Skip to content

Release v2.10.24

Latest
Compare
Choose a tag to compare
@NATS-CI NATS-CI released this 17 Dec 17:16
· 1530 commits to main since this release
1d6f7ea

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

CVEs

  • Vulnerability check warnings for CVE-2024-45337 are addressed by the dependency update to x/crypto, although the NATS Server does not use the affected functionality and is therefore not vulnerable

Go Version

  • 1.23.4

Dependencies

  • golang.org/x/crypto v0.31.0 (#6246)
  • github.com/nats-io/jwt/v2 v2.7.3 (#6256)
  • github.com/nats-io/nkeys v0.4.9 (#6255)

Fixed

General

  • Request/reply tracking with allow_responses permission is now pruned more regularly, fixing performance issues that can get worse over time (#6064)

JetStream

  • Revert a change introduced in 2.10.23 that could potentially cause a consumer info call to fail if it takes place immediately after the consumer was created in some large or heavily-loaded clustered setups (#6250)
  • Minor fixes to subject state tracking (#6244)
  • Minor fixes to healthz and healthchecks (#6247, #6248, #6232)
  • A calculation used to determine if exceeding limits has been corrected (#6264)
  • Raft groups will no longer spin when truncating the log fails, i.e. during shutdown (#6271)

WebSockets

  • A WebSocket close frame will no longer incorrectly include a status code when not needed (#6260)

Complete Changes

v2.10.23...v2.10.24