3 nbdkit-release-notes-1.28 - release notes for nbdkit 1.28
7 These are the release notes for nbdkit stable release 1.28.
8 This describes the major changes since 1.26.
10 nbdkit 1.28.0 was released on B<23 September 2021>.
14 =head3 CVE-2021-3716 reset structured replies on starttls
16 nbdkit was vulnerable to injected plaintext when upgrading to a secure
17 connection. For the full announcement see
18 L<https://www.redhat.com/archives/libguestfs/2021-August/msg00083.html>
21 All past security issues and information about how to report new ones
22 can be found in L<nbdkit-security(1)>.
26 L<nbdkit-data-plugin(1)> has new C<leE<lt>NNE<gt>:> and
27 C<beE<lt>NNE<gt>:> prefixes for little and big endian words. Also the
28 plugin tries much harder to optimize expressions. The test suite has
29 been greatly expanded to catch potential regressions.
31 L<nbdkit-floppy-plugin(1)> now allows you to reserve free space (Nolan
34 L<nbdkit-ssh-plugin(1)> no longer references SHA1 host keys as part of
35 the effort to remove insecure algorithms (Daniel Berrangé).
37 L<nbdkit-vddk-plugin(1)> reports C<can_flush> and C<can_fua> based on
38 what the version of VDDK supports. New debug flag I<-D vddk.stats=1>
39 prints the amount of time spent in VDDK calls on exit which can be
40 useful for profiling performance.
44 L<nbdkit-cow-filter(1)> and L<nbdkit-cache-filter(1)> no longer break
45 up large read requests into page-sized requests. In addition the
46 default block size for both filters is now 64K. Both changes greatly
49 L<nbdkit-cache-filter(1)> has a new C<cache-on-read=/PATH> parameter
50 allowing callers to enable and disable the cache-on-read feature at
51 runtime. Also there is a new C<cache-min-block-size> parameter
52 letting you select the block size at runtime (thanks Martin
55 L<nbdkit-cow-filter(1)> has a new C<cow-on-read> parameter which works
56 similarly to the corresponding cache filter feature. The new
57 C<cow-block-size> parameter lets you select the block size at runtime.
59 L<nbdkit-cow-filter(1)> has less verbose debugging. To restore the
60 old debug output use I<-D cow.verbose=1>
62 L<nbdkit-delay-filter(1)> has new C<delay-open> and C<delay-close>
63 parameters to inject delays when clients connect and disconnect.
64 Delay filter parameters are now parsed more accurately (thanks Ming
67 =head2 Language bindings
69 The OCaml bindings now call C<caml_shutdown> when unloading the
70 plugin. This causes C<Stdlib.at_exit> handlers to run correctly,
71 closes file descriptors, releases dependent shared libraries and frees
72 memory. Valgrind on OCaml plugins should not show any false positives
75 OCaml and Python bindings may now use the C<.cleanup> method.
77 References to Python 2 in L<nbdkit-python-plugin(3)> have been removed.
81 Fix captive nbdkit C<$uri> variable so when TLS is used the URI is
82 constructed with the C<nbds:> prefix. Additionally add a new variable
83 C<$tls> which can be used by the subprocess to tell if TLS is enabled.
85 Debug messages are now printed atomically. This means that debug
86 messages are no longer broken up across multiple lines if there are
87 other processes writing to stderr at the same time (which often
88 happened when using captive nbdkit).
90 Enhanced valgrind support (F<./configure --enable-valgrind>) can now
91 be enabled safely and with no performance impact even in production
96 Plugins or filters using C<nbdkit_nanosleep> now don't hang if the
97 client closes the socket abruptly (thanks Ming Xie).
101 L<nbdkit-data-plugin(1)> and L<nbdkit-memory-plugin(1)> using
102 allocator=malloc no longer crash because of memory corruption in some
103 corner cases (only seen on s390x, but could happen on other
104 architectures). Meanwhile C<allocator=zstd> no longer crashes when
105 zeroing unallocated space.
115 Tests now use the new C<GLIBC_TUNABLES> feature, replacing
116 C<MALLOC_CHECK_> on glibc E<ge> 2.34 (thanks Eric Blake,
121 F<configure.ac> now uses spaces consistently, and has been
122 modernized to support the latest autotools (Eric Blake).
124 F<podwrapper.pl> has been unified (almost) with the copy in libnbd.
126 Continue fuzzing using AFL++. Updated the fuzzing documentation.
140 Authors of nbdkit 1.28:
144 git shortlog -s v1.26.0..
150 =item Daniel P. Berrangé
154 =item Martin Kletzander
158 =item Richard W.M. Jones