| tag name | v0.9.2 (0ed0d6e55850dbadfd83de7aa9dc00b6d55f33f5) |
| tag date | 2024-03-01 17:18:39 +0100 |
| tagged by | Alex Auvolat <alex@adnab.me> |
| tagged object | commit 6a7623e90d... |
| download | garage-0.9.2.tar.gz garage-0.9.2.zip |
|---|
Garage v0.9.2
This minor release includes the following improvements and fixes:
Security fixes:
- Fix timing side-channel vulnerability in admin/metrics token
comparison and in AWS signature v4 verification (#737)
- Ensure that the correct set of headers (in particular, `x-amz-*`
headers) are included in signature calculation (#735, #745)
New features:
- allow to specify custom LMDB map size when using `garage convert-db`
(#691)
- `garage block info` can now find blocks using only a prefix of the
hash (#682, #712)
- header overriding in GetObject using `response-*` query parameters
(#650, #713)
- allow option to bind outgoing RPC sockets to same IP address as
listening socket (#638, #721)
- add health and node status metrics to prometheus exports (#545, #726)
Bug fixes:
- allow multi-character delimiters in List* API calls (#692, #711)
- take into account rpc secret file for CLI commands (#695, #715)
- fix IP address exchanges upon RPC connection (#558, #721)
- retry RPC connections when new IP address for a peer is learned (#652,
#724)
- filter nodes Garage tries to reconnect to, to avoid connecting to old
nodes (#555, #719)
- add a lock ON EACH NODE ONLY for CreateBucket and other bucket/key
operations (#723, #728)
Optimization:
- rewrite of PutObject with potential speed-ups (not benchmarked) (#734)
- enable LTO in release builds, reduces binary size significantly (#704,
#707)
Other:
- upgrade Rust toolchain (#705, #710)
- update most Rust dependencies (#703, #709, #718)
- import code of the netapp crate into the garage codebase, as new crate
`garage_net` (#717)
- convert CI pipelines to Woodpecker + improvements and simplifications
to CI code (#708, #706)
- some refactoring (#729, #732, #735)
- documentation updates (#716, #722, #727, #733, #736, #739)
Thanks to all of the contributors that have participated in this new
version: Armaƫl Gueneau, emilylange, hartraft, Jonathan Davies, yuka,
Zdenek Crha. Thanks to Radicallly Open Security for auditing the code
and finding the timing side-channel vulnerabilities.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEwhSWp0+ubv79TiqUDkltFQljdr4FAmXiAAMACgkQDkltFQlj
dr72jhAAmGkQs2IhFdBT+F+2rOogz73+Lks1Mmz8QdEMZAWGW3eDsuIVQqy2SaAv
vunDYhG83fQBxU7emptqC6gJEW8xsEBCxjQOT79uTTbgwFloNX1K8NHwft4AKewV
GHtozsZyaeKmJd+7qgAbj3Z4mOnh2zx5/jxx+mGjJjeg2kzOg0AUGboKiiedv2ZX
dGOb1utqUrYZxb3jfbS6zb7dTdl8nJLua+AAVVRnbc4QwU1uWaDOIASxcufpeCjY
VAmx83LhcqaHxoSYPBEy0MELK6pflFtia/MBTHaXNPXsgnpFVBJpmC1myJsz1jLw
+Uhl1GRBQX47obxzLRiJ4N+QDbQcDAmnOIYd4KHkTzg85PA8DrBVMKcjWaeVJwTg
2U7KhqrMIIrX0ZX1BNQc3s/VSTpFpL/exC0FPwTgkBYhXuhgCi3siBShkkpR+kK/
GAy8xTeuZi8A1OG9eyAWTVxki3bIoi3rgbAI26P637iR4jkOa3PJH3HWoHQ94dKN
vpAiZlFi/MPw76wn3JcXdn2cm76idCpr+EqSnm4EJPFinMQCgAKHxT/2/ohrDoEq
1jRkvxUwUd+RvYTfD137IQAqm5y6/1VQNy+ZcZlVeIN2+R6BcTlz9uOLYE0syj7Y
0dwX0T2M1kPaOaASMAGCYZL0Yv/T24EP1NwaxDlrB242KJYHcWo=
=vZKn
-----END PGP SIGNATURE-----