Release Notes: Several new features were brought: server maintenance mode, HTTP authentication (server and proxy), secure passwords, conditional request/response header rewriting using ACLs, anonymous ACLs that can be declared inline, support for HTTP/1.1 101+Upgrade status code to support non-HTTP protocols such as WebSocket, and several minor updates. The core now seems stable as no important bug was fixed since -dev8. A few minor changes are still expected to come before 1.4-final.
Release Notes: Two major changes: a rework of the whole polling system to implement a real event cache, and HTTP keep-alive is now enabled by default, so users will no longer be confused by the tunnel mode. Other nice updates include SSL handshake optimizations, more debugging info on the stats socket, the ability to rate-limit SSL to protect the resources, sample fetches to retrieve captured headers, automatic stickiness to the same server after 401/407, and the new "tcp-check connect" directive to check multiple ports on a server. 32 bugs were fixed since dev21.
Release Notes: This release fixes a few annoying bugs. Use this version instead of 1.5-dev20 to be safe.
Release Notes: Many new features are included in this version, including server-side keep-alive, maps, use of log-format syntax in redirects, agent-check, tcp-check send/expect, and important memory savings. 71 bugs were fixed. Thanks to the entry of server-side keep-alive, this should be the last development version before the final 1.5 release (unless new bugs appear and require another one).
Release Notes: This version fixes two possible crashes, one of them remotely triggered (CVE-2013-2175) involving use of a negative occurrence number in hdr_* fetches. Other long-standing improvements were finally merged, such as http-response, dynamic setting of priority, DSCP headers, Netfilter mark and log level, transparent proxy on *BSD, fetching of environment variables, conditional PROXY protocol by ACL, 3 parallel stick-counters instead of 2, reworking of the doc to simplify the search of ACL/fetch keywords, and further-improved configuration error reporting. All 1.5 users must upgrade.
Release Notes: This release fixes a crash which could occur when a configuration made use of hdr_ip(name,-1) or "usesrc hdr_ip(name)", if the client sent a certain number of values of the requested header. CVE-2013-2175 was assigned to this bug. All users of 1.4 must upgrade or apply the fix.