diff options
| author | Vincent Bernat <vincent@bernat.im> | 2018-08-05 16:48:22 +0200 |
|---|---|---|
| committer | xeji <36407913+xeji@users.noreply.github.com> | 2018-08-05 16:48:22 +0200 |
| commit | cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14 (patch) | |
| tree | f5c49041d3c1365df884d200e08d2fae1dcf1b45 /pkgs/tools/networking/haproxy | |
| parent | a3e7fc876ab7412b60ae290f360f2f32854386ff (diff) | |
| download | nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar.gz nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar.bz2 nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar.lz nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar.xz nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.tar.zst nixpkgs-cc1d82196c4b8ac1dca0cd134659fd7f8ffd4b14.zip | |
haproxy: 1.8.9 -> 1.8.13 (#44487)
The patches previously applied have been included upstream. Upstream
changelog (only MAJOR/MEDIUM):
2018/07/30 : 1.8.13
- BUG/MEDIUM: h2: don't accept new streams if conn_streams are still in excess
- BUG/MEDIUM: h2: never leave pending data in the output buffer on close
- BUG/MEDIUM: h2: make sure the last stream closes the connection after a timeout
- BUG/MEDIUM: threads: Fix the exit condition of the thread barrier
- BUG/MEDIUM: stream-int: don't immediately enable reading when the buffer was reportedly full
- BUG/MEDIUM: stats: don't ask for more data as long as we're responding
- BUG/MEDIUM: threads/sync: use sched_yield when available
- BUG/MEDIUM: h2: prevent orphaned streams from blocking a connection forever
- BUG/MEDIUM: threads: properly fix nbthreads == MAX_THREADS
- BUG/MEDIUM: threads: unbreak "bind" referencing an incorrect thread number
- MEDIUM: proxy_protocol: Convert IPs to v6 when protocols are mixed
2018/06/27 : 1.8.12
- BUG/MAJOR: stick_table: Complete incomplete SEGV fix
2018/06/26 : 1.8.11
- BUG/MAJOR: Stick-tables crash with segfault when the key is not in the stick-table
2018/06/22 : 1.8.10
- BUG/MEDIUM: spoe: Flags are not encoded in network order
- BUG/MEDIUM: contrib/mod_defender: Use network order to encode/decode flags
- BUG/MEDIUM: contrib/modsecurity: Use network order to encode/decode flags
- BUG/MEDIUM: cache: don't cache when an Authorization header is present
- BUG/MEDIUM: dns: Delay the attempt to run a DNS resolution on check failure.
- BUG/MEDIUM: fd: Only check update_mask against all_threads_mask.
- BUG/MEDIUM: servers: Add srv_addr default placeholder to the state file
- BUG/MEDIUM: lua/socket: Length required read doesn't work
- BUG/MEDIUM: stick-tables: Decrement ref_cnt in table_* converters
- BUG/MEDIUM: spoe: Return an error when the wrong ACK is received in sync mode
- BUG/MEDIUM: lua/socket: wrong scheduling for sockets
- BUG/MAJOR: lua: Dead lock with sockets
- BUG/MEDIUM: lua/socket: Notification error
- BUG/MEDIUM: lua/socket: Sheduling error on write: may dead-lock
- BUG/MEDIUM: lua/socket: Buffer error, may segfault
- MAJOR: spoe: upgrade the SPOP version to 2.0 and remove the support for 1.0
- BUG/MEDIUM: threads: handle signal queue only in thread 0
- BUG/MAJOR: map: fix a segfault when using http-request set-map
- BUG/MAJOR: ssl: Random crash with cipherlist capture
- BUG/MAJOR: ssl: OpenSSL context is stored in non-reserved memory slot
- BUG/MEDIUM: fd: Don't modify the update_mask in fd_dodelete().
- BUG/MEDIUM: threads: Use the sync point to check active jobs and exitDiffstat (limited to 'pkgs/tools/networking/haproxy')
| -rw-r--r-- | pkgs/tools/networking/haproxy/default.nix | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/pkgs/tools/networking/haproxy/default.nix b/pkgs/tools/networking/haproxy/default.nix index 1690d3fcc3e..aa19fdb04de 100644 --- a/pkgs/tools/networking/haproxy/default.nix +++ b/pkgs/tools/networking/haproxy/default.nix @@ -1,6 +1,6 @@ { useLua ? !stdenv.isDarwin , usePcre ? true -, stdenv, fetchurl, fetchpatch +, stdenv, fetchurl , openssl, zlib, lua5_3 ? null, pcre ? null }: @@ -9,26 +9,14 @@ assert usePcre -> pcre != null; stdenv.mkDerivation rec { pname = "haproxy"; - version = "1.8.9"; + version = "1.8.13"; name = "${pname}-${version}"; src = fetchurl { url = "https://www.haproxy.org/download/${stdenv.lib.versions.majorMinor version}/src/${name}.tar.gz"; - sha256 = "00miblgwll3mycsgmp3gd3cn4lwsagxzgjxk5i6csnyqgj97fss3"; + sha256 = "2bf5dafbb5f1530c0e67ab63666565de948591f8e0ee2a1d3c84c45e738220f1"; }; - patches = [ - (fetchpatch { - name = "CVE-2018-11469.patch"; - url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=17514045e5d934dede62116216c1b016fe23dd06"; - sha256 = "0hzcvghg8qz45n3mrcgsjgvrvicvbvm52cc4hs5jbk1yb50qvls7"; - }) - ] ++ stdenv.lib.optional stdenv.isDarwin (fetchpatch { - name = "fix-darwin-no-threads-build.patch"; - url = "https://git.haproxy.org/?p=haproxy-1.8.git;a=patch;h=fbf09c441a4e72c4a690bc7ef25d3374767fe5c5;hp=3157ef219c493f3b01192f1b809a086a5b119a1e"; - sha256 = "16ckzb160anf7xih7mmqy59pfz8sdywmyblxnr7lz9xix3jwk55r"; - }); - buildInputs = [ openssl zlib ] ++ stdenv.lib.optional useLua lua5_3 ++ stdenv.lib.optional usePcre pcre; |