_LOAD() support const pointers
    * CI: Consistently use actions/checkout@v2
    * CI: github actions: use cache for SSL libs
    * CI: refactor OpenTracing build script
    * CI: github actions: use cache for OpenTracing
    * CI: github actions: add the output of $CC -dM -E-
* Fri Feb 25 2022 [email protected]
  - Update to version 2.5.4+git0.e55ab4208:
    * [RELEASE] Released version 2.5.4
    * BUG/MEDIUM: stream: Abort processing if response buffer allocation fails
    * CI: github: enable pool debugging by default
    * REGTESTS: fix the race conditions in 40be_2srv_odd_health_checks
    * BUG/MINOR: proxy: preset the error message pointer to NULL in parse_new_proxy()
    * DOC: Fix usage/examples of deprecated ACLs
    * BUG/MAJOR: mux-h2: Be sure to always report HTX parsing error to the app layer
    * BUG/MEDIUM: mux-h1: Don't wake h1s if mux is blocked on lack of output buffer
    * BUG/MEDIUM: htx: Be sure to have a buffer to perform a raw copy of a message
* Thu Feb 24 2022 Marcus Rueckert <[email protected]>
  - apparmor: profile now needs access to /sys/devices/system/node/
* Fri Feb 18 2022 [email protected]
  - Update to version 2.5.3+git0.abf078b15:
    * [RELEASE] Released version 2.5.3
    * DEBUG: buffer: check in __b_put_blk() whether the buffer room is respected
    * BUG/MEDIUM: httpclient: limit transfers to the maximum available room
    * BUG/MINOR: tools: url2sa reads ipv4 too far
    * CLEANUP: httpclient/cli: fix indentation alignment of the help message
    * BUG/MINOR: ssl: Missing return value check in ssl_ocsp_response_print
    * BUG/MINOR: ssl: Fix leak in "show ssl ocsp-response" CLI command
    * BUG/MINOR: ssl: Add missing return value check in ssl_ocsp_response_print
    * BUG/MINOR: mailers: negotiate SMTP, not ESMTP
    * BUG/MINOR: httpclient: reinit flags in httpclient_start()
    * MINOR: httpclient: Don't limit data transfer to 1024 bytes
    * BUG/MAJOR: compiler: relax alignment constraints on certain structures
    * BUG/MEDIUM: fd: always align fdtab[] to 64 bytes
    * BUG/MEDIUM: resolvers: Really ignore trailing dot in domain names
    * BUG/MINOR: sink: Use the right field in appctx context in release callback
    * BUG/MINOR: mworker: fix a FD leak of a sockpair upon a failed reload
    * BUG/MEDIUM: mworker: close unused transferred FDs on load failure
    * MINOR: sock: move the unused socket cleaning code into its own function
* Fri Feb 18 2022 [email protected]
  - Update to version 2.5.2+git0.042feec44: (CVE-2022-0711 boo#1196408)
    * [RELEASE] Released version 2.5.2
    * BUG/MINOR: mux-h2: update the session's idle delay before creating the stream
    * BUG/MEDIUM: h2/hpack: fix emission of HPACK DTSU after settings change
    * REGTESTS: peers: leave a bit more time to peers to synchronize
    * REGTESTS: server: close an occasional race on dynamic_server_ssl.vtc
    * BUG/MAJOR: spoe: properly detach all agents when releasing the applet
    * BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies
    * BUG/MINOR: httpclient/cli: display junk characters in vsn
    * BUG/MINOR: jwt: Memory leak if same key is used in multiple jwt_verify calls
    * BUG/MINOR: jwt: Missing pkey free during cleanup
    * BUG/MINOR: jwt: Double free in deinit function
    * BUG/MINOR: ssl: Remove empty lines from "show ssl ocsp-response <id>" output
    * BUG/MEDIUM: httpclient: Xfer the request when the stream is created
    * BUG/MINOR: httpclient: Revisit HC request and response buffers allocation
    * BUG/MEDIUM: listener: read-lock the listener during accept()
    * MINOR: listener: replace the listener's spinlock with an rwlock
    * DEBUG: fd: make sure we never try to insert/delete an impossible FD number
    * BUG/MINOR: mworker: does not erase the pidfile upon reload
    * BUG/MAJOR: sched: prevent rare concurrent wakeup of multi-threaded tasks
    * DEBUG: pools: replace the link pointer with the caller's address on pool_free()
    * DEBUG: pools: let's add reverse mapping from cache heads to thread and pool
    * DEBUG: pools: add extra sanity checks when picking objects from a local cache
    * BUG/MINOR: pools: always flush pools about to be destroyed
    * BUG/MINOR: mworker: does not add the -sf in wait mode
    * BUG/MEDIUM: mworker: don't lose the stats socket on failed reload
    * REGTESTS: ssl: Fix ssl_errors regtest with OpenSSL 1.0.2
    * DEBUG: pools: add new build option DEBUG_POOL_INTEGRITY
    * BUILD: debug/cli: condition test of O_ASYNC to its existence
    * DEBUG: cli: add a new "debug dev fd" expert command
    * BUG/MINOR: stream: make the call_rate only count the no-progress calls
    * BUG/MEDIUM: mcli: always realign wrapping buffers before parsing them
    * BUG/MEDIUM: mcli: do not try to parse empty buffers
    * BUG/MEDIUM: cli: Never wait for more data on client shutdown
    * MEDIUM: h2/hpack: emit a Dynamic Table Size Update after settings change
    * BUG/MINOR: cli: avoid O(bufsize) parsing cost on pipelined commands
    * MINOR: channel: add new function co_getdelim() to support multiple delimiters
    * MEDIUM: cli: yield between each pipelined command
    * DOC: management: mark "set server ssl" as deprecated
    * BUG/MEDIUM: server: avoid changing healthcheck ctx with set server ssl
    * BUILD/MINOR: fix solaris build with clang.
    * BUG/MINOR: httpclient/lua: don't pop the lua stack when getting headers
    * BUG/MINOR: httpclient: set default Accept and User-Agent headers
    * BUG/MINOR: httpclient: don't send an empty body
    * BUG/MEDIUM: htx: Adjust length to add DATA block in an empty HTX buffer
    * BUG/MEDIUM: connection: properly leave stopping list on error
* Fri Feb 04 2022 Callum Farmer <[email protected]>
  - Add now working CONFIG parameter to sysusers generator
* Tue Jan 11 2022 [email protected]
  - Update to version 2.5.1+git0.86b093a51:
    * [RELEASE] Released version 2.5.1
    * CI: github actions: clean default step conditions
    * BUILD: cpuset: fix build issue on macos introduced by previous change
    * BUG/MAJOR: mux-h1: Don't decrement .curr_len for unsent data
    * BUG/MINOR: ssl: Store client SNI in SSL context in case of ClientHello error
    * BUG/MEDIUM: mworker: don't use _getsocks in wait mode
    * BUG/MEDIUM: http-ana: Preserve response's FLT_END analyser on L7 retry
    * BUG/MINOR: cli: fix _getsocks with musl libc
    * BUILD/MINOR: tools: solaris build fix on dladdr.
    * CI: github actions: update OpenSSL to 3.0.1
    * BUILD/MINOR: cpuset FreeBSD 14 build fix.
    * REGTESTS: ssl: update of a crt with server deletion
    * BUG/MEDIUM: ssl: free the ckch instance linked to a server
    * BUG/MINOR: ssl: free the fields in srv->ssl_ctx
    * CI: Github Actions: do not show VTest failures if build failed
    * BUILD: makefile: add -Wno-atomic-alignment to work around clang abusive warning
    * MINOR: cpuset: switch to sched_setaffinity for FreeBSD 14 and above.
    * MINOR: proxy: add option idle-close-on-response
    * MINOR: debug: add support for -dL to dump library names at boot
    * MINOR: debug: add ability to dump loaded shared libraries
    * MINOR: compat: detect support for dl_iterate_phdr()
    * REGTESTS: ssl: fix ssl_default_server.vtc
    * BUG/MEDIUM: ssl: initialize correctly ssl w/ default-server
    * BUILD: opentracing: display warning in case of using OT_USE_VARS at compile time
    * DEBUG: ssl: make sure we never change a servername on established connections
    * DOC: fix misspelled keyword "resolve_retries" in resolvers
    * BUILD: ssl: unbreak the build with newer libressl
    * BUG/MINOR: mux-h1: Fix splicing for messages with unknown length
    * BUG/MEDIUM: mux-h1: Fix splicing by properly detecting end of message
    * BUG/MEDIUM: peers: properly skip conn_cur from incoming messages
    * BUG/MEDIUM: backend: fix possible sockaddr leak on redispatch
    * MINOR: pools: work around possibly slow malloc_trim() during gc
    * MINOR: ssl: Remove empty lines from "show ssl ocsp-response" output
    * BUG/MEDIUM: mworker/cli: crash when trying to access an old PID in prompt mode
    * DOC: config: fix error-log-format example
    * DOC: config: retry-on list is space-delimited
    * DOC: config: Specify %Ta is only available in HTTP mode
    * DOC: spoe: Clarify use of the event directive in spoe-message section
    * BUG/MINOR: cli/server: Don't crash when a server is added with a custom id
    * MINOR: http-rules: Add capture action to http-after-response ruleset
    * IMPORT: slz: use the correct CRC32 instruction when running in 32-bit mode
    * BUILD: tree-wide: avoid warnings caused by redundant checks of obj_types
    * MINOR: cli: "show version" displays the current process version
    * BUG/MEDIUM: sample: Fix memory leak in sample_conv_jwt_member_query
    * BUILD: bug: Fix error when compiling with -DDEBUG_STRICT_NOCRASH
    * MINOR: mux-h1: Improve H1 traces by adding info about http parsers
    * BUG/MINOR: mworker: deinit of thread poller was called when not initialized
    * BUG/MEDIUM: mworker: FD leak of the eventpoll in wait mode
    * BUG/MEDIUM: h1: Properly reset h1m flags when headers parsing is restarted
    * BUG/MAJOR: segfault using multiple log forward sections.
    * BUG/MEDIUM: resolvers: Detach query item on response error
    * BUG/MINOR: server: Don't rely on last default-server to init server SSL context
    * BUG/MINOR: vars: Fix the set-var and unset-var converters
    * BUILD: evports: remove a leftover from the dead_fd cleanup
    * BUG/MEDIUM: cli: Properly set stream analyzers to process one command at a time
    * BUG/MINOR: lua: remove loop initial declarations
    * BUG/MINOR: lua: don't expose internal proxies
    * BUG/MINOR: httpclient: allow to replace the host header
    * BUG/MINOR: cache: Fix loop on cache entries in "show cache"
* Tue Nov 23 2021 [email protected]
  - Update to version 2.5.0+git0.f2e0833f1:
    https://www.mail-archive.com/[email protected]/msg41508.html
  - refreshed patches to apply cleanly again
    haproxy-1.6.0-sec-options.patch
    haproxy-1.6.0_config_haproxy_user.patch
    lua54.patch
* Wed Nov 03 2021 [email protected]
  - Update to version 2.4.8+git0.d1f8d41e0:
    * [RELEASE] Released version 2.4.8
    * SCRIPTS: git-show-backports: re-enable file-based filtering
    * DOC/peers: some grammar fixes for peers 2.1 spec
    * MINOR: stream: Improve dump of bogus streams
    * BUILD/MINOR: cpuset freebsd build fix
    * DOC: config: Fix alphabetical order of fc_* samples
    * BUG/MINOR: sample: fix backend direction flags consecutive to last fix
    * BUG/MEDIUM: sample: Cumulate frontend and backend sample validity flags
    * BUG/MEDIUM: stream-int: Block reads if channel cannot receive more data
    * BUG/MINOR: http: Authorization value can have multiple spaces after the scheme
    * BUG/MEDIUM: http-ana: Drain request data waiting the tarpit timeout expiration
    * MINOR: halog: Add support for extracting captures using -hdr
    * BUG/MINOR: halog: Add missing newlines in die() messages
    * CLEANUP: halog: Use consistent indentation in help()
    * MINOR: halog: Rename -qry to -query
    * DOC: halog: Move the `-qry` parameter into the correct section in help text
    * MINOR: halog: Add -qry parameter allowing to preserve the query string in -uX
    * BUG/MEDIUM: resolvers: Track api calls with a counter to free resolutions
    * BUG/MEDIUM: resolvers: Don't recursively perform requester unlink
    * MEDIUM: resolvers: remove the last occurrences of the "safe" argument
    * MEDIUM: resolvers: use a kill list to preserve the list consistency
    * CLEANUP: resolvers: replace all LIST_DELETE with LIST_DEL_INIT
    * CLEANUP: resolvers: simplify resolv_link_resolution() regarding requesters
    * CLEANUP: always initialize the answer_list
    * CLEANUP: resolvers: do not export resolv_purge_resolution_answer_records()
    * BUG/MEDIUM: mux-h1: Perform a connection shutdown when the h1c is released
    * BUG/MINOR: mux-h1: Save shutdown mode if the shutdown is delayed
    * BUILD: atomic: fix build on mac/arm64
    * BUG/MINOR: backend: fix improper insert in avail tree for always reuse
    * BUILD: fix compilation on NetBSD
    * MINOR: memprof: add one pointer size to the size of allocations
    * MINOR: memprof: report the delta between alloc and free on realloc()
    * BUG/MEDIUM: lua: fix memory leaks with realloc() on non-glibc systems
    * BUG/MINOR: mux-h2: do not prevent from sending a final GOAWAY frame
    * BUG/MINOR: task: do not set TASK_F_USR1 for no reason
    * BUG/MAJOR: buf: fix varint API post- vs pre- increment
    * BUG/MEDIUM: resolvers: always check a valid item in query_list
    * BUILD: resolvers: avoid a possible warning on null-deref
    * BUG/MAJOR: resolvers: add other missing references during resolution removal
    * MINOR: resolvers: merge address and target into a union "data"
    * BUG/MEDIUM: resolvers: use correct storage for the target address
    * BUG/MEDIUM: resolvers: fix truncated TLD consecutive to the API fix
    * MINOR: resolvers: fix the resolv_dn_label_to_str() API about trailing zero
    * BUG/MINOR: resolvers: do not reject host names of length 255 in SRV records
    * BUG/MEDIUM: resolver: make sure to always use the correct hostname length
    * MINOR: resolvers: fix the resolv_str_to_dn_label() API about trailing zero
    * BUG/MAJOR: dns: attempt to lock globaly for msg waiter list instead of use barrier
    * BUG/MAJOR: dns: tcp session can remain attached to a list after a free
    * BUG/MEDIUM: tcpcheck: Properly catch early HTTP parsing errors
    * Revert "CLEANUP: server: always include the storage for SSL settings"
    * BUG/MEDIUM: stream: Keep FLT_END analyzers if a stream detects a channel error
    * BUG/MEDIUM: cpuset: fix cpuset size for FreeBSD
    * BUG/MINOR: sample: Fix 'fix_tag_value' sample when waiting for more data
    * BUG/MINOR: http-ana: Don't eval front after-response rules if stopped on back
    * MINOR: initcall: Rename __GLOBL and __GLOBL1.
    * DOC: configuration: add clarification on escaping in keyword arguments
    * BUG/MEDIUM: mux_h2: Handle others remaining read0 cases on partial frames
    * BUG/MEDIUM: sample: properly verify that variables cast to sample
    * MINOR: sample: provide a generic var-to-sample conversion function
    * CLEANUP: sample: uninline sample_conv_var2smp_str()
    * CLEANUP: sample: rename sample_conv_var2smp() to *_sint
    * CLEANUP: server: always include the storage for SSL settings
* Mon Oct 04 2021 [email protected]
  - Update to version 2.4.7+git0.b5e51a5e2:
    * [RELEASE] Released version 2.4.7
    * BUG/MEDIUM: http-ana: Clear request analyzers when applying redirect rule
* Mon Oct 04 2021 [email protected]
  - Update to version 2.4.6+git0.d83fd76a1:
    * [RELEASE] Released version 2.4.6
    * BUG/MEDIUM: filters: Fix a typo when a filter is attached blocking the release
* Fri Oct 01 2021 [email protected]
  - Update to version 2.4.5+git0.e74a1b34b:
    * [RELEASE] Released version 2.4.5
    * MINOR: tasks: catch TICK_ETERNITY with BUG_ON() in __task_queue()
    * BUG/MINOR: tcp-rules: Stop content rules eval on read error and end-of-input
    * BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing
    * MINOR: arg: Be able to forbid unresolved args when building an argument list
    * BUG/MAJOR: lua: use task_wakeup() to properly run a task once
    * BUG/MEDIUM: lua: fix wakeup condition from sleep()
    * MINOR: Makefile: add MEMORY_POOLS to the list of DEBUG_xxx options
    * DOC: peers: fix doc "enable" statement on "peers" sections
    * BUG/MINOR: mux-h1/mux-fcgi: Sanitize TE header to only send "trailers"
    * MINOR: stream-int: Notify mux when the buffer is not stuck when calling rcv_buf
    * BUG/MEDIUM: stream-int: Defrag HTX message in si_cs_recv() if necessary
    * MINOR: htx: Add a function to know if the free space wraps
    * MINOR: htx: Add an HTX flag to know when a message is fragmented
    * MINOR: stream-int: Set CO_RFL transient/persistent flags apart in si_cs_rcv()
    * BUG/MEDIUM: stream: Stop waiting for more data if SI is blocked on RXBLK_ROOM
    * BUG/MEDIUM: stream-int: Notify stream that the mux wants more room to xfer data
    * BUG/MEDIUM: mux-h1: Adjust conditions to ask more space in the channel buffer
    * BUG/MINOR: stats: use refcount to protect dynamic server on dump
    * MINOR: server: return the next srv instance on free_server
    * BUG/MINOR: server: do not use refcount in free_server in stopping mode
    * MINOR: global: define MODE_STOPPING
    * MINOR: server: implement a refcount for dynamic servers
    * BUG/MINOR: http-ana: increment internal_errors counter on response error
    * BUG/MINOR: h1-htx: Fix a typo when request parser is reset
    * BUG/MEDIUM: leastconn: fix rare possibility of divide by zero
    * BUG/MINOR: server: allow 'enable health' only if check configured
    * BUILD: threads: fix -Wundef for _POSIX_PRIORITY_SCHEDULING on libmusl
    * BUILD: halog: fix a -Wundef warning on non-glibc systems
    * BUILD: compiler: fixed a missing test on  defined(__GNUC__)
    * BUILD: fix dragonfly build again on __read_mostly
    * BUG/MINOR: vars: do not talk about global section in CLI errors for set-var
    * BUG/MINOR: vars: truncate the variable name in error reports about scope.
    * BUG/MINOR: vars: properly set the argument parsing context in the expression
    * MINOR: sample: add missing ARGC_ entries
    * BUG/MINOR: vars: improve accuracy of the rules used to check expression validity
    * BUILD: tools: properly guard __GLIBC__ with defined()
    * BUILD: ssl: fix two remaining occurrences of #if USE_OPENSSL
    * BUILD: ssl: next round of build warnings on LIBRESSL_VERSION_NUMBER
    * BUILD/MINOR: regex: avoid a build warning on USE_PCRE2 with -Wundef
    * IMPORT: slz: silence a build warning with -Wundef
    * BUILD/MINOR: ssl: avoid a build warning on LIBRESSL_VERSION with -Wundef
    * BUILD/MINOR: defaults: eliminate warning on MAXHOSTNAMELEN with -Wundef
    * BUILD: activity: use #ifdef not #if on USE_MEMORY_PROFILING
    * MINOR: proc: setting the process to produce a core dump on FreeBSD.
    * MINOR: tools: add FreeBSD support to get_exec_path()
    * BUILD: tools: get the absolute path of the current binary on NetBSD.
    * BUG/MINOR: flt-trace: fix an infinite loop when random-parsing is set
    * BUG/MINOR: cli/payload: do not search for args inside payload
    * BUILD: ist: prevent gcc11 maybe-uninitialized warning on istalloc
    * BUG/MINOR: connection: prevent null deref on mux cleanup task allocation
    * DOC: management: certificate files must be sanitized before injection
    * BUG/MINOR: tcpcheck: Improve LDAP response parsing to fix LDAP check
    * BUG/MAJOR: mux-h1: Don't eval input data if an error was reported
    * MINOR: pools: use mallinfo2() when available instead of mallinfo()
    * MINOR: pools: automatically disable malloc_trim() with external allocators
    * CLEANUP: pools: factor all malloc_trim() calls into trim_all_pools()
    * BUG/MINOR: compat: make sure __WORDSIZE is always defined
    * BUG/MEDIUM: stream-int: Don't block SI on a channel policy if EOI is reached
    * CLEANUP: mux-h1: Remove condition rejecting upgrade requests with payload
    * MINOR: htx: Skip headers with no value when adding a header list to a message
    * BUG/MEDIUM: mux-h1: Remove "Upgrade:" header for requests with payload
    * BUG/MINOR: systemd: ExecStartPre must use -Ws
    * BUG/MINOR: filters: Set right FLT_END analyser depending on channel
    * BUG/MINOR: filters: Always set FLT_END analyser when CF_FLT_ANALYZE flag is set
    * BUG/MEDIUM: http-ana: Reset channels analysers when returning an error
    * BUG/MINOR: stream: Don't release a stream if FLT_END is still registered
    * BUG/MINOR: lua: Don't yield in channel.append() and channel.set()
    * BUG/MINOR: lua: Yield in channel functions only if lua context can yield
    * MINOR: lua: Add a flag on lua context to know the yield capability at run time
* Tue Sep 07 2021 [email protected]
  - Update to version 2.4.4+git0.acb1d0bea: CVE-2021-40346 (boo#1189877)
    * [RELEASE] Released version 2.4.4
    * Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive"
    * BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
    * CLEANUP: htx: remove comments about "must be < 256 MB"
    * BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
    * DOC: configuration: remove wrong tcp-request examples in tcp-response
    * BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
    * CLEANUP: Add missing include guard to signal.h
    * BUG/MINOR: tools: Fix loop condition in dump_text()
    * BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
    * BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
    * MINOR: time: add report_idle() to report process-wide idle time
    * BUG/MINOR: time: fix idle time computation for long sleeps
    * BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
    * MINOR: compiler: implement an ONLY_ONCE() macro
    * BUG/MINOR: base64: base64urldec() ignores padding in output size check
    * BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
    * BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
    * MINOR: hlua: take the global Lua lock inside a global function
    * REGTESTS: abortonclose: after retries, 503 is expected, not close
    * REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
    * BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
* Tue Aug 17 2021 [email protected]
  - Update to version 2.4.3+git0.4dd5a5a6c:
      CVE-2021-39240 CVE-2021-39241 CVE-2021-39242
      (boo#1189366 boo#1189548 boo#1189549)
    * [RELEASE] Released version 2.4.3
    * REGTESTS: add a test to prevent h2 desync attacks
    * BUG/MEDIUM: h2: give :authority precedence over Host
    * BUG/MAJOR: h2: enforce stricter syntax checks on the :method pseudo-header
    * BUG/MAJOR: h2: verify that :path starts with a '/' before concatenating it
    * BUG/MAJOR: h2: verify early that non-http/https schemes match the valid syntax
    * MINOR: http: add a new function http_validate_scheme() to validate a scheme
    * DOC/MINOR: fix typo in management document
    * CLEANUP: assorted typo fixes in the code and comments
    * BUG/MEDIUM: cfgcheck: verify existing log-forward listeners during config check
    * BUG/MEDIUM: spoe: Fix policy to close applets when SPOE connections are queued
    * DOC: config: Fix 'http-response send-spoe-group' documentation
    * DOC: Improve the lua documentation
    * BUG/MINOR: tcpcheck: Properly detect pending HTTP data in output buffer
    * BUG/MINOR: buffer: fix buffer_dump() formatting
    * BUG/MEDIUM: spoe: Create a SPOE applet if necessary when the last one is released
    * MINOR: spoe: Add a pointer on the filter config in the spoe_agent structure
    * ADMIN: dyncookie: implement a simple dynamic cookie calculator
    * MINOR: server: unmark deprecated on enable health/agent cli
    * BUG/MINOR: server: update last_change on maint->ready transitions too
    * BUG/MINOR: server: remove srv from px list on CLI 'add server' error
    * BUILD: opentracing: fixed build when using pkg-config utility
    * DOC: internals: document the FD takeover process
    * BUG/MINOR: fd: protect fd state harder against a concurrent takeover
    * BUG/MINOR: pollers: always program an update for migrated FDs
    * BUG/MINOR: poll: fix abnormally high skip_fd counter
    * BUG/MINOR: select: fix excess number of dead/skip reported
    * BUG/MEDIUM: pollers: clear the sleeping bit after waking up, not before
    * BUG/MEDIUM: connection: close a rare race between idle conn close and takeover
    * BUG/MINOR: connection: Add missing error labels to conn_err_code_str
    * BUG/MEDIUM: mux-h2: Handle remaining read0 cases on partial frames
    * BUG/MINOR: mux-h1: Be sure to swap H1C to splice mode when rcv_pipe() is called
    * BUG/MINOR: mux-h2: Obey dontlognull option during the preface
    * BUG/MINOR: mux-h1: Obey dontlognull option for empty requests
    * BUG/MINOR: systemd: must check the configuration using -Ws
    * BUG/MINOR: resolvers: Use a null-terminated string to lookup in servers tree
    * BUG/MINOR: check: fix the condition to validate a port-less server
    * BUG/MINOR: stats: Add missing agent stats on servers
    * BUG/MEDIUM: ssl_sample: fix segfault for srv samples on invalid request
    * BUILD/MINOR: memprof fix macOs build.
    * BUG/MINOR: mworker: do not export HAPROXY_MWORKER_REEXEC across programs
    * BUG/MEDIUM: mworker: do not register an exit handler if exit is expected
    * BUILD: lua: silence a build warning with TCC
    * BUILD: add detection of missing important CFLAGS
    * BUG/MINOR: ssl: Default-server configuration ignored by server
    * MINOR: mux_h2: define config to disable h2 websocket support
    * BUILD: http_htx: fix ci compilation error with isdigit for Windows
* Wed Jul 07 2021 [email protected]
  - Update to version 2.4.2+git0.553dee326:
    * [RELEASE] Released version 2.4.2
    * REGTESTS: add http scheme-based normalization test
    * MEDIUM: h2: apply scheme-based normalization on h2 requests
    * MEDIUM: h1-htx: apply scheme-based normalization on h1 requests
    * MEDIUM: http: implement scheme-based normalization
    * MINOR: http: implement http_get_scheme
    * Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules"
    * BUG/MINOR: cli: fix server name output in "show fd"
    * BUG/MEDIUM: sock: make sure to never miss early connection failures
    * DOC: stick-table: add missing documentation about gpt0 stored type
    * BUG/MINOR: peers: fix data_type bit computation more than 32 data_types
    * BUG/MINOR: stick-table: fix several printf sign errors dumping tables
    * DOC: config: use CREATE USER for mysql-check
    * BUG/MEDIUM: resolvers: Make 1st server of a template take part to SRV resolution
    * BUG/MINOR: mqtt: Support empty client ID in CONNECT message
    * BUG/MINOR: mqtt: Fix parser for string with more than 127 characters
    * BUG/MINOR: tcpcheck: Fix numbering of implicit HTTP send/expect rules
    * BUILD: Makefile: fix linkage for Haiku.
    * BUG/MINOR: checks: return correct error code for srv_parse_agent_check
    * MINOR: resolvers: Reset server IP on error in resolv_get_ip_from_response()
    * BUG/MINOR: resolvers: Reset server IP when no ip is found in the response
    * BUG/MINOR: resolvers: Always attach server on matching record on resolution
    * CLEANUP: dns: Remove a forgotten debug message
    * DOC: config: Add missing actions in "tcp-request session" documentation
    * MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules
    * REGTESTS: fix maxconn update with agent-check
    * BUG/MAJOR: server: fix deadlock when changing maxconn via agent-check
    * BUG/MINOR: cache: Correctly handle existing-but-empty 'accept-encoding' header
    * BUG/MINOR: server/cli: Fix locking in function processing "set server" command
    * BUG/MINOR: resolvers: Use resolver's lock in resolv_srvrq_expire_task()
    * BUG/MEDIUM: resolvers: Add a task on servers to check SRV resolution status
    * MINOR: resolvers: Remove server from named_servers tree when removing a SRV item
    * MINOR: resolvers: Clean server in a dedicated function when removing a SRV item
    * BUG/MEDIUM: server/cli: Fix ABBA deadlock when fqdn is set from the CLI
    * BUG/MINOR: server: Forbid to set fqdn on the CLI if SRV resolution is enabled
    * BUG/MINOR: server-state: load SRV resolution only if params match the config
* Thu Jun 17 2021 [email protected]
  - Update to version 2.4.1+git0.1ce7d4925:
    * [RELEASE] Released version 2.4.1
    * BUG/MINOR: mux-h2/traces: bring back the lost "sent H2 REQ/RES" traces
    * BUG/MINOR: mux-h2/traces: bring back the lost "rcvd H2 REQ" trace
    * MINOR: mux-h2: obey http-ignore-probes during the preface
    * BUG/MINOR: stats: make "show stat typed desc" work again
    * CLEANUP: mux-h2/traces: better align user messages
    * MINOR: mux-h2/trace: report a few connection-level info during h2_init()
    * MINOR: connection: add helper conn_append_debug_info()
    * BUG/MINOR: server: explicitly set "none" init-addr for dynamic servers
    * BUG/MINOR: mux-h1: do not skip the error response on bad requests
    * MINOR: backend: only skip LB when there are actual connections
    * BUG/MAJOR: queue: set SF_ASSIGNED when setting strm->target on dequeue
    * CLEANUP: global: remove unused definition of stopping_task[]
    * BUG/MINOR: mworker: fix typo in chroot error message
    * BUG/MINOR: ssl: use atomic ops to update global shctx stats
    * BUG/MEDIUM: shctx: use at least thread-based locking on USE_PRIVATE_CACHE
    * BUG/MEDIUM: server: do not auto insert a dynamic server in px addr_node
    * BUG/MINOR: server: do not keep an invalid dynamic server in px ids tree
    * BUG/MEDIUM: server: do not forget to generate the dynamic servers ids
    * BUG/MEDIUM: server: clear dynamic srv on delete from proxy id/name trees
    * BUG/MEDIUM: server: extend thread-isolate over much of CLI 'add server'
    * BUG/MINOR: stick-table: insert srv in used_name tree even with fixed id
    * DOC: lua: Add a warning about buffers modification in HTTP
    * BUG/MAJOR: resolvers: segfault using server template without SRV RECORDs
    * MEDIUM: resolvers: add a ref between servers and srv request or used SRV record
    * MEDIUM: resolvers: add a ref on server to the used A/AAAA answer item
    * BUG/MINOR: resolvers: answser item list was randomly purged or errors
    * CLEANUP: l7-retries: do not test the buffer before calling b_alloc()
    * BUG/MINOR: mux-fcgi: Expose SERVER_SOFTWARE parameter by default
    * BUG/MAJOR: htx: Fix htx_defrag() when an HTX block is expanded
    * CLEANUP: pools: remove now unused seq and pool_free_list
    * BUG/MAJOR: pools: fix possible race with free() in the lockless variant
    * MEDIUM: pools: use a single pool_gc() function for locked and lockless
    * MINOR: pools: call malloc_trim() under thread isolation
    * MINOR: pools: do not maintain the lock during pool_flush()
    * BUG/MINOR: pools: make DEBUG_UAF always write to the to-be-freed location
    * BUG/MINOR: pools: fix a possible memory leak in the lockless pool_flush()
    * BUG/MEDIUM: compression: Add a flag to know the filter is still processing data
    * BUG/MEDIUM: compression: Properly get the next block to iterate on payload
    * BUG/MEDIUM: compression: Fix loop skipping unused blocks to get the next block
    * BUG/MEDIUM: opentracing: initialization before establishing daemon and/or chroot mode
    * Revert "BUG/MINOR: opentracing: initialization after establishing daemon mode"
    * BUG/MINOR: ssl: OCSP stapling does not work if expire too far in the future
    * BUILD: make tune.ssl.keylog available again
    * DOC: use the req.ssl_sni in examples
    * MINOR: errors: allow empty va_args for diag variadic macro
    * BUG/MAJOR: stream-int: Release SI endpoint on server side ASAP on retry
    * DOC/MINOR: move uuid in the configuration to the right alphabetical order
    * BUG/MINOR: vars: Be sure to have a session to get checks variables
    * CLEANUP: http-ana: Remove useless if statement about L7 retries
    * BUG/MINOR: proxy: Missing calloc return value check in chash_init_server_tree
    * BUG/MINOR: http: Missing calloc return value check in make_arg_list
    * BUG/MINOR: http: Missing calloc return value check while parsing redirect rule
    * BUG/MINOR: worker: Missing calloc return value check in mworker_env_to_proc_list
    * BUG/MINOR: compression: Missing calloc return value check in comp_append_type/algo
    * BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule
    * BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response
    * BUG/MINOR: proxy: Missing calloc return value check in proxy_defproxy_cpy
    * BUG/MINOR: proxy: Missing calloc return value check in proxy_parse_declare
    * BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture
    * BUG/MINOR: ssl: Missing calloc return value check in ssl_init_single_engine
    * BUG/MINOR: peers: Missing calloc return value check in peers_register_table
    * BUG/MINOR: server: Missing calloc return value check in srv_parse_source
    * DOC: intro: Fix typo in starter guide
    * MINOR: cfgparse: Fail when encountering extra arguments in macro
    * MINOR: http-ana: Perform L7 retries because of status codes in response analyser
    * BUG/MINOR: http-ana: Handle L7 retries on refused early data before K/A aborts
    * BUG/MINOR: http-ana: Send the right error if max retries is reached on L7 retry
    * Revert "MEDIUM: http-ana: Deal with L7 retries in HTTP analysers"
    * BUG/MINOR: http-comp: Preserve HTTP_MSGF_COMPRESSIONG flag on the response
    * BUG/MEDIUM: filters: Exec pre/post analysers only one time per filter
    * BUILD/MINOR: opentracing: fixed build when using clang
    * BUG/MAJOR: server: prevent deadlock when using 'set maxconn server'
    * BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
* Fri May 14 2021 [email protected]
  - Update to version 2.4.0+git0.6cbbecf09:
    https://www.haproxy.com/blog/announcing-haproxy-2-4/
    for all the details see /usr/share/doc/packages/haproxy/CHANGELOG
  - refreshed patches to apply cleanly again
    haproxy-1.6.0-makefile_lib.patch
    haproxy-1.6.0-sec-options.patch
    lua54.patch
* Fri Apr 23 2021 [email protected]
  - Update to version 2.3.10+git0.4764f0e4e:
    * [RELEASE] Released version 2.3.10
    * BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
    * BUG/MEDIUM: peers: re-work connection to new process during reload.
    * BUG/MINOR: peers: remove useless table check if initial resync is finished
    * BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data
    * BUG/MINOR: mworker: don't use oldpids[] anymore for reload
    * BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
    * BUG/MEDIUM: config: fix cpu-map notation with both process and threads
    * BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
    * BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
    * BUG/MINOR: server: free srv.lb_nodes in free_server
    * BUG/MINOR: mux-h1: Release idle server H1 connection if data are received
    * BUG/MINOR: logs: Report the true number of retries if there was no connection
    * BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function
    * BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded
    * BUG/MINOR: ssl-samples: Fix ssl_bc_* samples when called from a health-check
    * MINOR: connection: Make bc_http_major compatible with tcp-checks
    * BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections
    * MINOR: logs: Add support of checks as session origin to format lf strings
    * BUG/MINOR: checks: Set missing id to the dummy checks frontend
    * BUG/MEDIUM: threads: Ignore current thread to end its harmless period
    * DOC: ssl: Certificate hot update only works on fronted certificates
    * BUG/MEDIUM: sample: Fix adjusting size in field converter
    * MINOR: No longer rely on deprecated sample fetches for predefined ACLs
    * DOC: clarify that compression works for HTTP/2
    * BUG/MINOR: tools: fix parsing "us" unit for timers
    * CONTRIB: halog: fix issue with array of type char
    * REGTESTS: ssl: mark set_ssl_cert_bundle.vtc as broken
    * DOC: Explicitly state only IPv4 are supported by forwardfor/originalto options
    * REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
    * BUG/MINOR: ssl: Add missing free on SSL_CTX in ckch_inst_free
    * BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
    * BUG/MINOR: ssl: Prevent removal of crt-list line if the instance is a default one
    * BUG/MINOR: ssl: Fix update of default certificate
    * BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
    * BUG/MINOR: tcp: fix silent-drop workaround for IPv6
* Tue Mar 30 2021 [email protected]
  - Update to version 2.3.9+git1.afb63bc04:
    * BUILD: backend: fix build breakage in idle conn locking fix
    * [RELEASE] Released version 2.3.9
    * BUG/MEDIUM: time: make sure to always initialize the global tick
    * BUG/MINOR: stats: Apply proper styles in HTML status page.
    * BUG/MINOR: payload: Wait for more data if buffer is empty in payload/payload_lv
    * MEDIUM: backend: use a trylock to grab a connection on high FD counts as well
    * BUG/MEDIUM: mux-h1: make h1_shutw_conn() idempotent
* Thu Mar 25 2021 [email protected]
  - Update to version 2.3.8+git0.e572195c7:
    * [RELEASE] Released version 2.3.8
    * BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters
    * MINOR: tools: make url2ipv4 return the exact number of bytes parsed
    * BUG/MEDIUM: thread: Fix a deadlock if an isolated thread is marked as harmless
    * BUG/MEDIUM: fd: Take the fd_mig_lock when closing if no DWCAS is available.
    * CLEANUP: fd: remove unused fd_set_running_excl()
    * BUG/MEDIUM: fd: do not wait on FD removal in fd_delete()
    * MINOR: fd: remove the unneeded running bit from fd_insert()
    * MINOR: fd: make fd_clr_running() return the remaining running mask
    * BUG/MEDIUM: lua: Always init the lua stack before referencing the context
    * BUG/MEDIUM: debug/lua: Use internal hlua function to dump the lua traceback
    * MINOR: lua: Slightly improve function dumping the lua traceback
    * BUILD: ssl: guard ecdh functions with SSL_CTX_set_tmp_ecdh macro
    * BUG/MINOR: ssl: Prevent disk access when using "add ssl crt-list"
    * BUG/MEDIUM: debug/lua: Don't dump the lua stack if not dumpable
    * MEDIUM: lua: Use a per-thread counter to track some non-reentrant parts of lua
    * MINOR/BUG: mworker/cli: do not use the unix_bind prefix for the master CLI socket
    * BUG/MINOR: protocol: add missing support of dgram unix socket.
    * BUG/MEDIUM: freq_ctr/threads: use the global_now_ms variable
    * MINOR: time: also provide a global, monotonic global_now_ms timer
    * BUG/MEDIUM: mux-fcgi: Fix locking of idle_conns lock in the FCGI I/O callback
    * BUG/MINOR: freq_ctr/threads: make use of the last updated global time
    * MINOR: time: export the global_now variable
* Tue Mar 16 2021 [email protected]
  - Update to version 2.3.7+git0.2d39ce334:
    * [RELEASE] Released version 2.3.7
    * BUG/MINOR: resolvers: Add missing case-insensitive comparisons of DNS hostnames
    * MINOR: resolvers: Don't try to match immediatly renewed ADD items
    * MINOR: resolvers: Use milliseconds for cached items in resolver responses
    * BUG/MEDIUM: resolvers: Skip DNS resolution at startup if SRV resolution is set
    * BUG/MEDIUM: resolvers: Don't release resolution from a requester callbacks
    * MINOR: resolvers: Directly call srvrq_update_srv_state() when possible
    * MINOR: resolvers: Add function to change the srv status based on SRV resolution
    * MINOR: resolvers: Purge answer items when a SRV resolution triggers an error
    * MINOR: resolvers: Use a function to remove answers attached to a resolution
    * BUG/MEDIUM: resolvers: Trigger a DNS resolution if an ADD item is obsolete
    * BUG/MINOR; resolvers: Ignore DNS resolution for expired SRV item
    * MINOR: resolvers: new function find_srvrq_answer_record()
    * BUG/MEDIUM: resolvers: Fix the loop looking for an existing ADD item
    * BUG/MEDIUM: resolvers: Don't set an address-less server as UP
    * BUG/MINOR: resolvers: Unlink DNS resolution to set RMAINT on SRV resolution
    * BUG/MINOR: resolvers: Reset server address on DNS error only on status change
    * BUG/MINOR: resolvers: Consider server to have no IP on DNS resolution error
    * Revert "BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record"
    * CLEANUP: tcp-rules: add missing actions in the tcp-request error message
    * BUG/MINOR: tcpcheck: Fix double free on error path when parsing tcp/http-check
    * BUG/MINOR: session: Add some forgotten tests on session's listener
    * BUG/MINOR: proxy/session: Be sure to have a listener to increment its counters
    * BUG/MINOR: tcpcheck: Update .health threshold of agent inside an agent-check
    * BUG/MEDIUM: filters: Set CF_FL_ANALYZE on channels when filters are attached
    * BUILD: atomic/arm64: force the register pairs to use in __ha_cas_dw()
    * BUG/MEDIUM: stick-tables: fix ref counter in table entry using multiple http tracksc.
    * OPTIM: task: automatically adjust the default runqueue-depth to the threads
    * MINOR: task: give the scheduler a bit more flexibility in the runqueue size
    * MEDIUM: task: remove the tasks_run_queue counter and have one per thread
    * MEDIUM: ssl: implement xprt_set_used and xprt_set_idle to relax context checks
    * MINOR: xprt: add new xprt_set_idle and xprt_set_used methods
    * MEDIUM: muxes: mark idle conns tasklets with TASK_F_USR1
    * MINOR: task: add an application specific flag to the state: TASK_F_USR1
    * BUG/MEDIUM: ssl: properly remove the TASK_HEAVY flag at end of handshake
    * MINOR: ssl: mark the SSL handshake tasklet as heavy
    * MINOR: task: limit the number of subsequent heavy tasks with flag TASK_HEAVY
    * MEDIUM: backend: use a trylock when trying to grab an idle connection
    * MINOR: pools: double the local pool cache size to 1 MB
    * MEDIUM: pools: add CONFIG_HAP_NO_GLOBAL_POOLS and CONFIG_HAP_GLOBAL_POOLS
    * MEDIUM: streams: do not use the streams lock anymore
    * MINOR: streams: use one list per stream instead of a global one
    * MINOR: cli/streams: make "show sess" dump all streams till the new epoch
    * MINOR: stream: add an "epoch" to figure which streams appeared when
    * MINOR: dynbuf: pass offer_buffers() the number of buffers instead of a threshold
    * MINOR: dynbuf: use regular lists instead of mt_lists for buffer_wait
    * MINOR: dynbuf: make the buffer wait queue per thread
    * OPTIM: lb-leastconn: do not unlink the server if it did not change
    * OPTIM: lb-leastconn: do not take the server lock on take_conn/drop_conn
    * OPTIM: lb-first: do not take the server lock on take_conn/drop_conn
    * MINOR: lb/api: let callers of take_conn/drop_conn tell if they have the lock
    * MINOR: server: move actconns to the per-thread structure
    * OPTIM: server: switch the actconn list to an mt-list
    * MINOR: listener: refine the default MAX_ACCEPT from 64 to 4
    * MINOR: tasks: refine the default run queue depth
    * BUG/MEDIUM: session: NULL dereference possible when accessing the listener
    * MINOR: atomic: implement a more efficient arm64 __ha_cas_dw() using pairs
    * MINOR: atomic: add armv8.1-a atomics variant for cas-dw
    * BUG/MINOR: mt-list: always perform a cpu_relax call on failure
    * REORG: atomic: reimplement pl_cpu_relax() from atomic-ops.h
    * BUG/MINOR: ssl: don't truncate the file descriptor to 16 bits in debug mode
    * BUG/MINOR: hlua: Don't strip last non-LWS char in hlua_pushstrippedstring()
    * BUG/MINOR: backend: fix condition for reuse on mode HTTP
* Wed Mar 03 2021 [email protected]
  - Update to version 2.3.6+git0.7851701ed:
    * [RELEASE] Released version 2.3.6
    * BUG/MINOR: http-ana: Don't increment HTTP error counter on read error/timeout
    * BUG/MINOR: mux-h2: Fix typo in scheme adjustment
    * DOC: spoe: Add a note about fragmentation support in HAProxy
    * BUG/MEDIUM: spoe: Kill applets if there are pending connections and nbthread > 1
    * BUG/MINOR: connection: Use the client's dst family for adressless servers
    * BUG/MINOR: tcp-act: Don't forget to set the original port for IPv4 set-dst rule
    * BUG/MINOR: http-ana: Only consider dst address to process originalto option
    * BUG/MINOR: mux-h1: Immediately report H1C errors from h1_snd_buf()
    * BUG/MINOR: stats: fix compare of no-maint url suffix
    * CLEANUP: muxes: Remove useless if condition in show_fd function
    * BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup()
    * BUG/MEDIUM: resolvers: Reset address for unresolved servers
    * BUG/MEDIUM: resolvers: Reset server address and port for obselete SRV records
    * BUG/MINOR: resolvers: new callback to properly handle SRV record errors
    * BUG/MINOR: resolvers: Only renew TTL for SRV records with an additional record
    * BUG/MINOR: resolvers: Fix condition to release received ARs if not assigned
    * BUG/MINOR: fd: properly wait for !running_mask in fd_set_running_excl()
    * BUG/MINOR: proxy: wake up all threads when sending the hard-stop signal
    * BUG/MEDIUM: cli/shutdown sessions: make it thread-safe
    * BUG/MEDIUM: proxy: use thread-safe stream killing on hard-stop
    * BUG/MEDIUM: vars: make functions vars_get_by_{name,desc} thread-safe
    * BUG/MINOR: sample: secure convs that accept base64 string and var name as args
    * MINOR: Configure the `cpp` userdiff driver for *.[ch] in .gitattributes
    * BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert"
    * BUG/MEDIUM: mux-h1: Fix handling of responses to CONNECT other than 200-ok
    * BUG/MINOR: server: Be sure to cut the last parsed field of a server-state line
    * BUG/MINOR: server: Init params before parsing a new server-state line
    * BUG/MINOR: http-rules: Always replace the response status on a return action
    * BUG/MEDIUM: spoe: Resolve the sink if a SPOE logs in a ring buffer
    * BUG/MEDIUM: lists: Avoid an infinite loop in MT_LIST_TRY_ADDQ().
    * DOC: explain the relation between pool-low-conn and tune.idle-pool.shared
    * BUILD: ssl: introduce fine guard for OpenSSL specific SCTL functions
    * BUG/MINOR: sample: Always consider zero size string samples as unsafe
    * BUG/MEDIUM: checks: don't needlessly take the server lock in health_adjust()
    * BUG/MINOR: checks: properly handle wrapping time in __health_adjust()
    * BUG/MINOR: session: atomically increment the tracked sessions counter
    * BUG/MINOR: server: Remove RMAINT from admin state when loading server state
    * CLEANUP: channel: fix comment in ci_putblk.
    * DOC: tune: explain the origin of block size for ssl.cachesize
    * BUG/MINOR: server: Don't call fopen() with server-state filepath set to NULL
    * BUG/MINOR: cfgparse: do not mention "addr:port" as supported on proxy lines
    * BUG/MINOR: stats: revert the change on ST_CONVDONE
    * BUG/MEDIUM: config: don't pick unset values from last defaults section
    * CLEANUP: deinit: release global and per-proxy server-state variables on deinit
    * BUG/MINOR: server: Fix server-state-file-name directive
    * BUG/MINOR: backend: hold correctly lock when killing idle conn
    * BUG/MINOR: tools: Fix a memory leak on error path in parse_dotted_uints()
    * BUG/MINOR: server: re-align state file fields number
    * BUG/MEDIUM: mux-h1: Always set CS_FL_EOI for response in MSG_DONE state
    * BUG/MINOR: http-ana: Don't increment HTTP error counter on internal errors
    * BUG/MINOR: intops: fix mul32hi()'s off-by-one
    * BUILD: ssl: guard SSL_CTX_set_msg_callback with SSL_CTRL_SET_MSG_CALLBACK macro
    * BUILD: ssl: guard SSL_CTX_add_server_custom_ext with special macro
    * BUILD: ssl: fix typo in HAVE_SSL_CTX_ADD_SERVER_CUSTOM_EXT macro
    * MINOR: check: do not ignore a connection header for http-check send
* Sat Feb 06 2021 [email protected]
  - Update to version 2.3.5+git0.5902ad99b:
    * [RELEASE] Released version 2.3.5
    * MINOR: config: Deprecate and ignore tune.chksize global option
    * BUG/MINOR: sock: Unclosed fd in case of connection allocation failure
    * BUG/MEDIUM: mux-h2: do not quit the demux loop before setting END_REACHED
    * BUG/MEDIUM: mux-h2: handle remaining read0 cases
    * BUILD: Makefile: move REGTESTST_TYPE default setting
    * MINOR: cli/show_fd: report local and report ports when known
    * BUILD: ssl: fix build breakage with last commit
    * BUG/MINOR: ssl: do not try to use early data if not configured
    * BUG/MINOR: xxhash: make sure armv6 uses memcpy()
    * BUG/MINOR: mux_h2: fix incorrect stat titles
    * BUG/MEDIUM: ssl: check a connection's status before computing a handshake
    * BUG/MEDIUM: ssl/cli: abort ssl cert is freeing the old store
    * BUG/MINOR: stick-table: Always call smp_fetch_src() with a valid arg list
    * DOC: management: fix "show resolvers" alphabetical ordering
    * MINOR: h1: Raise the chunk size limit up to (2^52 - 1)
    * MINOR: mux-h1/show_fd: report as suspicious an entry with too many calls
    * MINOR: mux-h2/show_fd: report as suspicious an entry with too many calls
    * MINOR: ssl/show_fd: report some FDs as suspicious when possible
    * MINOR: cli/show_fd: report some easily detectable suspicious states
    * MINOR: cli: give the show_fd helpers the ability to report a suspicious entry
    * MINOR: mux-fcgi: make the "show fd" helper also decode the fstrm subscriber when known
    * MINOR: mux-h1: make the "show fd" helper also decode the h1s subscriber when known
    * MINOR: mux-h2: make the "show fd" helper also decode the h2s subscriber when known
    * MINOR: xprt/mux: export all *_io_cb functions so that "show fd" resolves them
    * MINOR: ssl: provide a "show fd" helper to report important SSL information
    * MINOR: xprt: add a new show_fd() helper to complete some "show fd" dumps.
    * MINOR: cli: make "show fd" also report the xprt and xprt_ctx
    * CLEANUP: cli: make "show fd" use a const connection to access other fields
    * CLEANUP: tools: make resolve_sym_name() take a const pointer
    * MINOR: contrib: Make the wireshark peers dissector compile for more distribs.
    * BUG/MINOR: backend: check available list allocation for reuse
    * BUG/MEDIUM: backend: never reuse a connection for tcp mode
    * REORG: backend: simplify conn_backend_get
    * BUG/MEDIUM: session: only retrieve ready idle conn from session
    * BUG/MINOR: ssl: init tmp chunk correctly in ssl_sock_load_sctl_from_file()
    * BUG/MINOR: config: fix leak on proxy.conn_src.bind_hdr_name
    * BUG/MEDIUM: filters/htx: Fix data forwarding when payload length is unknown
    * DOC: Improve documentation of the various hdr() fetches
    * BUILD/MINOR: lua: define _GNU_SOURCE for LLONG_MAX
    * BUG/MEDIUM: mux-h2: fix read0 handling on partial frames
    * BUG/MEDIUM: tcpcheck: Don't destroy connection in the wake callback context
    * BUG/MINOR: mworker: define _GNU_SOURCE for strsignal()
    * BUG/MINOR: mux_h2: missing space between "st" and ".flg" in the "show fd" helper
    * BUG/MINOR: peers: Wrong "new_conn" value for "show peers" CLI command.
    * MINOR: build: discard echoing in help target
    * BUG/MINOR: peers: Possible appctx pointer dereference.
    * BUG/MEDIUM: stats: add missing INF_BUILD_INFO definition
    * BUILD: peers: fix build warning about unused variable
    * BUG/MINOR: dns: SRV records ignores duplicated AR records (v2)
    * MINOR: peers: Add traces for peer control messages.
    * BUG/MINOR: threads: Fixes the number of possible cpus report for Mac.
    * MINOR: server: Forbid server definitions in frontend sections
    * MINOR: config: Add failifnotcap() to emit an alert on proxy capabilities
    * BUG/MINOR: init: Use a dynamic buffer to set HAPROXY_CFGFILES env variable
* Wed Jan 27 2021 Callum Farmer <[email protected]>
  - Add lua54.patch to fix building with lua 5.4
* Wed Jan 13 2021 [email protected]
  - Update to version 2.3.4+git0.10189c965:
    * [RELEASE] Released version 2.3.4
    * MINOR: contrib/prometheus-exporter: use fill_info for process dump
    * MINOR: contrib/prometheus-exporter: avoid connection close header
    * BUG/MINOR: init: enforce strict-limits when using master-worker
    * BUG/MINOR: check: Don't perform any check on servers defined in a frontend
    * BUG/MINOR: sample: Memory leak of sample_expr structure in case of error
    * Revert "BUG/MINOR: dns: SRV records ignores duplicated AR records"
    * MINOR: reg-tests: add base prometheus test
    * BUG/MINOR: reg-tests: fix service dependency script
    * BUG/MINOR: sample: check alloc_trash_chunk return value in concat()
    * MINOR: reg-tests: add a way to add service dependency
* Fri Jan 08 2021 [email protected]
  - Update to version 2.3.3+git0.9233c2143:
    * [RELEASE] Released version 2.3.3
    * BUG/MINOR: sample: fix concat() converter's corruption with non-string variables
    * DOC: Add maintainers for the Prometheus exporter
    * SCRIPTS: announce-release: fix typo in help message
    * DOC: fix some spelling issues over multiple files
    * MINOR: contrib/prometheus-exporter: export build_info
    * CLEANUP: cfgparse: replace "realloc" with "my_realloc2" to fix to memory leak on error
    * BUILD: Makefile: exclude broken tests by default
    * MINOR: converter: adding support for url_enc
    * BUG/MINOR: srv: do not cleanup idle conns if pool max is null
    * BUG/MINOR: srv: do not init address if backend is disabled
    * SCRIPTS: make announce release support preparing announces before tag exists
    * SCRIPTS: improve announce-release to support different tag and versions
    * BUG/MINOR: stats: Make stat_l variable used to dump a stat line thread local
    * DOC: Improve the message printed when running `make` w/o `TARGET`
    * BUG/MINOR: tcpcheck: Report a L7OK if the last evaluated rule is a send rule
    * BUG/MINOR: cfgparse: Fail if the strdup() for `rule->be.name` for `use_backend` fails
    * BUG/MINOR: sink: Return an allocation failure in __sink_new if strdup() fails
    * MINOR: atomic: don't use ; to separate instruction on aarch64.
    * BUILD: hpack: hpack-tbl-t.h uses VAR_ARRAY but does not include compiler.h
    * BUG/MEDIUM: mux_h2: Add missing braces in h2_snd_buf()around trace+wakeup
    * DOC: fix "smp_size" vs "sample_size" in "log" directive arguments
    * BUG/MINOR: dns: SRV records ignores duplicated AR records
    * BUILD: ssl: fine guard for SSL_CTX_get0_privatekey call
    * BUILD: plock: remove dead code that causes a warning in gcc 11
    * CONTRIB: debug: address "poll" utility build on non-linux platforms
    * CONTRIB: halog: fix signed/unsigned build warnings on counts and timestamps
    * CONTRIB: halog: mark the has_zero* functions unused
    * CONTRIB: halog: fix build issue caused by %L printf format
    * BUG/MEDIUM: mux-h1: Handle h1_process() failures on a pipelined request
    * BUG/MEDIUM: http-ana: Never for sending data in TUNNEL mode
    * BUG/MINOR: mux-h1: Don't set CS_FL_EOI too early for protocol upgrade requests
    * BUILD: Makefile: have "make clean" destroy .o/.a/.s in contrib subdirs as well
    * BUILD: SSL: fine guard for SSL_CTX_add_server_custom_ext call
    * REGTESTS: make use of HAPROXY_ARGS and pass -dM by default
    * BUG/MEDIUM: ssl/crt-list: bad behavior with "commit ssl cert"
    * BUG/MEDIUM: lb-leastconn: Reposition a server using the right eweight
    * BUG/MINOR: tools: Reject size format not starting by a digit
    * BUG/MINOR: tools: make parse_time_err() more strict on the timer validity
    * MINOR: tcpcheck: Only wait for more payload data on HTTP expect rules
    * BUG/MINOR: tcpcheck: Don't rearm the check timeout on each read
    * BUG/MINOR: http-check: Use right condition to consider HTX message as full
    * DOC: email change of the DeviceAtlas maintainer
    * BUG/MEDIUM: spoa/python: Fixing references to None
    * BUG/MEDIUM: spoa/python: Fixing PyObject_Call positional arguments
    * BUG/MINOR: spoa/python: Cleanup ipaddress objects if initialization fails
    * BUG/MINOR: spoa/python: Cleanup references for failed Module Addobject operations
    * DOC: spoa/python: Fixing typos in comments
    * DOC: spoa/python: Rephrasing memory related error messages
    * DOC: spoa/python: Fixing typo in IP related error messages
    * BUG/MAJOR: spoa/python: Fixing return None
    * MEDIUM: ssl: fatal error with bundle + openssl < 1.1.1
    * MINOR: listener: now use a generic add_listener() function
    * MINOR: listener: automatically set the port when creating listeners
    * MINOR: protocol: add a ->set_port() helper to address families
    * BUG/MINOR: mux-h1: Handle keep-alive timeout for idle frontend connections
    * BUG/MINOR: listener: use sockaddr_in6 for IPv6
    * DOC/MINOR: Fix formatting in Management Guide
    * BUILD/MINOR: haproxy DragonFlyBSD affinity build update.
    * BUG/MAJOR: ring: tcp forward on ring can break the reader counter.
    * BUG/MINOR: lua: warn when registering action, conv, sf, cli or applet multiple times
    * MINOR: cli: add a function to look up a CLI service description
    * MINOR: actions: add a function returning a service pointer from its name
    * MINOR: actions: Export actions lookup functions
    * BUG/MINOR: lua: Some lua init operation are processed unsafe
    * BUG/MINOR: lua: Post init register function are not executed beyond the first one
    * BUG/MINOR: lua: lua-load doesn't check its parameters
    * BUG/MINOR: lua: missing "\n" in error message
    * BUG/MINOR: mux-h2/stats: not all GOAWAY frames are errors
    * BUG/MINOR: mux-h2/stats: make stream/connection proto errors more accurate
    * BUG/MEDIUM: local log format regression.
    * BUG/MEDIUM: task: close a possible data race condition on a tasklet's list link
    * MINOR: task: remove __tasklet_remove_from_tasklet_list()
    * BUG/MEDIUM: lists: Lock the element while we check if it is in a list.
    * MINOR: plock: use an ARMv8 instruction barrier for the pause instruction

Files

/etc/apparmor.d/local/haproxy
/etc/apparmor.d/local/usr.sbin.haproxy
/etc/apparmor.d/usr.sbin.haproxy
/etc/haproxy
/etc/haproxy/haproxy.cfg
/run/haproxy
/usr/lib/systemd/system/haproxy.service
/usr/lib/sysusers.d/haproxy-user.conf
/usr/lib/tmpfiles.d/haproxy.conf
/usr/sbin/haproxy
/usr/sbin/haproxy-halog
/usr/sbin/rchaproxy
/usr/share/doc/packages/haproxy
/usr/share/doc/packages/haproxy/51Degrees-device-detection.txt
/usr/share/doc/packages/haproxy/CHANGELOG
/usr/share/doc/packages/haproxy/DeviceAtlas-device-detection.txt
/usr/share/doc/packages/haproxy/HAProxyCommunityEdition_60px.png
/usr/share/doc/packages/haproxy/README.md
/usr/share/doc/packages/haproxy/SOCKS4.protocol.txt
/usr/share/doc/packages/haproxy/SPOE.txt
/usr/share/doc/packages/haproxy/WURFL-device-detection.txt
/usr/share/doc/packages/haproxy/acl.fig
/usr/share/doc/packages/haproxy/coding-style.txt
/usr/share/doc/packages/haproxy/configuration.txt
/usr/share/doc/packages/haproxy/cookie-options.txt
/usr/share/doc/packages/haproxy/design-thoughts
/usr/share/doc/packages/haproxy/design-thoughts/binding-possibilities.txt
/usr/share/doc/packages/haproxy/design-thoughts/connection-reuse.txt
/usr/share/doc/packages/haproxy/design-thoughts/error-reporting.txt
/usr/share/doc/packages/haproxy/design-thoughts/h2-rx-win.fig
/usr/share/doc/packages/haproxy/design-thoughts/http_load_time.url
/usr/share/doc/packages/haproxy/design-thoughts/pool-debugging.txt
/usr/share/doc/packages/haproxy/design-thoughts/ring-v2.txt
/usr/share/doc/packages/haproxy/design-thoughts/thread-group.txt
/usr/share/doc/packages/haproxy/examples
/usr/share/doc/packages/haproxy/examples/basic-config-edge.cfg
/usr/share/doc/packages/haproxy/examples/content-sw-sample.cfg
/usr/share/doc/packages/haproxy/examples/errorfiles
/usr/share/doc/packages/haproxy/examples/errorfiles/400.http
/usr/share/doc/packages/haproxy/examples/errorfiles/403.http
/usr/share/doc/packages/haproxy/examples/errorfiles/408.http
/usr/share/doc/packages/haproxy/examples/errorfiles/500.http
/usr/share/doc/packages/haproxy/examples/errorfiles/502.http
/usr/share/doc/packages/haproxy/examples/errorfiles/503.http
/usr/share/doc/packages/haproxy/examples/errorfiles/504.http
/usr/share/doc/packages/haproxy/examples/errorfiles/README
/usr/share/doc/packages/haproxy/examples/lua
/usr/share/doc/packages/haproxy/examples/lua/README
/usr/share/doc/packages/haproxy/examples/lua/event_handler.lua
/usr/share/doc/packages/haproxy/examples/lua/mailers.lua
/usr/share/doc/packages/haproxy/examples/mptcp-backend.py
/usr/share/doc/packages/haproxy/examples/mptcp.cfg
/usr/share/doc/packages/haproxy/examples/option-http_proxy.cfg
/usr/share/doc/packages/haproxy/examples/quick-test.cfg
/usr/share/doc/packages/haproxy/examples/socks4.cfg
/usr/share/doc/packages/haproxy/examples/traces.cfg
/usr/share/doc/packages/haproxy/examples/transparent_proxy.cfg
/usr/share/doc/packages/haproxy/examples/wurfl-example.cfg
/usr/share/doc/packages/haproxy/gpl.txt
/usr/share/doc/packages/haproxy/haproxy.1
/usr/share/doc/packages/haproxy/internals
/usr/share/doc/packages/haproxy/internals/acl.txt
/usr/share/doc/packages/haproxy/internals/api
/usr/share/doc/packages/haproxy/internals/api/appctx.txt
/usr/share/doc/packages/haproxy/internals/api/buffer-api.txt
/usr/share/doc/packages/haproxy/internals/api/buffer-list-api.txt
/usr/share/doc/packages/haproxy/internals/api/event_hdl.txt
/usr/share/doc/packages/haproxy/internals/api/filters.txt
/usr/share/doc/packages/haproxy/internals/api/htx-api.txt
/usr/share/doc/packages/haproxy/internals/api/initcalls.txt
/usr/share/doc/packages/haproxy/internals/api/ist.txt
/usr/share/doc/packages/haproxy/internals/api/layers.txt
/usr/share/doc/packages/haproxy/internals/api/list.txt
/usr/share/doc/packages/haproxy/internals/api/mt_list.txt
/usr/share/doc/packages/haproxy/internals/api/pools.txt
/usr/share/doc/packages/haproxy/internals/api/scheduler.txt
/usr/share/doc/packages/haproxy/internals/body-parsing.txt
/usr/share/doc/packages/haproxy/internals/connect-status.txt
/usr/share/doc/packages/haproxy/internals/connection-header.txt
/usr/share/doc/packages/haproxy/internals/connection-scale.txt
/usr/share/doc/packages/haproxy/internals/fd-migration.txt
/usr/share/doc/packages/haproxy/internals/hashing.txt
/usr/share/doc/packages/haproxy/internals/list.fig
/usr/share/doc/packages/haproxy/internals/list.png
/usr/share/doc/packages/haproxy/internals/listener-states.fig
/usr/share/doc/packages/haproxy/internals/listener-states.png
/usr/share/doc/packages/haproxy/internals/lua_socket.fig
/usr/share/doc/packages/haproxy/internals/lua_socket.pdf
/usr/share/doc/packages/haproxy/internals/muxes.fig
/usr/share/doc/packages/haproxy/internals/muxes.pdf
/usr/share/doc/packages/haproxy/internals/muxes.png
/usr/share/doc/packages/haproxy/internals/muxes.svg
/usr/share/doc/packages/haproxy/internals/mworker.md
/usr/share/doc/packages/haproxy/internals/notes-layers.txt
/usr/share/doc/packages/haproxy/internals/notes-poll-connect.txt
/usr/share/doc/packages/haproxy/internals/notes-pollhup.txt
/usr/share/doc/packages/haproxy/internals/notes-polling.txt
/usr/share/doc/packages/haproxy/internals/pattern.dia
/usr/share/doc/packages/haproxy/internals/pattern.pdf
/usr/share/doc/packages/haproxy/internals/polling-states.fig
/usr/share/doc/packages/haproxy/internals/sched.fig
/usr/share/doc/packages/haproxy/internals/sched.pdf
/usr/share/doc/packages/haproxy/internals/sched.png
/usr/share/doc/packages/haproxy/internals/sched.svg
/usr/share/doc/packages/haproxy/internals/ssl_cert.dia
/usr/share/doc/packages/haproxy/internals/stats-v2.txt
/usr/share/doc/packages/haproxy/internals/stconn-close.txt
/usr/share/doc/packages/haproxy/internals/stream-sock-states.fig
/usr/share/doc/packages/haproxy/intro.txt
/usr/share/doc/packages/haproxy/lgpl.txt
/usr/share/doc/packages/haproxy/linux-syn-cookies.txt
/usr/share/doc/packages/haproxy/lua-api
/usr/share/doc/packages/haproxy/lua-api/Makefile
/usr/share/doc/packages/haproxy/lua-api/_static
/usr/share/doc/packages/haproxy/lua-api/_static/channel.fig
/usr/share/doc/packages/haproxy/lua-api/_static/channel.png
/usr/share/doc/packages/haproxy/lua-api/conf.py
/usr/share/doc/packages/haproxy/lua-api/index.rst
/usr/share/doc/packages/haproxy/lua.txt
/usr/share/doc/packages/haproxy/management.txt
/usr/share/doc/packages/haproxy/netscaler-client-ip-insertion-protocol.txt
/usr/share/doc/packages/haproxy/netsnmp-perl
/usr/share/doc/packages/haproxy/netsnmp-perl/README
/usr/share/doc/packages/haproxy/netsnmp-perl/cacti_data_query_haproxy_backends.xml
/usr/share/doc/packages/haproxy/netsnmp-perl/cacti_data_query_haproxy_frontends.xml
/usr/share/doc/packages/haproxy/netsnmp-perl/haproxy.pl
/usr/share/doc/packages/haproxy/netsnmp-perl/haproxy_backend.xml
/usr/share/doc/packages/haproxy/netsnmp-perl/haproxy_frontend.xml
/usr/share/doc/packages/haproxy/netsnmp-perl/haproxy_socket.xml
/usr/share/doc/packages/haproxy/network-namespaces.txt
/usr/share/doc/packages/haproxy/peers-v2.0.txt
/usr/share/doc/packages/haproxy/peers.txt
/usr/share/doc/packages/haproxy/proxy-protocol.txt
/usr/share/doc/packages/haproxy/queuing.fig
/usr/share/doc/packages/haproxy/regression-testing.txt
/usr/share/doc/packages/haproxy/seamless_reload.txt
/usr/share/doc/packages/haproxy/selinux
/usr/share/doc/packages/haproxy/selinux/README
/usr/share/doc/packages/haproxy/selinux/haproxy.fc
/usr/share/doc/packages/haproxy/selinux/haproxy.if
/usr/share/doc/packages/haproxy/selinux/haproxy.te
/usr/share/licenses/haproxy
/usr/share/licenses/haproxy/LICENSE
/usr/share/man/man1/haproxy.1.gz
/usr/share/vim
/usr/share/vim/vim91
/usr/share/vim/vim91/syntax
/usr/share/vim/vim91/syntax/haproxy.vim
/var/lib/haproxy


Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Dec 9 23:31:48 2024