[RELEASE] Released version 2.8.8

Released version 2.8.8 with the following main changes :
    - MINOR: mux-h2: add a counter of "glitches" on a connection
    - BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
    - MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
    - MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
    - MINOR: mux-h2: always use h2c_report_glitch()
    - MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
    - MINOR: connection: add a new mux_ctl to report number of connection glitches
    - MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
    - MINOR: connection: add sample fetches to report per-connection glitches
    - BUG/MAJOR: promex: fix crash on deleted server
    - BUG/MINOR: quic: reject unknown frame type
    - BUG/MINOR: quic: reject HANDSHAKE_DONE as server
    - BUG/MINOR: qpack: reject invalid increment count decoding
    - BUG/MINOR: qpack: reject invalid dynamic table capacity
    - DOC: quic: Missing tuning setting in "Global parameters"
    - BUG/MEDIUM: applet: Immediately free appctx on early error
    - BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
    - BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
    - BUG/MEDIUM: quic: fix transient send error with listener socket
    - DOC: quic: fix recommandation for bind on multiple address
    - MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
    - BUG/MINOR: ist: allocate nul byte on istdup
    - BUG/MINOR: stats: drop srv refcount on early release
    - BUG/MAJOR: server: fix stream crash due to deleted server
    - BUG/MINOR: quic: fix output of show quic
    - BUG/MINOR: ist: only store NUL byte on succeeded alloc
    - BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
    - LICENSE: event_hdl: fix GPL license version
    - LICENSE: http_ext: fix GPL license version
    - DOC: configuration: clarify ciphersuites usage
    - BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
    - BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
    - MINOR: hlua: Be able to disable logging from lua
    - BUG/MINOR: tools: seed the statistical PRNG slightly better
    - BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
    - BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
    - BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
    - BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
    - BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
    - BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
    - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
    - BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
    - BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
    - CI: skip scheduled builds on forks
    - BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
    - BUG/MINOR: cfgparse: report proper location for log-format-sd errors
    - BUILD: solaris: fix compilation errors
    - DOC: configuration: clarify ciphersuites usage (V2)
    - BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
    - BUG/MINOR: hlua: segfault when loading the same filter from different contexts
    - BUG/MINOR: hlua: missing lock in hlua_filter_new()
    - BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
    - DEBUG: lua: precisely identify if stream is stuck inside lua or not
    - MINOR: hlua: use accessors for stream hlua ctx
    - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
    - BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
    - BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
    - BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
    - BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
    - CI: temporarily adjust kernel entropy to work with ASAN/clang
    - BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
    - BUG/MINOR: session: ensure conn owner is set after insert into session
    - BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
    - BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
    - BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
    - OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
    - BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
    - BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
    - BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
    - BUG/MINOR: server: fix persistence cookie for dynamic servers
    - MINOR: server: allow cookie for dynamic servers
    - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
    - BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
    - BUG/MINOR: server: ignore 'enabled' for dynamic servers
    - BUG/MINOR: backend: properly handle redispatch 0
    - BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
diff --git a/CHANGELOG b/CHANGELOG
index 4077b3e..811ef30 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,84 @@
 ChangeLog :
 ===========
 
+2024/04/05 : 2.8.8
+    - MINOR: mux-h2: add a counter of "glitches" on a connection
+    - BUG/MINOR: mux-h2: count rejected DATA frames against the connection's flow control
+    - MINOR: mux-h2: count excess of CONTINUATION frames as a glitch
+    - MINOR: mux-h2: count late reduction of INITIAL_WINDOW_SIZE as a glitch
+    - MINOR: mux-h2: always use h2c_report_glitch()
+    - MEDIUM: mux-h2: allow to set the glitches threshold to kill a connection
+    - MINOR: connection: add a new mux_ctl to report number of connection glitches
+    - MINOR: mux-h2: implement MUX_CTL_GET_GLITCHES
+    - MINOR: connection: add sample fetches to report per-connection glitches
+    - BUG/MAJOR: promex: fix crash on deleted server
+    - BUG/MINOR: quic: reject unknown frame type
+    - BUG/MINOR: quic: reject HANDSHAKE_DONE as server
+    - BUG/MINOR: qpack: reject invalid increment count decoding
+    - BUG/MINOR: qpack: reject invalid dynamic table capacity
+    - DOC: quic: Missing tuning setting in "Global parameters"
+    - BUG/MEDIUM: applet: Immediately free appctx on early error
+    - BUG/MEDIUM: hlua: Be able to garbage collect uninitialized lua sockets
+    - BUG/MEDIUM: hlua: Don't loop if a lua socket does not consume received data
+    - BUG/MEDIUM: quic: fix transient send error with listener socket
+    - DOC: quic: fix recommandation for bind on multiple address
+    - MINOR: quic: warn on bind on multiple addresses if no IP_PKTINFO support
+    - BUG/MINOR: ist: allocate nul byte on istdup
+    - BUG/MINOR: stats: drop srv refcount on early release
+    - BUG/MAJOR: server: fix stream crash due to deleted server
+    - BUG/MINOR: quic: fix output of show quic
+    - BUG/MINOR: ist: only store NUL byte on succeeded alloc
+    - BUG/MINOR: ssl/cli: duplicate cleaning code in cli_parse_del_crtlist
+    - LICENSE: event_hdl: fix GPL license version
+    - LICENSE: http_ext: fix GPL license version
+    - DOC: configuration: clarify ciphersuites usage
+    - BUG/MINOR: config/quic: Alert about PROXY protocol use on a QUIC listener
+    - BUG/MINOR: hlua: Fix log level to the right value when set via TXN:set_loglevel
+    - MINOR: hlua: Be able to disable logging from lua
+    - BUG/MINOR: tools: seed the statistical PRNG slightly better
+    - BUG/MINOR: hlua: fix unsafe lua_tostring() usage with empty stack
+    - BUG/MINOR: hlua: don't use lua_tostring() from unprotected contexts
+    - BUG/MINOR: hlua: fix possible crash in hlua_filter_new() under load
+    - BUG/MINOR: hlua: improper lock usage in hlua_filter_callback()
+    - BUG/MINOR: hlua: improper lock usage in hlua_filter_new()
+    - BUG/MEDIUM: hlua: improper lock usage with SET_SAFE_LJMP()
+    - BUG/MAJOR: hlua: improper lock usage with hlua_ctx_resume()
+    - BUG/MINOR: hlua: don't call ha_alert() in hlua_event_subscribe()
+    - BUG/MINOR: sink: fix a race condition in the TCP log forwarding code
+    - CI: skip scheduled builds on forks
+    - BUG/MINOR: ssl/cli: typo in new ssl crl-file CLI description
+    - BUG/MINOR: cfgparse: report proper location for log-format-sd errors
+    - BUILD: solaris: fix compilation errors
+    - DOC: configuration: clarify ciphersuites usage (V2)
+    - BUG/MINOR: ssl: fix possible ctx memory leak in sample_conv_aes_gcm()
+    - BUG/MINOR: hlua: segfault when loading the same filter from different contexts
+    - BUG/MINOR: hlua: missing lock in hlua_filter_new()
+    - BUG/MINOR: hlua: fix missing lock in hlua_filter_delete()
+    - DEBUG: lua: precisely identify if stream is stuck inside lua or not
+    - MINOR: hlua: use accessors for stream hlua ctx
+    - BUG/MEDIUM: hlua: streams don't support mixing lua-load with lua-load-per-thread (2nd try)
+    - BUG/MINOR: listener: Wake proxy's mngmt task up if necessary on session release
+    - BUG/MINOR: listener: Don't schedule frontend without task in listener_release()
+    - BUG/MEDIUM: spoe: Don't rely on stream's expiration to detect processing timeout
+    - BUG/MINOR: spoe: Be sure to be able to quickly close IDLE applets on soft-stop
+    - CI: temporarily adjust kernel entropy to work with ASAN/clang
+    - BUG/MEDIUM: spoe: Return an invalid frame on recv if size is too small
+    - BUG/MINOR: session: ensure conn owner is set after insert into session
+    - BUG/MEDIUM: ssl: Fix crash in ocsp-update log function
+    - BUG/MINOR: mux-quic: close all QCS before freeing QCC tasklet
+    - BUG/MEDIUM: mux-fcgi: Properly handle EOM flag on end-of-trailers HTX block
+    - OPTIM: http_ext: avoid useless copy in http_7239_extract_{ipv4,ipv6}
+    - BUG/MINOR: server: 'source' interface ignored from 'default-server' directive
+    - BUG/MINOR: ssl: Wrong ocsp-update "incompatibility" error message
+    - BUG/MINOR: ssl: Detect more 'ocsp-update' incompatibilities
+    - BUG/MINOR: server: fix persistence cookie for dynamic servers
+    - MINOR: server: allow cookie for dynamic servers
+    - MINOR: cli: Remove useless loop on commands to find unescaped semi-colon
+    - BUG/MEDIUM: cli: Warn if pipelined commands are delimited by a \n
+    - BUG/MINOR: server: ignore 'enabled' for dynamic servers
+    - BUG/MINOR: backend: properly handle redispatch 0
+    - BUG/MINOR: proxy: fix logformat expression leak in use_backend rules
+
 2024/02/26 : 2.8.7
     - BUG/MAJOR: ssl/ocsp: crash with ocsp when old process exit or using ocsp CLI