- Readd USE_RELRO_NOW=1, USE_STACKPROTECTOR=1, USE_PIE=1
- adapt haproxy-1.6.0-sec-options.patch so the build no longer
complains about unused options
- drop CPU="%{_target_cpu}" as it is unused
- migrate to DEBUG_CFLAGS to OPT_CFLAGS
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=346
- Update to version 3.2.8+git0.9200f398d:
* [RELEASE] Released version 3.2.8
* BUG/MINOR: acme: wrong dns-01 challenge in the log
* BUG/MEDIUM: server: close a race around ready_srv when deleting a server
* BUG/MEDIUM: connections: permit to permanently remove an idle conn
* BUG/MEDIUM: mux-h2: make sure not to move a dead connection to idle
* BUG/MEDIUM: mux-h1: fix 414 / 431 status code reporting
* SCRIPTS: build-ssl: fix rpath in AWS-LC install for openssl and bssl bin
* OPTIM: backend: skip conn reuse for incompatible proxies
* BUG/MINOR: resolvers: ensure fair round robin iteration
* BUG/MINOR: ssl: returns when SSL_CTX_new failed during init
* BUG/MINOR: resolvers: Apply dns-accept-family setting on additional records
* BUG/MINOR: init: Do not close previously created fd in stdio_quiet
* MINOR: http: fix 405,431,501 default errorfile
* MINOR: ssl-sample: add ssl_fc_early_rcvd() to detect use of early data
* DOC: config: slightly clarify the ssl_fc_has_early() behavior
* BUG/MEDIUM: ssl: Crash because of dangling ckch_store reference in a ckch instance
* MINOR: backend: srv_is_up converter
* MINOR: backend: srv_queue helper
* BUG/MEDIUM: cli: do not return ACKs one char at a time
* MINOR: cli: create cli_raw_rcv_buf() from the generic applet_raw_rcv_buf()
* MINOR: applet: do not put SE_FL_WANT_ROOM on rcv_buf() if the channel is empty
* BUG/MEDIUM: mt_list: Use atomic operations to prevent compiler optims
* BUG/MINOR: stick-tables: properly index string-type keys
* BUG/MEDIUM: applet: Improve again spinning loops detection with the new API
* BUG/MEDIUM: mt_lists: Avoid el->prev = el->next = el
OBS-URL: https://build.opensuse.org/request/show/1316410
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=169
* [RELEASE] Released version 3.2.8
* BUG/MINOR: acme: wrong dns-01 challenge in the log
* BUG/MEDIUM: server: close a race around ready_srv when deleting a server
* BUG/MEDIUM: connections: permit to permanently remove an idle conn
* BUG/MEDIUM: mux-h2: make sure not to move a dead connection to idle
* BUG/MEDIUM: mux-h1: fix 414 / 431 status code reporting
* SCRIPTS: build-ssl: fix rpath in AWS-LC install for openssl and bssl bin
* OPTIM: backend: skip conn reuse for incompatible proxies
* BUG/MINOR: resolvers: ensure fair round robin iteration
* BUG/MINOR: ssl: returns when SSL_CTX_new failed during init
* BUG/MINOR: resolvers: Apply dns-accept-family setting on additional records
* BUG/MINOR: init: Do not close previously created fd in stdio_quiet
* MINOR: http: fix 405,431,501 default errorfile
* MINOR: ssl-sample: add ssl_fc_early_rcvd() to detect use of early data
* DOC: config: slightly clarify the ssl_fc_has_early() behavior
* BUG/MEDIUM: ssl: Crash because of dangling ckch_store reference in a ckch instance
* MINOR: backend: srv_is_up converter
* MINOR: backend: srv_queue helper
* BUG/MEDIUM: cli: do not return ACKs one char at a time
* MINOR: cli: create cli_raw_rcv_buf() from the generic applet_raw_rcv_buf()
* MINOR: applet: do not put SE_FL_WANT_ROOM on rcv_buf() if the channel is empty
* BUG/MEDIUM: mt_list: Use atomic operations to prevent compiler optims
* BUG/MINOR: stick-tables: properly index string-type keys
* BUG/MEDIUM: applet: Improve again spinning loops detection with the new API
* BUG/MEDIUM: mt_lists: Avoid el->prev = el->next = el
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=340
* [RELEASE] Released version 3.2.5
* BUG/MEDIUM: pattern: fix possible infinite loops on deletion (try 2)
* DEBUG: stick-tables: export stktable_add_pend_updates() for better reporting
* BUG/MEDIUM: ring: invert the length check to avoid an int overflow
* BUG/MINOR: resolvers: always normalize FQDN from response
* BUG/MINOR: ocsp: Crash when updating CA during ocsp updates
* BUG/MEDIUM: http_ana: fix potential NULL deref in http_process_req_common()
* BUG/MINOR: ocsp: prototype inconsistency
* BUG/MINOR: ssl: Fix potential NULL deref in trace callback
* BUG/MINOR: ssl: Potential NULL deref in trace macro
* BUG/MEDIUM: jws: return size_t in JWS functions
* BUG/MINOR: acme: null pointer dereference upon allocation failure
* BUG/MAJOR: stream: Force channel analysis on successful synchronous send
* BUG/MAJOR: stream: Remove READ/WRITE events on channels after analysers eval
* BUG/MINOR: stick-table: make sure never to miss a process_table_expire update
* BUG/MEDIUM: stick-tables: don't loop on non-expirable entries
* BUG/MINOR: activity: fix reporting of task latency
* BUG/MEDIUM: ssl: create the mux immediately on early data
* BUG/MEDIUM: h1: Allow reception if we have early data
* BUG/MEDIUM: checks: fix ALPN inheritance from server
* OPTIM: check: do not delay MUX for ALPN if SSL not active
* BUG/MEDIUM: mux-h2: Reinforce conditions to report an error to app-layer stream
* BUG/MEDIUM: mux-h2: Report RST/error to app-layer stream during 0-copy fwding
* BUG/MINOR: mux-h2: Remove H2_CF_DEM_DFULL flags when the demux buffer is reset
* BUG/MEDIUM: mux-h2: Restart reading when mbuf ring is no longer full
* BUG/MEDIUM: mux-h2; Don't block reveives in H2_CS_ERROR and H2_CS_ERROR2 states
* BUG/MEDIUM: mux-h2: Reset MUX blocking flags when a send error is caught
* CLEANUP: quic: fix typo in quic_tx trace
* BUG/MINOR: cpu_topo: work around a small bug in musl's CPU_ISSET()
OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=335
