include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=1.5.9
-PKG_RELEASE:=02
+PKG_VERSION:=1.5.10
+PKG_RELEASE:=00
PKG_SOURCE:=haproxy-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://haproxy.1wt.eu/download/1.5/src/
PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)
-PKG_MD5SUM:=b7672bb6a8aa188a655b418f3c96f65c
+PKG_MD5SUM:=5631457ea1f84b3c0d8e5bc8015ed329
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>
PKG_LICENSE:=GPL-2.0
+++ /dev/null
-From bad3c6f1b6d776e5d9951a3b3054b4dce8922c54 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 26 Nov 2014 13:17:03 +0100
-Subject: [PATCH 1/2] BUG/MEDIUM: patterns: previous fix was incomplete
-
-Dmitry Sivachenko <trtrmitya@gmail.com> reported that commit 315ec42
-("BUG/MEDIUM: pattern: don't load more than once a pattern list.")
-relies on an uninitialised variable in the stack. While it used to
-work fine during the tests, if the uninitialized variable is non-null,
-some patterns may be aggregated if loaded multiple times, resulting in
-slower processing, which was the original issue it tried to address.
-
-The fix needs to be backported to 1.5.
-(cherry picked from commit 4deaf39243c4d941998b1b0175bad05b8a287c0b)
----
- src/pattern.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/pattern.c b/src/pattern.c
-index 20547f9..208e33a 100644
---- a/src/pattern.c
-+++ b/src/pattern.c
-@@ -2096,7 +2096,7 @@ int pattern_read_from_file(struct pattern_head *head, unsigned int refflags,
- struct pat_ref *ref;
- struct pattern_expr *expr;
- struct pat_ref_elt *elt;
-- int reuse;
-+ int reuse = 0;
-
- /* Lookup for the existing reference. */
- ref = pat_ref_lookup(filename);
---
-2.0.4
-
+++ /dev/null
-From 1e89acb6be9ba6400fe4defd3b6b2cc94c6667d9 Mon Sep 17 00:00:00 2001
-From: Willy Tarreau <w@1wt.eu>
-Date: Wed, 26 Nov 2014 13:24:24 +0100
-Subject: [PATCH 2/2] BUG/MEDIUM: payload: ensure that a request channel is
- available
-
-Denys Fedoryshchenko reported a segfault when using certain
-sample fetch functions in the "tcp-request connection" rulesets
-despite the warnings. This is because some tests for the existence
-of the channel were missing.
-
-The fetches which were fixed are :
- - req.ssl_hello_type
- - rep.ssl_hello_type
- - req.ssl_sni
-
-This fix must be backported to 1.5.
-(cherry picked from commit 83f2592bcd2e186beeabcba16be16faaab82bd39)
----
- src/payload.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/payload.c b/src/payload.c
-index 4057f6f..f62163c 100644
---- a/src/payload.c
-+++ b/src/payload.c
-@@ -72,6 +72,9 @@ smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned
-
- chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
-
-+ if (!chn)
-+ goto not_ssl_hello;
-+
- bleft = chn->buf->i;
- data = (const unsigned char *)chn->buf->p;
-
-@@ -276,6 +279,9 @@ smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned
-
- chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
-
-+ if (!chn)
-+ goto not_ssl_hello;
-+
- bleft = chn->buf->i;
- data = (unsigned char *)chn->buf->p;
-
---
-2.0.4
-