Release Notes: The last known bugs since 1.5-dev15 have been fixed (frozen POSTs, aborted SSL sessions, and occasionally truncated early responses from servers to POST requests). Additionally, a few long-awaited features have been implemented: support for logging anything coming from a sample fetch function using % in the log format, as well as passing this to servers in HTTP headers (all SSL information can now be passed this way). The HTML stats page was improved with more detailed information in tips (this was broken in dev16). Users of 1.5-dev12 to 16 are strongly encouraged to upgrade.
Release Notes: The high CPU usage a few users have been experiencing in dev14 is now fixed. A file descriptor leak when logging SSL information was fixed. Some SSL issues with client certs were fixed. SSL handshake errors are now logged. Some incorrect logs of "SD" flags in case of client errors were resolved. The conditions to enable Gzip compression were tightened. Layer 7 information such as the IP address taken from a header can now be tracked. Users of 1.5-dev12..dev14 are encouraged to upgrade.
Release Notes: The SSL stack received many fixes and improvements. It now supports mutual cert authentication, client cert-based ACLs, and a multi-process session cache. Some facilities were offered to support multi-process mode with SSL. Health checks support SSL and the PROXY protocol. HTTP forwarding now supports gzip compression. Recent Linux platforms support TCP FastOpen and accept4(). The "bind" statement now supports "v4v6" and "v6only" keywords to decide on the IPv6 binding policy. Many bugs have been fixed, so those using dev12 and dev13 in production are strongly encouraged to upgrade.
Release Notes: The main change is the addition of client-side and server-side native SSL support. Other less important features include the addition of new ACL and patterns (base, urlp), support for IPv6 transparent mode on recent Linux kernels, the ability to feed/remove stick-table entries from the CLI, the ability to change sessions scheduling priority using the "nice" keyword, some halog, and some doc updates. This version includes massive changes. While many bugs have been fixed, a number of others might have been introduced; use with care.
Release Notes: Many bugs and recent regressions since 1.5-dev8 have been fixed. A few minor features have been merged, including the ability to soft start/soft stop servers and kill sessions from the stats page in admin mode, a new option to hash the whole URI instead of just the path, an option to kill sessions on backup servers when active servers recover, and options to set the HttpOnly and Secure flags on cookies. Users of 1.5-dev8 and later should upgrade.
Release Notes: A number of old bugs were reported recently, including the risk of a crash if using reqrep/rsprep and having tune.bufsize larger than default, the risk of a crash when using header captures on a TCP frontend (config error), the risk of a crash when some servers were declared with checks in a farm that does not use an LB algorithm, and "balance source" not correctly hashing IPv6 addresses resulting in IPv4 connections to IPv6 listeners always having the same hash. Some other minor fixes and improvements were merged. Though unlikely affected, users are encouraged to upgrade to avoid future issues.
Release Notes: http_auth_group was broken in dev9, and would only validate users without checking groups. The connection's destination address could not be fetched anymore, breaking dst ACL and transparent mode, among other things. "timeout tunnel" has been added for easier WebSocket configuration. A rework of the poller has brought a global performance increase of up to around 10%. Users of 1.5 should not use 1.5-dev9, and should switch to -dev10 instead.
Release Notes: A new logging subsystem with customizable log formats, a unique-ID generator, a full rework of the buffers and HTTP message storage, a merge of the ACL and pattern fetch code, ACL support for IPv6 addresses, cookies, URL parameters, and arbitrary payload, support for specifying a precise occurrence in fetch functions, much better error reporting for ACL parsing errors, the long-awaited "use-server" directive, minor improvements to the error capture reports, and a significant number of bugfixes.
Release Notes: A number of annoying issues (some old) were fixed. All 1.4 users are encouraged to upgrade. Zero-weight servers won't take requests from the backend queue anymore. A fix for an issue where releasing a server connection would not result in picking a new one from the queue. POST requests smaller than the buffer could sometimes be delayed by 200ms. The TCP segment merging mechanism has been improved to ensure that outgoing segments are always merged even with wrapping chunks.
Release Notes: White space past the end of header values was not ignored, causing a space-padded content-length header to be rejected as invalid. A few minor improvements were made. The halog tool was improved to support more filtering criteria and to be noticeably faster. There is no need to upgrade for already running setups.