95945abc91
The ChangeLog doesn't explicitly mention, but this fixes the CVE-2021-40346 vulnerability as described in: https://www.mail-archive.com/haproxy@formilux.org/msg41114.html While here switch to inserting CFLAGS via CPU_CFLAGS, as that feels a little more appropriate than DEBUG_CFLAGS after re-reading the Makefile. 2021/09/07 : 2.4.4 - BUG/MEDIUM: h2: match absolute-path not path-absolute for :path - REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2 - REGTESTS: abortonclose: after retries, 503 is expected, not close - MINOR: hlua: take the global Lua lock inside a global function - BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions - BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec} - BUG/MINOR: base64: base64urldec() ignores padding in output size check - MINOR: compiler: implement an ONLY_ONCE() macro - BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords - BUG/MINOR: time: fix idle time computation for long sleeps - MINOR: time: add report_idle() to report process-wide idle time - BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long - BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time - BUG/MINOR: tools: Fix loop condition in dump_text() - CLEANUP: Add missing include guard to signal.h - BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser - DOC: configuration: remove wrong tcp-request examples in tcp-response - BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB - CLEANUP: htx: remove comments about "must be < 256 MB" - BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer - Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if chn may receive" |
||
---|---|---|
.. | ||
files | ||
patches | ||
DESCR | ||
distinfo | ||
Makefile | ||
options.mk | ||
PLIST |