Microrelease update in all supported releases
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
haproxy (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Won't Fix
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Jammy |
Fix Released
|
Undecided
|
Lucas Kanashiro |
Bug Description
This bug tracks an update for the HAProxy package in the following Ubuntu releases to the versions below:
* Jammy (22.04): HAProxy 2.4.18
* Focal (20.04): HAProxy 2.0.29
These updates include bugfixes only following the SRU policy exception defined at https:/
[Upstream changes]
* Jammy - HAProxy 2.4.18 changelog
* Focal - HAProxy 2.0.29 changelog
[Test Plan]
Upstream is not hosting those minor versions of LTS releases on GitHub, only in git.haproxy.org. In order to workaround that, I created a fork on GitHub, pulled the tags from git.haproxy.org and pushed them to the fork, then triggered GitHub Actions (TravisCI was not triggered because it requires a subscription).
* Jammy - HAProxy 2.4.18
https:/
autopkgtest local run:
autopkgtest [16:34:24]: @@@@@@@
cli PASS
proxy-localhost PASS
* Focal - HAProxy 2.0.29
https:/
There is a failing test but when it was executed in MacOS which does not impact Ubuntu.
autopkgtest local run:
autopkgtest [09:41:25]: @@@@@@@
cli PASS
proxy-localhost PASS
I sent an email to the upstream mailing list asking to also host those minor versions of LTS releases on GitHub, so next time we do not need to do all of that.
https://<email address hidden>
[Regression Potential]
HAProxy itself does not have many reverse dependencies, however, any upgrade is a risk to introduce some breakage to other packages. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users.
Related branches
- git-ubuntu bot: Approve
- Sergio Durigan Junior (community): Approve
- Canonical Server: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 8551 lines (+2381/-1195)125 files modified.cirrus.yml (+1/-1)
.github/matrix.py (+67/-38)
.github/workflows/codespell.yml (+1/-1)
.github/workflows/compliance.yml (+6/-5)
.github/workflows/contrib.yml (+1/-1)
.github/workflows/coverity.yml (+1/-1)
.github/workflows/openssl-nodeprecated.yml (+2/-2)
.github/workflows/vtest.yml (+47/-3)
.github/workflows/windows.yml (+4/-1)
CHANGELOG (+200/-0)
INSTALL (+5/-5)
Makefile (+17/-10)
SUBVERS (+1/-1)
VERDATE (+2/-2)
VERSION (+1/-1)
addons/ot/include/debug.h (+7/-0)
addons/ot/include/vars.h (+0/-2)
addons/ot/src/cli.c (+6/-6)
addons/ot/src/conf.c (+19/-19)
addons/ot/src/event.c (+5/-5)
addons/ot/src/filter.c (+30/-30)
addons/ot/src/group.c (+14/-14)
addons/ot/src/http.c (+7/-7)
addons/ot/src/opentracing.c (+48/-48)
addons/ot/src/parser.c (+31/-31)
addons/ot/src/pool.c (+4/-4)
addons/ot/src/scope.c (+13/-13)
addons/ot/src/util.c (+9/-9)
addons/ot/src/vars.c (+71/-121)
addons/ot/test/run-cmp.sh (+1/-1)
addons/ot/test/run-ctx.sh (+1/-1)
addons/ot/test/run-fe-be.sh (+2/-2)
addons/ot/test/run-sa.sh (+1/-1)
addons/ot/test/test-speed.sh (+29/-8)
addons/promex/service-prometheus.c (+15/-2)
debian/changelog (+11/-0)
doc/configuration.txt (+126/-74)
doc/intro.txt (+110/-100)
doc/lua.txt (+2/-2)
include/haproxy/applet-t.h (+1/-1)
include/haproxy/bug.h (+29/-15)
include/haproxy/compiler.h (+22/-1)
include/haproxy/cpuset-t.h (+1/-1)
include/haproxy/dgram-t.h (+1/-0)
include/haproxy/fd-t.h (+2/-0)
include/haproxy/fd.h (+6/-0)
include/haproxy/h1.h (+1/-1)
include/haproxy/initcall.h (+2/-4)
include/haproxy/intops.h (+9/-9)
include/haproxy/mqtt-t.h (+1/-0)
include/haproxy/pool-t.h (+2/-1)
include/haproxy/proxy-t.h (+6/-1)
include/haproxy/server-t.h (+1/-1)
include/haproxy/ssl_sock-t.h (+2/-0)
include/haproxy/stream-t.h (+1/-1)
include/haproxy/task-t.h (+10/-0)
include/haproxy/task.h (+48/-4)
include/haproxy/tools.h (+2/-1)
reg-tests/converter/field.vtc (+1/-1)
reg-tests/converter/mqtt.vtc (+11/-0)
reg-tests/converter/secure_memcmp.vtc (+2/-2)
reg-tests/filters/random-forwarding.vtc (+2/-2)
reg-tests/http-messaging/http_abortonclose.vtc (+28/-6)
reg-tests/http-messaging/http_request_buffer.vtc (+12/-4)
reg-tests/http-rules/normalize_uri.vtc (+1/-1)
reg-tests/http-rules/restrict_req_hdr_names.vtc (+123/-0)
reg-tests/mailers/healthcheckmail.lua (+13/-48)
reg-tests/mailers/healthcheckmail.vtc (+30/-47)
reg-tests/ssl/add_ssl_crt-list.vtc (+2/-0)
reg-tests/ssl/ssl_default_server.vtc (+2/-2)
scripts/announce-release (+6/-2)
scripts/build-ot.sh (+34/-0)
scripts/make-releases-json (+103/-0)
scripts/publish-release (+6/-0)
src/acl.c (+0/-2)
src/action.c (+1/-1)
src/backend.c (+2/-5)
src/cache.c (+18/-7)
src/cfgparse-listen.c (+32/-0)
src/cfgparse-ssl.c (+2/-2)
src/cfgparse.c (+37/-9)
src/check.c (+15/-7)
src/cli.c (+14/-18)
src/dns.c (+36/-7)
src/fcgi-app.c (+11/-3)
src/fd.c (+5/-3)
src/flt_http_comp.c (+9/-0)
src/h1_htx.c (+8/-2)
src/haproxy.c (+33/-16)
src/hlua.c (+14/-1)
src/http_act.c (+17/-17)
src/http_ana.c (+95/-16)
src/http_conv.c (+2/-5)
src/http_fetch.c (+8/-11)
src/http_htx.c (+4/-6)
src/htx.c (+6/-4)
src/listener.c (+3/-3)
src/mailers.c (+1/-0)
src/map.c (+5/-12)
src/mqtt.c (+7/-5)
src/mux_fcgi.c (+6/-2)
src/mux_h1.c (+27/-23)
src/mux_h2.c (+120/-44)
src/mux_pt.c (+11/-1)
src/mworker.c (+1/-1)
src/pool.c (+36/-5)
src/proto_sockpair.c (+1/-5)
src/proto_uxst.c (+0/-4)
src/proxy.c (+4/-0)
src/queue.c (+3/-3)
src/resolvers.c (+46/-20)
src/sample.c (+4/-1)
src/session.c (+1/-1)
src/ssl_ckch.c (+73/-85)
src/ssl_crtlist.c (+58/-47)
src/ssl_sock.c (+27/-6)
src/stats.c (+17/-4)
src/stream.c (+23/-13)
src/stream_interface.c (+30/-12)
src/tcp_act.c (+9/-0)
src/tcp_rules.c (+12/-11)
src/tcpcheck.c (+6/-4)
src/tools.c (+34/-9)
src/trace.c (+2/-2)
src/wdt.c (+4/-2)
CVE References
description: | updated |
description: | updated |
Changed in haproxy (Ubuntu): | |
status: | New → Invalid |
tags: | added: server-todo |
description: | updated |
The HAProxy 1.8 stable branch does not have any CI tests definition. Due to that, I am aborting the update in Bionic since we do not have an automated way to check if everything is all right, and according to the MRE doc we do need the CI logs to move on with the update.