github rabbitmq/rabbitmq-server v4.2.8
RabbitMQ 4.2.8
on GitHub

latest release: v4.3.2
5 hours ago

RabbitMQ 4.2.8 is a maintenance release in the 4.2.x release series.

It is strongly recommended that you read 4.2.0 release notes
in detail if upgrading from a version prior to 4.2.0.

Minimum Supported Erlang Version

RabbitMQ and Erlang/OTP Compatibility Matrix has more details on Erlang version requirements for RabbitMQ.

Nodes will fail to start on older Erlang releases.

Changes Worth Mentioning

Release notes can be found on GitHub at rabbitmq-server/release-notes.

Core Server

Bug Fixes

  • Users created without a password or a password hash (for example, those that rely on
    X.509 certificate-based authentication) over the HTTP API are now stored correctly,
    exactly like the users whose password was cleared with rabbitmqctl clear_password.

    GitHub issues: #16629, #16633

  • Consumer activity status of classic queue consumers was not always correctly updated and reported
    when single active consumer was enabled.

    GitHub issues: #16532, #16450

  • Default queue type (DQT) validation now treats empty strings the same way as a missing value: by falling back
    to the default (classic queues).

    GitHub issues: #16481, #16488

Enhancements

  • The per-node channel limit (channel_max_per_node) is now also enforced for channels opened
    on direct Erlang client connections used by the Shovel and Federation plugins, matching the behavior
    enforced for "regular" AMQP 0-9-1 clients.

    GitHub issues: #16616, #16618

  • Modules are now loaded in parallel early on node boot, reducing node startup time.

    GitHub issue: #16479

  • Several new rabbitmq.conf keys now support encrypted values.

    GitHub issue: #16632

CLI Tools

Bug Fixes

  • rabbitmqctl add_vhost now validates the provided default queue type value.

    GitHub issue: #16481

Stream Plugin

Bug Fixes

  • Fixed a frame assembly performance regression in the stream protocol reader.

    GitHub issue: #16588

Enhancements

  • Several stream protocol reader optimizations: stream metadata queries now contact cluster nodes concurrently,
    subscription lookups use a more efficient data structure, and frame processing short-circuits
    when a connection reaches a terminal state.

    GitHub issue: #16588

Management Plugin

Bug Fixes

  • CORS hardening: access-control-request-headers values are now validated and
    a wildcard (*) origin header value is rejected.

    GitHub issue: #16544

  • Definitions import now limits the size of multipart upload bodies, and definitions export
    download filenames are restricted to a safe character set.

    GitHub issue: #16544

  • HTTP API 500 responses no longer include internal error details in the response body.

    GitHub issue: #16544

  • Several HTTP response headers are now consistently lowercase, and a previously missing
    content-type header was added to certain responses.

    GitHub issue: #16544

Enhancements

  • A one-time warning is now logged when the HSTS or CSP headers are disabled.

    GitHub issue: #16544

  • The timestamp of the oldest message in a stream is now displayed on the stream page.

    GitHub issue: #15412

Prometheus Plugin

Enhancements

  • More plugin configuration keys, such as prometheus.ssl.password, now support
    encrypted values in rabbitmq.conf.

    GitHub issues: #16516, #16521

MQTT Plugin

Bug Fixes

  • mqtt.tcp_listen_options.* settings in rabbitmq.conf did not take effect
    due to a configuration translation issue.

    GitHub issue: #16529

Dependency Changes

  • cuttlefish was upgraded to 3.9.1
  • cowboy was upgraded to 2.16.0
  • cowlib was upgraded to 2.17.0
  • gun was upgraded to 2.4.0
Check out latest releases or
releases around rabbitmq/rabbitmq-server v4.2.8

Don't miss a new rabbitmq-server release

NewReleases is sending notifications on new releases.

Get notifications