Subject: CVS commit: pkgsrc/net/haproxy
From: Jonathan Perkin
Date: 2021-09-08 11:56:33
Message id:

Log Message:
haproxy: Update to 2.4.4.

The ChangeLog doesn't explicitly mention, but this fixes the CVE-2021-40346
vulnerability as described in:

While here switch to inserting CFLAGS via CPU_CFLAGS, as that feels a little
more appropriate than DEBUG_CFLAGS after re-reading the Makefile.

2021/09/07 : 2.4.4
    - BUG/MEDIUM: h2: match absolute-path not path-absolute for :path
    - REGTESTS: http_upgrade: fix incorrect expectation on TCP->H1->H2
    - REGTESTS: abortonclose: after retries, 503 is expected, not close
    - MINOR: hlua: take the global Lua lock inside a global function
    - BUG/MINOR: stick-table: fix the sc-set-gpt* parser when using expressions
    - BUG/MEDIUM: base64: check output boundaries within base64{dec,urldec}
    - BUG/MINOR: base64: base64urldec() ignores padding in output size check
    - MINOR: compiler: implement an ONLY_ONCE() macro
    - BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords
    - BUG/MINOR: time: fix idle time computation for long sleeps
    - MINOR: time: add report_idle() to report process-wide idle time
    - BUG/MINOR: ebtree: remove dependency on incorrect macro for bits per long
    - BUG/MINOR threads: Use get_(local|gm)time instead of (local|gm)time
    - BUG/MINOR: tools: Fix loop condition in dump_text()
    - CLEANUP: Add missing include guard to signal.h
    - BUG/MINOR: vars: fix set-var/unset-var exclusivity in the keyword parser
    - DOC: configuration: remove wrong tcp-request examples in tcp-response
    - BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB
    - CLEANUP: htx: remove comments about "must be < 256 MB"
    - BUG/MAJOR: htx: fix missing header name length check in htx_add_header/trailer
    - Revert "BUG/MINOR: stream-int: Don't block reads in si_update_rx() if \ 
chn may receive"