github nats-io/nats-server v2.2.3
Release v2.2.3


Go Version

  • 1.16.4: Both release executables and Docker images are built with this Go release.


  • TLS default (secure) ciphers were not selected when configuring TLS from the command line as opposed to from the configuration file. Thanks to @DavidSimner for the report. See CVE-2021-32026 (#2167)


  • JetStream:
    • Support for multiple JetStream domains across Leafnodes. A new field called domain (a string) can be specified in the jetstream{} block (#2171, #2186, #2190, #2194)
  • LeafNode:
    • dont_randomize configuration under a remote leaf configuration to restore original behavior that was no randomizing the list of URLs (#2156)
  • Monitoring:
    • LeafNodes deny exports and imports in /varz (#2159)


  • Server is now trying to send data from the producer's network loop only when both producers and consumers are user connections. Thanks to @shkim-will for the contribution (#2093)
  • LeafNode:
    • Randomize remote URLs list by default. Thanks to @RudeDude for the suggestion (#2156)
  • MQTT:
    • In order to support use of MQTT in some more complex setups, the server must enforce that its server_name configuration be explicitly defined (#2178)


  • JetStream: stability for concurrent compact, purge, expiration and persisting of messages (#2180)


  • Panic on startup when using a NATS Resolver without having configured a system account. The server will now report the error instead of panic'ing (#2162)
  • JetStream:
    • Pull based message delivery could drop responses in a super cluster configuration (#2166)
    • Under heavy load, a leader change could warn about not processing entry responses (#2173)
    • Stream bytes limit setting failed when account used dynamic limits. Also, file store implementation was not honoring block size (#2183)
    • Mirror/Source streams from work queues which could cause a deadlock on Interest policy streams (#2187)
    • Raft groups could continuously spin trying to catchup (#2191)
    • Check for more unwanted characters for the stream/consumer names, namely , \r, \n, \t and \f in addition to existing ., * and > (#2195)
  • LeafNode:
    • A message loop could occur if a Leafnode, which has several members of a queue group, reconnects to a different server in a remote cluster. Thanks to @RudeDude for the report (#2163)
  • Monitoring:
    • The http endpoint /varz would report increased subscriptions count every time it was inspected, even if no new subscription was added. Thanks to @cjbottaro and @harrisa1 for the report (#2172)
  • MQTT:
    • JetStream assets would not be placed in the local LeafNode cluster (#2164)
    • A server would be forced to have JetStream enabled locally, which is not required if it is part of a cluster and JetStream is available in that cluster (#2164, #2178)
    • Several issues including connection timeouts, unexpected memory usage in QoS1 high publish message rate, etc... (#2178)
    • Retained message in cluster mode may not be delivered to starting matching subscription (#2179)
  • The User.Username was not used when a custom authenticator was calling RegisterUser (#2165)
  • Error parsing operator JWT on Windows (#2181)

Complete Changes

latest releases: v2.5.0, v2.4.0, v2.3.4...
4 months ago