Hi,
I’m a very new user of HAProxy and am running into an issue when trying to upgrade from 2.8.x to 2.9.
We are running HAProxy on Kubernetes and over the past few weeks we’ve run a few billion messages through our setup (load testing is fun!).
When we try to upgrade to 2.9 we start to get 411’s (the server refuses to accept the request without a defined Content-Length header) in places where we were getting 200’s on 2.8.3 and 2.8.4.
I looked through the release notes and didn’t see anything between 2.8.4 and 2.9 that implied a difference with how those are being handled, but does anyone have ideas? I know there was CVE-2023-40225, but I thought the fix for that was in 2.8.4. When I log the Content-Length header I get 0 though, so maybe that’s it? I’m just confused why it would be an issue for 2.9 but not 2.8.4.
Has anyone else run into this or have ideas?
1 post - 1 participant