-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-29ac3c694b 2024-09-13 20:43:08.472149 -------------------------------------------------------------------------------- Name : rabbitmq-server Product : Fedora 41 Version : 3.13.7 Release : 1.fc41 URL : https://www.rabbitmq.com/ Summary : The RabbitMQ server Description : RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. -------------------------------------------------------------------------------- Update Information: RabbitMQ 3.13.7 Core Broker Streams recover better from certain node process failures that may leave behind orphaned segment files or index files without a corresponding segment file. Config file peer discovery now logs warnings for certain common user mistakes. Queue declaration operations now return more useful errors when Khepri is enabled and there's only a minority of nodes online. Logging is now more defensive around exception handling. Previously a (very rare) logger exception could lead to the amq.rabbitmq.log handler and exchange to be removed. rabbitmq-upgrade revive unintentionally tried to perform operations on replicas that are not local to the node. This could result in an exceptions some of which were not handled and the command failed. Re-running the command usually helped. Enabling an experimental feature flag now involves an explicit confirmation. Khepri projections are registered in safer manner during node boot. MQTT Clients that use JWT tokens are now disconnected when their token expires. Previously all newly attempted operations with an expired token would be rejected but a completely passive connection was not closed. Connection that provide incorrect credentials now closed with delay, just like for several other protocols supported by RabbitMQ, as throttling mechanism. CLI Tools When the Khepri feature flag is not enabled, rabbitmq-diagnostics metadata_store_status will not try to retrieve and display its status. rabbitmq-upgrade await_quorum_plus_one now produces more log messages when the operation times out. When Khepri is enabled, it now also treats Khepri as a critical Raft-based component that may depend on replica quorum just like queues and streams do. Plugins Management When no virtual host limits are set, the limits collection was returned as a JSON array (and not a JSON object) by GET /api/vhost-limits. GET /api/queues/quorum/{vhost}/{name}/status is a new endpoint that allows clients to retrieve several key quorum queue replica and Raft metrics. Shovel GET /api/shovels/{vhost}/{name} now correctly returns single shovel instead of all shovels in the target virtual host. Consistent Hashing Exchange For an exchange declared with hash-header, publishing failed with an exception when the client (usually unintentionally) did not set that header. Dependency Changes Osiris upgraded to 1.8.3 Cuttlefish upgraded to 3.4.0 observer_cli upgraded to 1.7.5 RabbitMQ 3.13.6 Core Broker Quorum queue validation on startup was too strict and prevented upgrades from certain older versions from succeeding. Validation has been reduced from an error to a warning. Stream replication port range now can be configured via rabbitmq.conf. Dependency Changes Ra upgraded to 2.13.5 RabbitMQ 3.13.5 Core Broker Quorum queue replicas could fail to recover in certain scenarios. Safer AMQP 0-9-1 to AMQP 1.0 (the internal message format) conversion for longer string values. When a message that contained an x-deaths dead-lettering header was republished "as is" by a client, the time field in the dead lettering events was not correctly converted for AMQP 0-9-1 clients. Direct Reply-to failed with an exception when firehose tracing was enabled. CLI Tools rabbitmqctl export_definitions failed if cluster contained custom federation upstream set definitions. Plugins MQTT Abrupt client TCP connection closure could result in a spike in that connection's memory footprint. Shovel Improved AMQP 1.0 to AMQP 0-9-1 conversion for shovels. etcd & Consul Peer Discovery Nodes now register themselves before running peer discovery, reducing the probability of first (usually) two nodes to boot potentially forming two initial clusters. AWS Peer Discovery Forward compatibility: handle AWS API responses that use empty HTTP response bodies. Dependency Changes Ra upgraded to 2.13.3 RabbitMQ 3.13.4 Core Broker Rolling upgrade from 3.12.14 to 3.13.x could run into an exception. When an existing virtual host was re-imported from definitions file, its default queue type (DQT) was cleared if that field was missing in the imported definitions. Now the existing DQT is preserved. When a queue was declared without an explicitly provided x-queue-type but a default queue type (DQT) set (for its virtual host), its redeclaration did not consider the DQT during the property equivalence check stage. Feature flag controller could run into a deadlock in some upgrade scenarios. In mixed 3.13.x and 3.12.x clusters, when a Direct Reply-to client was connected to the 3.13 node and the server (the app that responds) was connected to the 3.12 node, the response was lost due to a message format conversion exception. In some parallel cluster formation scenarios where definitions were imported on node boot, the virtual hosts created by the import can only be started on a subset of nodes. This is so because not all cluster peers are known at virtual host creation time. To reconcile (repair) this state, nodes will periodically check that all virtual hosts are initialized on all cluster nodes. This happens every thirty seconds for the first five minutes since node boot. As long as the cluster is fully formed within that amount of time, all nodes will have performed initialization for all virtual hosts that exist. Quorum queue leader replicas now initiate reconciliation (repair) of their replicas, if there are any missing, more frequently, making quorum queues more defensive in the case of (highly discouraged) grow-then-shrink upgrades. As part of this change, the CPU cost of reconciliation was reduced, now accounting for less than 1% of the CPU with 10K quorum queues in some test environments. In the case where the vhost_max node limit is reached, the node will log specific errors when a new virtual host is (unsuccessfully) added. Elapsed time in the logs is now measured using monotonic time. CLI Tools rabbitmq-diagnostics check_if_node_is_quorum_critical could report a false positive when some quorum queue replcas where very recently added or very recently restarted. rabbitmqctl list_unresponsive_queues ran into an exception if there were connected MQTT clients with QoS 0 subscriptions. Plugins OAuth 2 OpenID Connect discovery endpoint now can be overridden for identity providers with non-standard configurations. Management Virtual host metadata was not included into definition files exported via the HTTP API. When Khepri was enabled and a majority of cluster members were down, adding a virtual host failed with an unhelpful exception. When default queue type is set on a virtual host but not for individual queues, the exported queues will have x-queue-type set to the default type in the exported definitions document. Management UI will now display the number of cores available to the node. OAuth 2-specific JavaScript files are now only loaded if the OAuth 2 plugin is enabled on the node. HTTP AuthN/AuthZ Backend TLS-related settings, in particular related to peer certificate chain verification, now can be configured for this plugin. Remember that disabling peer certificate chain verification makes the system less secure and susceptible to Man-in-the-Middle attacks. Consider enabling verification in production systems when possible. etcd Peer Discovery Plugin failed to extract discovered nodes name correctly in earlier 3.13.x releases. Tracing tracing.dir, tracing.username and tracing.password are the three Tracing plugin settings that can be set via rabbitmq.conf. Dependency Changes Ra upgraded to 2.11.0 Osiris upgraded to 1.8.2 Jose upgraded to 1.11.10 RabbitMQ 3.13.3 Core Broker Fixes an exception in classic queue message store that produced large scary looking log entries. No data was lost as a result of the exception but clients could run into a channel error. Corrected several 3.13-specific issues related to how the x-death headers are populated during dead lettering. Per-virtual host queue (and stream) limit is now enforced for AMQP 1.0, MQTT, RabbitMQ Stream Protocol and STOMP as well as AMQP 0-9-1. Periodic replica reconciliation of quorum queues now reacts to node shutdown in cluster where Khepri is enabled. Declaration of an exchange of a non-existent type will now report a more suitable "precondition failed" error to the client. Avoids a scary looking log message during node shutdown in certain plugin configurations. x-death headers used to provide metadata about dead-lettering are now included for messages consumed from a stream. Classic queue message store recovery was optimized (peak memory footprint-wise) for cases where large (multiple MiB in size) messages were routed to multiple queues. Besides the previously existing option of configuring default queue type per virtual host, there is now a "global" per node default that can be set via rabbitmq.conf When a virtual host process stops, fails or is restarted, a clear message will now be logged. CLI Tools rabbitmq-plugins list incorrectly marked disabled plugins as "pending an upgrade". rabbitmqctl check_if_any_deprecated_features_are_used could run into an exception. Plugins Prometheus A new Prometheus-exposed metric, rabbit_stream_segments, indicates how many stream segment files there are on the target node. Management After signing out of management UI, the page was not refreshed to reflect updated login (session) status. Shovel Management rabbitmqctl delete_shovel is now more effective at deleting Shovels that cannot start and repeatedly fail. fail_if_no_peer_cert, server-side TLS setting, was removed from Shovel URI examples. -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 3 2024 Robert Scheck <robert@xxxxxxxxxxxxxxxxx> - 3.13.7-1 - Ver. 3.13.7 * Fri Jul 19 2024 Fedora Release Engineering <releng@xxxxxxxxxxxxxxxxx> - 3.13.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2301231 - rabbitmq-server: FTBFS in Fedora rawhide/f41 https://bugzilla.redhat.com/show_bug.cgi?id=2301231 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-29ac3c694b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
