RabbitMQ 3.8.17
RabbitMQ 3.8.17 is a maintenance release that includes a security patch.
Security Patches
This release addresses an undisclosed vulnerability with CVSS 3.1 score of 2.4 (low).
This section will be updated when the details are made public.
RabbitMQ 3.8.16 release
The RabbitMQ team is pleased to announce the release of RabbitMQ 3.8.16.
This is a maintenance release that follows-up to 3.8.15 to reintroduce AWS peer discovery plugin that was unintentionally excluded. Release notes can be found in the change log.
This release requires Erlang/OTP 23.2 and is the first release to support Erlang 24.
Binary builds and packages of the new release can be found on GitHub, Cloudsmith, or Package Cloud. See RabbitMQ installation guides to learn more.
We encourage all users of earlier versions of RabbitMQ to upgrade to this latest release.
As always, we welcome any questions, bug reports, and other feedback on this release, as well as general suggestions for features and enhancements in future releases. Contact us via the rabbitmq-users Google group or RabbitMQ community Slack.
RabbitMQ 3.8.15 release
The RabbitMQ team is pleased to announce the release of RabbitMQ 3.8.15.
This is a maintenance release that includes two security patches. Release notes can be found in the change log.
This is the last release to support Erlang/OTP 22.
We encourage all users to consult release notes but skip this release and upgrade to 3.8.11 or later.
As always, we welcome any questions, bug reports, and other feedback on this release, as well as general suggestions for features and enhancements in future releases. Contact us via the rabbitmq-users Google group or RabbitMQ community Slack.
3.8.11:
Bug fixes
This release requires Erlang/OTP 22.x or later
3.8.10:
We encourage all users to consult release notes but skip this release and upgrade to 3.8.11 or later.
Bug fixes
More features supported by quorum queues
Usability improvements
Deprecations
RabbitMQ 3.8.9 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.8 is a maintenance release.
It focuses on bug fixes and usability improvements.
This releases introduces a new node operation mode, called the maintenance mode.
This feature is useful when performing rolling upgrades and is covered
in more detail below.
RabbitMQ 3.8.7 is a maintenance release that patches
a security vulnerability.
RabbitMQ 3.8.6 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.5 is a maintenance release.
It focuses on bug fixes and usability improvements.
RabbitMQ 3.8.4 is a maintenance release. It focuses on bug fixes and usability
improvements. etcd peer discovery plugin includes potentially breaking changes which are covered in detail below.
RabbitMQ 3.8.2
Changes
Core Server
Enhancements
Raft implementation optimizations.
Quorum queue optimization: enables local (not going through the leader) delivery from Raft followers
when appropriate and safe.
If x-queue-type argument is not provided at queue declaration time, the type is assumed to be classic
instead of missing.
Quorum queue consumer timeout now can be configured using new style configuration file:
# Hard timeout for quorum queue consumer acknowledgemnts of two minutes
consumer_timeout = 120000
Bug Fixes
A quorum queue could produce an empty Raft log segment if node is killed at a particular moment in time,
which would prevent the node from successfully recovering the log after restart.
Quorum queue consumer count metric could be duplicated when reported via HTTP API or to a Prometheus scraper.
Quorum queue with single active consumer enabled crashes after some basic.get calls. Quorum queues now forbid basic.get when single active consumer is enabled.
CLI Tools
Enhancements
It is now possible to export and import definitions without the use of plugins with
rabbitmqctl export_definitions and rabbitmqctl import_definitions:
# export as a JSON file
rabbitmqctl export_definitions /path/to/target.file.json
# export as JSON to standard output and pipe to jq
rabbitmqctl export_definitions "-" | jq
# export as a compressed Erlang term file
rabbitmqctl export_definitions /path/to/target.file --format=erlang
# learn more
rabbitmqctl help export_definitions
# import from a JSON file
rabbitmqctl import_definitions /path/to/target.file.json
# import JSON from standard input
cat /path/to/definitions.json | rabbitmqctl import_definitions "-"
# import from a compressed Erlang term file
rabbitmqctl import_definitions /path/to/target.file --format=erlang
# learn more
rabbitmqctl help import_definitions
Entities with amq.* prefixes are now skipped during import instead of producing an error.
Bug Fixes
rabbitmqctl await_startup failed with an exception when RabbitMQ application was stopped but the
runtime (Erlang VM) was running.
Management Plugin
Bug Fixes
Definition import via HTTP API could fail in if performed via HTTP API (but not management UI)
and contained operator policies.
Enhancements
Metric aggregation optimizations.
MQTT Plugin
Enhancements
Throughput improvements ranging from 14 to 60 percent depending on workload.
Throughput improvements and reduced CPU usage but slightly higher per connection RAM footprint.
Bug Fixes
Client ID tracker could produce an empty Raft log segment if node is killed at a particular moment in time,
which would prevent the node from successfully recovering the log after restart.
Last Will messages that use QoS 2 will now be downgraded to QoS 1 just like with "regular" published messages.
AMQP 1.0 Plugin
Enhancements
Throughput improvements.
STOMP Plugin
Enhancements
Throughput improvements.
Web STOMP Plugin
Enhancements
Clients now can authenticate using an x.509 (TLS) certificate.
Prometheus Plugin
A small number of queue metrics were not read from the metric store correctly.
This isn't supported on some operating systems. If it turns out to be
required by more packages we should create a tool.mk for lang/elixir.
Mark the package MAKE_JOBS safe again.
3.7.2
- Bug fix in the HTTP auth backend
3.7.1
- Bug fixes
3.7.0
- Minimum required Erlang version is now 19.3
- Automation-friendly cluster formation
- Distributed management plugin, including minor breaking HTTP API changes.
- Simpler, ini-style configuration format
- Per-vhost limits
- Operator policies
- Topic-based authorisation
- Cross-protocol Shovel (currently supports AMQP 0.9.1 and AMQP 1.0)
- Command-line tools are extensible via plugins
- Message store multi-tenancy
- Proxy protocol support
- Web STOMP no longer supports WebSocket emulation
- Java and .NET client releases no longer track RabbitMQ server releases
- .NET client now supports .NET Core.
- Management plugin extensions now must target Cowboy 2.0
- Java client for RabbitMQ HTTP API
rabbitmq 3.6.14
Debian and RPM packages
- systemd service unit no longer has trailing comments that could lead
nodes into restart loops on some systems.
Management Plugin
- Expandable sections on node metrics page failed to expand.
rabbitmq 3.6.13
Core Server
- Memory usage monitor uses subprocesses a lot more sparingly.
- Very busy queues are now more efficient at prioritizing consumers
- Queue master strategies now take additional queue HA arguments into
account.
- Logging to standard output using RABBITMQ_LOGS=- wasn't possible on
Windows.
- Queue master locator name now can be specified as Erlang strings.
- Direct Erlang client connections could fail with obscure messages
when target node was still booting.
- supervisor2 now can be used in environments that perform hot code
upgrades.
- systemd service file now white lists exit code 69.
- Example systemd service file now includes service restart settings.
- Queue master locator strategy now can be configured using strings.
- Plugin activation avoids logs things that can be confusing.
Management Plugin
- Minor efficiency improvements around stats collection.
- jQuery upgraded to 1.12.4.
- UI improvements.
- It is now possible to configure an HTTP API path prefix for the
plugin.
- Queue details page no longer truncates node name.
- Policy name in queue and exchange info is now a link.
- DELETE /api/connections/{name} is now more defensive.
Core Server
- Process responsible for running the autoheal partition handling
strategy could run into a deadlock with its peers, preventing autoheal
from completing.
- Garbage collection of mirrored queue metrics on nodes that did not
host a master or mirror for a queue affected delivery and
acknowledgement rates. This could result in rates being 0 or negative
when they should not be.
- Stats emission could prevent queue mirrors from performing garbage
collection and consume memory even when they were empty.
- RABBITMQ_SCHEDULER_BIND_TYPE and RABBITMQ_DISTRIBUTION_BUFFER_SIZE now
can be set via rabbitmq-env.conf.
Shovel Management Plugin
- Passwords in source and destination URIs are now redacted out.
Federation Management Plugin
- Passwords in upstream URIs are now redacted out.
Bug Fixes
- rabbitmqctl wait exited with the status code of 0 when node stopped
because it could not contact any cluster peers to [re-]join.
- rabbitmqctl forget_cluster_node used in offline mode could result in
promotion of a node that's no longer a cluster member.
- Queue master locator could not be set using optional queue arguments
(x-arguments).
- CLI tool (e.g. rabbitmqctl) man pages were not rendered correctly.
Enhancements
- Disk space monitor will periodically retry (every 2 minutes by
default, up to 10 times) before going into disabled state as
external tools used to monitor available disk space can fail or
produce unexpected output temporarily.
- Memory relative free disk space limits now support integer values as
well as floats.
Management and Management Agent Plugins
- TLS-related settings in HTTP API listeners could break JSON
serialisation for the GET /api/overview endpoint.
- Non-numerical values for numerical stats are now handled safety by
stats aggregation.
- Stats are no longer emitted for connections that are not considered
to be in the fully initialised state.
- POST requests now instruct clients to close TCP connections.
- In some popular browsers (Chrome, Internet Explorer) a POST request
followed by an immediate GET request would result in a 400 response.
Other browsers do no exhibit this behaviour.
- I/O average time per operation graph didn't match legend.
- Sample retention policies are now validated more strictly to avoid
configurations that are not supported and will lead to exceptions.
- Certain stats for connections were not initialised as numerical
values, which resulted in log noise.
- UI operation for binding deletion did not respect optional (extra)
binding arguments.
- Current virtual host is pre-selected on the "Add/update policy"
form.
MQTT Plugin
- A non-initialized connection (e.g. one that failed early because
client-provided payload wasn't a valid MQTT payload) produced a
crash report log entry during termination.
LDAP Plugin
- Stale connection purging in LDAP connection pool could fail with a
badmatch.
Trust Store Plugin
- Certificate change detection algorithm no longer uses stat(2) on
certificate directory because of its limitations that could lead to
undetected changes in certain scenarios.
Web STOMP Plugin
- The plugin failed to start after being stopped and re-enabled.
- Server-initiated consumer cancellation failed with an exception.
Management Visualiser Plugin
- The plugin wasn't compatible with recent 3.6.x releases.
Management and Management Agent Plugins
- Security Vulnerability Patches
- CVE-2017-4965: XSS vulnerabilities in management UI
- CVE-2017-4966: authentication details are stored in browser-local
storage without expiration
- CVE-2017-4967: XSS vulnerabilities in management UI
- Bug Fixes
- Certain TCP and TLS listener configuration settings could break
JSON serialisation of GET /api/overview responses.
Federation Plugin
- More numerical types are now handled for the "hops" property.
.NET Client
- Calling ExchangeBind more than once with the same arguments threw an
exception.
3.6.5
- Bug fixes
3.6.4
- Bug fixes
- Erlang 19.0 compatibility
- Usability improvements
3.6.3
- Important bug fixes
- systemd support in the Debian package
- New OpenGPG key used for artifact signing
- New plugins included into the distribution
- Usability improvements
3.6.2
- Bug fixes
- New statistics collector in management plugin
- Usability improvements
RabbitMQ 3.6.1 is a maintenance release that includes a fix for
CVE-2015-8786, a vulnerability in RabbitMQ management plugin.
Server
- Purging a lazy queue could result in an exception
- Ensure epmd is running before starting RabbitMQ node on Windows
- Channel error could make broker unreachable
- (Automatic) deletion of an auto-delete queue could lead
to blocked channels
- During (from scratch) queue sync, queue master node didn't respect
mirror alarm state. With large data sets this could drive mirror
node out of memory.
- Changing password for users with non-standard (think broker
configuration) password hashing function, for example, those migrated
from 3.5.x releases, didn't update effective hashing function.
- Heavy and/or prolonged rabbitmqctl use could exhaust Erlang VM atom table
- "Min masters" queue master location strategy could result in an error.
- Fixed a race condition in pause_minority handling mode.
- Significantly reduce possibility of a race condition when an exchange
is deleted and immediately re-declared, e.g. by a federation link.
- amq.rabbitmq.log messages now have information about originating
node in message headers
- scripts/rabbitmq-env now works with GNU sed 4.2.2
- Exceptions in VM memory use calculator no longer affect broker startup
- Direct Reply-to capability is now advertised to clients
- Paths with non-ASCII characters on Windows are now handled
- Configurable number of TCP connection acceptors
- rabbitmqctl cluster_status now includes cluster-wide resource alarm status
- Windows installer no longer jumps over installation log
- Improved rabbitmqctl reset error messages
- More unsigned field data types are supported.
Federation Plugin
- Significantly reduce possibility of a race condition when an exchange
is deleted and immediately re-declared, e.g. by a federation link
Management plugin
- CVE-2015-8786: user-provided query parameters lengths_age and
lengths_incr had no validation and could be used to exhaust server
resources.
- Password hashing function is now included in exported definitions
- Internet Explorer (9+) compatibility restored
- Internet Explorer 11 compatibility fixes
- When policy fails to be created with invalid paramaters a sensible
error message will be displayed.
Federation Management plugin
- Federation link form now includes more settings (that are exchange-
and queue-federation specific)
Clean up and simplify Makefile.
Breaking changes in 3.6.0:
- Minimum required Erlang version is R16B03 for plain ("just TCP")
connections for all protocols and 17.5 for TLS ones (18.x is
recommended for both).
- .NET client now requires .NET 4.5.
- "Immediate" flag is removed from the .NET client (it hasn't been
supported by the server since RabbitMQ 3.0).
- Default subscription TTL in MQTT is now 24 hours.
- Server artifacts are now distributed as xz archives and not gz.
- Build system has been completely reworked and now uses erlang.mk.
3rd party plugins must be adapted to the new build system.
Key improvements in this release are:
- Lazy queues
- Much better queue synchronisation throughput
- Lower RAM use, tunable flow control
- Stronger password encryption with pluggable algorithms
- Development moved to GitHub; build system now uses erlang.mk
- Significant improvements to Web STOMP
- Experimental WinRT-compatible .NET client, SQL CLR compatibility
in the "regular" one
- Pagination in management UI
- More popular plugins now ship with the broker: rabbitmq_sharding
and rabbitmq_event_exchange, for example.
Full release notes:
https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmq_v3_6_0
- Erlang 18.1 compatibility.
- Prevent EACCESS errors on Windows when queue journal is cleared.
- When multiple authorization backends are used, user tags from all
of them should be preserved.
- Force a (per-queue, not global) GC when a queue pages messages
to disk.
- MQTT Plugin: Queues used by QoS 1 subscriptions are no longer
deleted when the only subscriber disconnects.
- STOMP Plugin: Trailing new line character now can be optional.
- Various performance improvements in the server
- Reduce default heartbeat interval from 580 to 60 seconds
- Force essential TCP options, especially {reuseaddr, true}.
- Catch SIGTERM and other signals in the rabbitmq-server script to stop
RabbitMQ gracefully
- Fix a queue hang when a slave node is lost
- Fix a crash during startup when RabbitMQ tries to clean non-existing
bindings
- Support backticks in the password field when adding a user with
rabbitmqctl on Unix
- Fix a problem in gen_server2 causing calls to timeout under certain
conditions
- Federation: Fix a crash when certain headers are already present
in the forwarded message
- Federation: Increase reconnection delay from 1 to 5 seconds
- Federation: Ignore federation-specific headers added by clients
- Management UI: Do not consider non-UTF-8 content as invalid
- Management UI: Split long Base64 content in multiple lines
- Management UI: Fix a bug with rounding moving averages
- MQTT: Coerce default_user, default_pass, exchange and vhost to
Erlang binaries
- Stomp: Set the redelivered header to a boolean value
- Stomp: Properly propagate extensions headers (x-headers) in
the SUBSCRIBE and SEND frames
- Stomp: Duplicate subscription IDs no longer result in unhandled
exceptions
Full release notes:
https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmq_v3_5_5
- rabbitmq-env.conf.bat Support on Windows
- Fixed excessive SASL Logging on Windows
- Added warn as Alias to warning
- Added rabbitmqctl purge_queue
- Added file_handle_cache:clear_read_cache/0
- Improved rabbitmqctl Error Messages
- Kernel Polling Enabled Unconditionally by Default
- Easier I/O Thread Pool Size Configuration
- Higher I/O Thread Pool Size Default
- Improved Heartbeat Timeout Logging
- Fix: Recoverable Mirror Could Be Reset Due to Race Condition
- Fix: Throughput Regression Fix
- Fix: x-death headers can now safely be republished by clients
- STOMP: Test Suite Upgraded to Stomp.py 4.x
- STOMP: End Frame With a Newline Character
RabbitMQ 3.5.3:
- If rabbitmqctl can't contact a node, suggest to verify any Erlang TLS
distribution configuration
- Ensure the memory monitor is fully started before the file handle cache
is used
- Management plugin: Fix a crash during RabbitMQ startup if
force_fine_statistics is set in rabbitmq_management_agent configuration
RabbitMQ 3.5.2:
- Improve integration with Docker
- Add a way to send log messages (both "normal" and sasl messages) to stdout
- Do not try to use exec before su ... as su(1) forks a process anyway
- Report a queue is under flow control only if it was in this situation
in the last 1 second, instead of the last 5 seconds previously
- Add a check to ensure the Mnesia directory is not shared with the PID file
location or the plugin expansion directory
- Ensure the file handle cache remains under the memory high watermark
when syncing a mirrored queue
- Restore support for messages stored on disk with the previous x-death
header format
- Ensure passwords containing $ characters are properly escaped so they are
not interpreted by the shell, when a password is changed using rabbitmqctl
change_password
- Management plugin: Allow to configure rates_mode even if only
rabbitmq-management-agent is enabled
- Management plugin: Fix a badarith crash if for some reasons, the disk free
space or the file descriptors count are temporarily reported incorrectly
- STOMP plugin: Ensure the "processor" thread is terminated at the same time
the "reader" thread exits
RabbitMQ 3.5.1:
- Introduce a new channel log category for channel log messages
- Ensure consumer_closed events are emitted for the actually closed channels
only, not all of them
- Ensure the number of x-death message headers doesn't grow indefinitely
- Adjust the file read buffer cache size to avoid useless reads
- Ensure the priority queue plugin reports its memory consumption properly
- Prevent a crash while synchronising paged out priority queues
- Pass the PID file to rabbitmqctl stop in rabbitmq-server.ocf, exactly
like Debian- and Red Hat-flavour init scripts
- AMQP plugin: Fix heartbeats
- AMQP plugin: Respond with a protocol error if a disposition frame
is incorrect
- AMQP plugin: Fix a crash if the initial-delivery-count is not 0
- Version 3.3.5 fixes a number of bugs in 3.3.4 and earlier versions.
- Version 3.3.4 fixes a small number of bugs in 3.3.3 and earlier versions.
In particular it fixes a bug introduced in 3.3.3 which could cause startup
to fail under some circumstances.
- Version 3.3.3 fixes a small number of bugs in 3.3.2 and earlier versions.
In particular it fixes a bug introduced in 3.3.2 which could cause
logging to stop under some circumstances.
Changes since 3.3.1:
server
------
bug fixes
26180 prevent certain operations (including queue creation and deletion)
blocking until a connection closes when the socket limit is reached
(since 2.7.0)
26227 fix incorrect log message about config file location when running as
a Windows service, changing RABBITMQ_CONFIG_FILE and not reinstalling
the service (since 3.3.0)
26172 ensure slave queue does not hang if the GM process crashes at queue
startup (since 2.6.0)
26178 prevent error logger crash in rare circumstances (since 3.3.0)
26184 prevent small log messages being needlessly truncated (since 3.3.0)
26226 ensure rabbitmqctl status does not crash if invoked while Mnesia is
starting or stopping (since 3.0.0)
26200 fix garbled SSL log messages (since 3.0.3)
26203 prevent spurious log message if slave queue crashes early (since 3.2.2)
management plugin
-----------------
bug fixes
26197 fix garbled error message if importing JSON definitions file with invalid
input (since 2.1.0)
26209 ensure reasons for authentication failure are always logged (since 2.1.0)
enhancements
25376 add documentation on the JSON schema returned by GET queries
shovel plugin
-------------
bug fixes
26219 fix creation of dynamic shovels using direct connection URLs through
rabbitmqctl (since 3.3.1)
26176 prevent deadlock deleting virtual host with active dynamic shovel on
single core machine (since 3.3.0)
federation plugin
-----------------
bug fixes
26176 prevent deadlock deleting virtual host with active federation link on
single core machine (since 3.0.0)
shovel-management plugin
------------------------
bug fixes
26165 ensure the status of static shovels is correctly shown (since 3.3.1)
LDAP plugin
-----------
bug fixes
26190 fix crash when LDAP uses SSL and nothing else does (since 2.3.0)
auth-mechanism-ssl plugin
-------------------------
bug fixes
25550 allow use of both certificate and password based authentication at the
same time (since 2.3.0)
MQTT plugin
-----------
bug fixes
26194 prevent hang on broker shutdown when there are active MQTT connections
(since 3.0.0)
26189 fix connection crash on shutdown if the connection starts very early
(since 3.0.0)
STOMP plugin
------------
bug fixes
25550 allow use of both certificate and password based authentication at the
same time (since 2.3.0)
Java client
-----------
bug fixes
26187 ensure network recovery delay is used when recovering from all types of
exception (since 3.3.0)
26188 ensure TopologyRecoveryException includes cause's message (since 3.3.0)
26196 fix Javadoc for ConnectionFactory.setSocketConfigurator()
Erlang client
-------------
bug fixes
26160 declare xmerl application dependency (since 3.3.0)