-
Garage v0.9.2 Stable
lx released this
2024-03-01 16:18:39 +00:00 | 185 commits to main since this releaseThis minor release includes the following improvements and fixes:
Security fixes:
-
Fix timing side-channel vulnerability in admin/metrics token comparison and in AWS signature v4 verification (#737)
-
Ensure that the correct set of headers (in particular,
x-amz-*headers) are included in signature calculation (#735, #745)
New features:
-
allow to specify custom LMDB map size when using
garage convert-db(#691) -
garage block infocan now find blocks using only a prefix of the hash (#682, #712) -
header overriding in GetObject using
response-*query parameters (#650, #713) -
allow option to bind outgoing RPC sockets to same IP address as listening socket (#638, #721)
-
add health and node status metrics to prometheus exports (#545, #726)
Bug fixes:
-
allow multi-character delimiters in List* API calls (#692, #711)
-
take into account rpc secret file for CLI commands (#695, #715)
-
retry RPC connections when new IP address for a peer is learned (#652, #724)
-
filter nodes Garage tries to reconnect to, to avoid connecting to old nodes (#555, #719)
-
add a lock ON EACH NODE ONLY for CreateBucket and other bucket/key operations (#723, #728)
Optimization:
-
rewrite of PutObject with potential speed-ups (not benchmarked) (#734)
-
enable LTO in release builds, reduces binary size significantly (#704, #707)
Other:
-
import code of the netapp crate into the garage codebase, as new crate
garage_net(#717) -
convert CI pipelines to Woodpecker + improvements and simplifications to CI code (#708, #706)
Thanks to all of the contributors that have participated in this new version: Armaël Gueneau, emilylange, hartraft, Jonathan Davies, yuka, Zdenek Crha. Thanks to Radicallly Open Security for auditing the code and finding the timing side-channel vulnerabilities.
Downloads
-