7 changed files with 226 additions and 150 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/haproxy-1.8.27.tar.gz
+SOURCES/haproxy-2.4.22.tar.gz
--- a/.haproxy.metadata
+++ b/.haproxy.metadata
@ -1 +1 @@
-5a8a12d07da986d2ecba5f57a07a9e68fe597bfd SOURCES/haproxy-1.8.27.tar.gz
+d0654cbab48039d998fca2459ce9251c6dbf2ae8 SOURCES/haproxy-2.4.22.tar.gz
--- a/SOURCES/haproxy.service
+++ b/SOURCES/haproxy.service
@ -4,14 +4,14 @@ After=network-online.target
 Wants=network-online.target
 [Service]
 EnvironmentFile=-/etc/sysconfig/haproxy
 Environment="CONFIG=/etc/haproxy/haproxy.cfg" "PIDFILE=/run/haproxy.pid" "CFGDIR=/etc/haproxy/conf.d"
 EnvironmentFile=/etc/sysconfig/haproxy
 ExecStartPre=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
 ExecStart=/usr/sbin/haproxy -Ws -f $CONFIG -f $CFGDIR -p $PIDFILE $OPTIONS
 ExecReload=/usr/sbin/haproxy -f $CONFIG -f $CFGDIR -c -q $OPTIONS
 ExecReload=/bin/kill -USR2 $MAINPID
 SuccessExitStatus=143
 KillMode=mixed
 SuccessExitStatus=143
 Type=notify
 [Install]
--- a/SOURCES/haproxy.sysusers
+++ b/SOURCES/haproxy.sysusers
@ -0,0 +1 @@
 u haproxy - "haproxy" /var/lib/haproxy
--- a/SOURCES/rhbz1838319-mworker-fix-again-copy_argv.patch
+++ b/SOURCES/rhbz1838319-mworker-fix-again-copy_argv.patch
@ -1,45 +0,0 @@
 From 58b3d8676bbef52bc76dd79ecfcf74582c34ec97 Mon Sep 17 00:00:00 2001
 From: William Lallemand <wlallemand@haproxy.org>
 Date: Thu, 17 Dec 2020 18:48:06 +0100
 Subject: [PATCH] BUG/MEDIUM: mworker: fix again copy_argv()
 When backporting patch df6c5a8 ("BUG/MEDIUM: mworker: fix the copy of
 options in copy_argv()") part of the patch was removed by mistake.
 Letting the bug #644 unfixed.
 This patch fixes the problem by reintroducing the missing part.
 1.8 only, no backport needed.
 ---
 src/haproxy.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 diff --git a/src/haproxy.c b/src/haproxy.c
 index 5ddf4d05..3947505b 100644
 --- a/src/haproxy.c
 +++ b/src/haproxy.c
@@ -1328,6 +1328,21 @@ static char **copy_argv(int argc, char **argv)
 						}
 						break;
 +					case 'C':
 +					case 'n':
 +					case 'm':
 +					case 'N':
 +					case 'L':
 +					case 'f':
 +					case 'p':
 +						/* these options have only 1 parameter which must be copied and can start with a '-' */
 +						*newargv++ = *argv++;
 +						argc--;
 +						if (argc == 0)
 +							goto error;
 +						*newargv++ = *argv++;
 +						argc--;
 +						break;
 					default:
 						/* for other options just copy them without parameters, this is also done
 						 * for options like "--foo", but this  will fail in the argument parser.
 -- 
 2.26.2
--- a/SOURCES/rhbz1941446-fix-short-http-responses.patch
+++ b/SOURCES/rhbz1941446-fix-short-http-responses.patch
@ -1,25 +0,0 @@
 From eaf1d768085a924a5322cfc77439ba5a4945bbae Mon Sep 17 00:00:00 2001
 From: Ryan O'Hara <rohara@redhat.com>
 Date: Thu, 14 Oct 2021 14:08:39 -0500
 Subject: [PATCH] Fix short HTTP responses to client
 ---
 src/raw_sock.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/src/raw_sock.c b/src/raw_sock.c
 index ad0210105..fbf20ae35 100644
 --- a/src/raw_sock.c
 +++ b/src/raw_sock.c
@@ -302,7 +302,7 @@ static int raw_sock_to_buf(struct connection *conn, struct buffer *buf, int coun
 		if (ret > 0) {
 			buf->i += ret;
 			done += ret;
 -			if (ret < try) {
 +			if (0 && ret < try) {
 				/* unfortunately, on level-triggered events, POLL_HUP
 				 * is generally delivered AFTER the system buffer is
 				 * empty, unless the poller supports POLL_RDHUP. If
 -- 
 2.31.1
--- a/SPECS/haproxy.spec
+++ b/SPECS/haproxy.spec
@ -7,35 +7,32 @@
 %global _hardened_build 1
 Name:           haproxy
-Version:        1.8.27
+Version:        2.4.22
-Release:        5%{?dist}
+Release:        1%{?dist}
 Summary:        HAProxy reverse proxy for high availability environments
 Group:          System Environment/Daemons
 License:        GPLv2+
 URL:            http://www.haproxy.org/
-Source0:        http://www.haproxy.org/download/1.8/src/haproxy-%{version}.tar.gz
+Source0:        %{url}/download/2.4/src/haproxy-%{version}.tar.gz
 Source1:        %{name}.service
 Source2:        %{name}.cfg
 Source3:        %{name}.logrotate
 Source4:        %{name}.sysconfig
-Source5:        halog.1
+Source5:        %{name}.sysusers
-
+Source6:        halog.1
 Patch0:		rhbz1838319-mworker-fix-again-copy_argv.patch
 Patch1:		rhbz1941446-fix-short-http-responses.patch
 BuildRequires:  gcc
 BuildRequires:  lua-devel
-BuildRequires:  pcre-devel
+BuildRequires:  pcre2-devel
 BuildRequires:  zlib-devel
 BuildRequires:  openssl-devel
 BuildRequires:  systemd-devel
-BuildRequires:  systemd-units
+BuildRequires:  systemd
 BuildRequires:  systemd-rpm-macros
 BuildRequires:  make
-Requires(pre):      shadow-utils
+Requires(pre):  shadow-utils
-Requires(post):     systemd
+%{?systemd_requires}
 Requires(preun):    systemd
 Requires(postun):   systemd
 %description
 HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
@ -53,8 +50,6 @@ availability environments. Indeed, it can:
 %prep
 %setup -q
 %patch0 -p1
 %patch1 -p1
 %build
 regparm_opts=
@ -62,14 +57,12 @@ regparm_opts=
 regparm_opts="USE_REGPARM=1"
 %endif
-%{__make} %{?_smp_mflags} CPU="generic" TARGET="linux2628" USE_OPENSSL=1 USE_PCRE=1 USE_ZLIB=1 USE_LUA=1 USE_CRYPT_H=1 USE_SYSTEMD=1 USE_LINUX_TPROXY=1 USE_GETADDRINFO=1 ${regparm_opts} ADDINC="%{optflags}" ADDLIB="%{__global_ldflags}"
+%{__make} %{?_smp_mflags} CPU="generic" TARGET="linux-glibc" USE_OPENSSL=1 USE_PCRE2=1 USE_SLZ=1 USE_LUA=1 USE_CRYPT_H=1 USE_SYSTEMD=1 USE_LINUX_TPROXY=1 USE_GETADDRINFO=1 USE_PROMEX=1 ${regparm_opts} ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}"
-pushd contrib/halog
+%{__make} admin/halog/halog ADDINC="%{build_cflags}" ADDLIB="%{build_ldflags}"
 %{__make} ${halog} OPTIMIZE="%{optflags} %{build_ldflags}" LDFLAGS=
 popd
-pushd contrib/iprange
+pushd admin/iprange
-%{__make} ${iprange} OPTIMIZE="%{optflags} %{build_ldflags}" LDFLAGS=
+%{__make} OPTIMIZE="%{build_cflags}" LDFLAGS="%{build_ldflags}"
 popd
 %install
@ -80,14 +73,15 @@ popd
 %{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
 %{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
 %{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
-%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1
+%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_sysusersdir}/%{name}.conf
 %{__install} -p -D -m 0644 %{SOURCE6} %{buildroot}%{_mandir}/man1/halog.1
 %{__install} -d -m 0755 %{buildroot}%{haproxy_homedir}
 %{__install} -d -m 0755 %{buildroot}%{haproxy_datadir}
 %{__install} -d -m 0755 %{buildroot}%{haproxy_confdir}/conf.d
 %{__install} -d -m 0755 %{buildroot}%{_bindir}
-%{__install} -p -m 0755 ./contrib/halog/halog %{buildroot}%{_bindir}/halog
+%{__install} -p -m 0755 ./admin/halog/halog %{buildroot}%{_bindir}/halog
-%{__install} -p -m 0755 ./contrib/iprange/iprange %{buildroot}%{_bindir}/iprange
+%{__install} -p -m 0755 ./admin/iprange/iprange %{buildroot}%{_bindir}/iprange
-%{__install} -p -m 0644 ./examples/errorfiles/* %{buildroot}%{haproxy_datadir}
+%{__install} -p -m 0755 ./admin/iprange/ip6range %{buildroot}%{_bindir}/ip6range
 for httpfile in $(find ./examples/errorfiles/ -type f) 
 do
@ -106,12 +100,7 @@ do
 done
 %pre
-getent group %{haproxy_group} >/dev/null || \
+%sysusers_create_compat %{SOURCE5}
    groupadd -r %{haproxy_group}
 getent passwd %{haproxy_user} >/dev/null || \
    useradd -r -g %{haproxy_user} -d %{haproxy_homedir} \
    -s /sbin/nologin -c "haproxy" %{haproxy_user}
 exit 0
 %post
 %systemd_post %{name}.service
@ -123,7 +112,6 @@ exit 0
 %systemd_postun_with_restart %{name}.service
 %files
 %defattr(-,root,root,-)
 %doc doc/* examples/*
 %doc CHANGELOG README ROADMAP VERSION
 %license LICENSE
@ -139,70 +127,227 @@ exit 0
 %{_sbindir}/%{name}
 %{_bindir}/halog
 %{_bindir}/iprange
 %{_bindir}/ip6range
 %{_mandir}/man1/*
 %{_sysusersdir}/%{name}.conf
 %changelog
-* Fri Jun 03 2022 Ryan O'Hara <rohara@redhat.com> - 1.8.27-5
+* Tue Jun 06 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.22-1
- Add configuration directory and update systemd unit file (#1943869)
+- Update to 2.4.22 (#2196530)
-* Tue Jan 18 2022 Ryan O'Hara <rohara@redhat.com> - 1.8.27-4
+* Tue May 02 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-7
- Apply patch (#1941446)
+- Fix uninitizalized resevered bytes (CVE-2023-0836, #2180861)
-* Fri Oct 15 2021 Ryan O'Hara <rohara@redhat.com> - 1.8.27-3
+* Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-6
- Fix short HTTP responses (#1941446)
+- Reject empty http header field names (CVE-2023-25725, #2169510)
-* Thu Dec 17 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.27-2
+* Mon Feb 27 2023 Ryan O'Hara <rohara@redhat.com> - 2.4.17-5
- Fix copy_argv for arguments that begin with hypen (#1838319)
+- Refuse interim responses with end-stream flag set (CVE-2023-0056, #2161140)
-* Thu Dec 10 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.27-1
+* Wed Nov 30 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-4
- Update to 1.8.27 (#1905663, #1838319)
+- Use systemd-sysusers for user/group creation (#2095422)
-* Thu Jun 18 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-5
+* Mon Jul 25 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-3
- Use OPTIONS from systemd EnvironmentFile (#1845611)
+- Fix changelog and rebuild
-* Wed Jun 17 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-4
+* Wed Jun 08 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-2
- Wait for network to be online before starting (#1756714)
+- Add configuration directory and update systemd unit file (#2093482)
-* Wed Apr 01 2020 Ryan O'Hara <rohara@redhat.com> - 1.8.23-3
+* Wed May 25 2022 Ryan O'Hara <rohara@redhat.com> - 2.4.17-1
- Fix hapack zero byte input causing overwrite (CVE-2020-11100, #1819519)
+- Update to 2.4.17 #(2088532)
 - Fix unbound loop when Set-Cookie2 header is present (#2070448)
-* Fri Dec 13 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.23-2
+* Wed Oct 13 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.7-1
- Consider exist status 143 as success (#1778844)
+- Update to 2.4.7 (#1966688)
 - Fix domain parts in :scheme and :path fields (CVE-2021-39240, #1998196)
 - Fix spaces in the :method field (CVE-2021-39241, #1998198)
 - Fix mismatch between :authority and Host fields (CVE-2021-39242, #1998200)
 - Fix request smuggling attack or response splitting (CVE-2021-40346, #2000621)
-* Mon Dec 02 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.23-1
+* Tue Aug 17 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.3-1
- Update to 1.8.23 (#1774745)
+- Update to 2.4.3 (#1966688)
-* Fri Jul 19 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.15-6
+* Tue Aug 10 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-8
- Add gating tests (#1682106)
+- Add gating tests (#1966688)
-* Wed Jan 09 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.15-5
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.2-7
- Resolve CVE-2018-20615 (#1664533)
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
  Related: rhbz#1991688
-* Sun Dec 16 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-4
+* Sat Aug 07 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-6
- Use empty LDFLAGS to prevent stripping, maintain hardened build
+- Ignore badfuncs error in rpminspect (#1966688)
-* Sat Dec 15 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-3
+* Wed Aug 04 2021 Lukas Javorsky <ljavorsk@redhat.com> - 2.4.2-5
- Use LDFLAGS when building contib tools to prevent binary stripping
+- Second rebuild against pcre2-10.37 (bug #1970765)
-* Fri Dec 14 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-2
+* Tue Aug 03 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-4
- Bump release
+- Apply patch to fix OpenSSL 3.0 build (#1984786)
 * Mon Aug 02 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-3
 - Fix OpenSSL 3.0 build (#1984786)
 * Wed Jul 28 2021 Lukas Javorsky <ljavorsk@redhat.com> - 2.4.2-2
 - Rebuild against pcre2-10.37 (bug #1970765)
 * Mon Jul 12 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.2-1
 - Update to 2.4.2 (#1966688)
 * Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
 - Rebuilt for RHEL 9 BETA for openssl 3.0
  Related: rhbz#1971065
 * Thu Jun 03 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.0-2
 - Fix hardened builds (#1966688)
 * Tue Jun 01 2021 Ryan O'Hara <rohara@redhat.com> - 2.4.0-1
 - Update to 2.4.0 (#1966688)
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.4-3
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Thu Jan 14 2021 Ryan O'Hara <rohara@redhat.com> - 2.3.4-1
 - Update to 2.3.4 (#1914447)
 * Tue Dec 08 2020 Ryan O'Hara <rohara@redhat.com> - 2.3.2-1
 - Update to 2.3.2 (#1894994)
 * Thu Oct 01 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.4-1
 - Update to 2.2.4 (#1883742)
 * Thu Sep 17 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.3-2
 - Fix build for late loading of libgcc_s
 * Mon Sep 14 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.3-1
 - Update to 2.2.3 (#1876932)
 * Fri Jul 31 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.2-1
 - Update to 2.2.2 (#1862400)
 * Mon Jul 27 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.1-1
 - Update to 2.2.1 (#1859846)
 * Wed Jul 15 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.0-3
 - Update systemd service file
 * Fri Jul 10 2020 Tom Callaway <spot@fedoraproject.org> - 2.2.0-2
 - Fix build against lua 5.4
 * Thu Jul 09 2020 Ryan O'Hara <rohara@redhat.com> - 2.2.0-1
 - Update to 2.2.0 (#1854519)
 * Mon Jun 15 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.7-1
 - Update to 2.1.7 (#1845001)
 * Mon Jun 08 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.6-1
 - Update to 2.1.6 (#1845001)
 * Mon Jun 01 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.5-1
 - Update to 2.1.5 (#1841837)
 * Thu Apr 02 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.4-1
 - Update to 2.1.4 (CVE-2010-11100, #1820200)
 * Mon Mar 16 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.3-2
 - Fix invalid element address calculation (#1801109)
 * Wed Feb 12 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.3-1
 - Update to 2.1.3 (#1802233)
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Thu Jan 02 2020 Ryan O'Hara <rohara@redhat.com> - 2.1.2-1
 - Update to 2.1.2 (#1782472)
 * Mon Nov 25 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.10-1
 - Update to 2.0.10 (#1772961)
 * Wed Nov 06 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.8-1
 - Update to 2.0.8 (#1764483)
 * Mon Oct 21 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.7-2
 - Build with Prometheus exporter service (#1755839)
 * Mon Oct 21 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.7-1
 - Update to 2.0.7 (#1742544)
 * Fri Sep 13 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.6-1
 - Update to 2.0.6 (#1742544)
 * Mon Aug 19 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.5-1
 - Update to 2.0.5 (#1742544)
 * Tue Jul 30 2019 Ryan O'Hara <rohara@redhat.com> - 2.0.3-1
 - Update to 2.0.3 (#1690492)
 * Tue Jul 30 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.20-3
 - Build with PCRE2 (#1669217)
 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.20-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Fri May 17 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.20-1
 - Update to 1.8.20
 * Wed Feb 13 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.19-1
 - Update to 1.8.19
 * Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.17-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Thu Jan 24 2019 Petr Pisar <ppisar@redhat.com> - 1.8.17-3
 - Rebuild against patched libpcreposix library (bug #1667614)
 * Mon Jan 14 2019 Björn Esser <besser82@fedoraproject.org> - 1.8.17-2
 - Rebuilt for libcrypt.so.2 (#1666033)
 * Wed Jan 09 2019 Ryan O'Hara <rohara@redhat.com> - 1.8.17-1
 - Update to 1.8.17
 - Fix handling of priority flag in HEADERS frame in HTTP/2 decoder (CVE-2018-20615)
 * Sat Dec 22 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.16-1
 - Update to 1.8.16
 * Thu Dec 13 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.15-1
- Update to 1.8.15 (#1631815)
+- Update to 1.8.15
- Resolve CVE-2018-20102 (#1659017)
+- Fix denial of service attack via infinite recursion (CVE-2018-20103, #1658881)
- Resolve CVE-2018-20103 (#1659019)
+- Fix out-of-bound reads in dns_validate_dns_response (CVE-2018-20102, #1658882)
-* Tue Oct 02 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-1
+* Sat Dec 01 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-2
- Update to 1.8.14 (#1631815)
+- Use of crpyt() is not thread safe (#1643941)
 - Resolve CVE-2018-14645 (#1631539)
-* Wed Jul 25 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-2
+* Thu Sep 20 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.14-1
- Fix ownership of /var/lib/haproxy/ to avoid selinux DAC override errors
+- Update to 1.8.14 (#1610066)
-* Mon Jul 02 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-1
+* Mon Aug 20 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.13-1
- Update to 1.8.12
+- Update to 1.8.13 (#1610066)
- Resolve CVE-2018-10184 (#1569643)
+
- Resolve CVE-2018-11469 (#1584787)
+* Thu Aug 16 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-4
 - Add BuildRequires gcc (#1604308)
 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.12-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 * Tue Jul 10 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-2
 - Fix ownership of /var/lib/haproxy/ to avoid selinux DAC override errors (#1597076)
 * Thu Jun 28 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.12-1
 - Update to 1.8.12 (#1580036)
 * Wed Jun 27 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.11-1
 - Update to 1.8.11 (#1580036)
 * Mon Jun 25 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.10-1
 - Update to 1.8.10 (#1580036)
 * Mon May 21 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.9-1
 - Update to 1.8.9 (#1580036)
 * Thu May 10 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.8-2
 - Build with USE_GETADDRINFO option
 * Thu Apr 19 2018 Ryan O'Hara <rohara@redhat.com> - 1.8.8-1
 - Update to 1.8.8 (#1560121)
`@ -1 +1 @@`
	`SOURCES/haproxy-1.8.27.tar.gz`	`SOURCES/haproxy-2.4.22.tar.gz`
`@ -1 +1 @@`
	`5a8a12d07da986d2ecba5f57a07a9e68fe597bfd SOURCES/haproxy-1.8.27.tar.gz`	`d0654cbab48039d998fca2459ce9251c6dbf2ae8 SOURCES/haproxy-2.4.22.tar.gz`