Tor 0.2.8.10 和 0.2.9.6-rc 发布
Haproxy 1.5.7 正式发布，此版本现已提供下载，更新内容如下：
- A nasty bug reported by Dmitry Sivachenko can cause haproxy to die in some rare cases when a monitoring system issues a lot of “show sess” commands on the CLI and aborts them in the middle of a transfer. The probability to hit it is so low that it has existed since v1.4 and was only noticed now.
- Cyril Bonté fixed a bug causing wrong flags to be sometimes reported in the logs for keep-alive requests.
- A bug where the PROXY protocol is used with a banner protocol causes an extra 200ms delay for the request to leave, slowing down connection establishment to SMTP or FTP servers.
- Christian Ruppert found and fixed a bug in the way regex are compiled when HAProxy is built with support for PCRE_JIT but the libpcre is built without.
- The way original connection addresses are detected on a system where connections are NAT’d by Netfilter was fixed so that we wouldn’t report IPv4 destination addresses for v6-mapped v4 addresses. This used to cause the PROXY protocol to emit “UNKNOWN” as the address families differred for the source and destination!
- John Leach reported an interesting bug in the way SSL certificates were loaded : if a certificate with an invalid subject (no parsable CN) is loaded as the first in the list, its context will not be updated with the bind line arguments, resulting in such a certificate to accept SSLv3 despite the “no-sslv3″ keyword. That was diagnosed and fixed by Emeric, who also implemented the global “ssl-default-bind-options” and “ssl-default-server-options” keywords, and implemented “ssl_c_der” and “ssl_f_der” to pass the full raw certificate to the server if needed.