Release notes

We're pleased to announce new version of immudb: 1.4.1. This is a smaller maintenance release that fixes important issues discovered in the previous 1.4.0 release.

Important issues fixed

Along with this release, the go SDK for immudb comes with fixes to two security vulnerabilities (CVE-2022-36111 and CVE-2022-39199) that we've discovered through an internal security review. Those vulnerabilities only affect the client SDK that is part of the immudb release - for that reason make sure that the most recent go SDK version is used in your application.

More information about those vulnerabilities can be found in those adversaries:

Small improvements

Besides important fixes, this release also comes with improved naming convention related to replication options and an option to reset admin password without knowledge of the previous password. Such password reset is helpful in case the admin password is lost and can also be used to ensure there's a correct admin password set in cloud deployments such as Kubernetes.

Changelog

[v1.4.1] - 2022-11-16

Bug Fixes

Change replication-related terms in codebase
Change replication-related terms in tests
cmd: Rename replication flags to follow consistent convention
cmd/immudb: Better description of the --force-admin-password flag
cmd/immudb: Fix description of the force-admin-password flag
embedded/appendable: fsync parent directory
embedded/appendable: fsync parent folder in remote appedable
pkg: Rename replication-related fields in GRPC protocol
pkg/client: Delay server identity validation
pkg/client/cache: Add methods to validate server identity
pkg/client/cache: Validate server's identity
pkg/server: Remove includeDeactivated flag when querying for users
pkg/server/servertest: Add uuid to buffconn server
pkg/server/servertest: Fix resetting grpc connection
test/perf-test-suite: Avoid dumping immudb logo on perf test results file
test/performance-test-suite: Ensure results are shown after proper is finished
verification: Additional Linear proof consistency check
verification: Recreate linear advance proofs for older servers

Changes

pkg/server: Add logs for activities related to users
ci: migrate deprecating set-output commands
cmd/immudb: Allow resetting sysadmin password
docs/security: Be less specific about package version in examples
docs/security: Add resources for the linear-fake vulnerability
embedded/appendable: sync directories
embedded/store: Disable asynchronous AHT generation
embedded/store: Remove AHT Wait Hub
pkg/client: Document WithDisableIdentityCheck option
pkg/client/cache: Describe serverIdentity parameter
pkg/client/cache: Limit the hash part of the identity file name
pkg/client/state: Cleanup mutex handling in StateService
pkg/server: Warn if sysadmin user password was not reset
pkg/server: Better warning for unchanged admin password
test/performance-test-suite: Add summary to json output

Features

ci: fix message and input
ci: add runner name to mattermost message header
ci: simplify results extraction
ci: extract performance tests into separate workflow to be reused
ci: add scheduled daily test runs and send results to Mattermost
pkg/replication: Disable server's identity check in internal replication

Downloads

Docker image
https://hub.docker.com/r/codenotary/immudb

immudb Binaries

File	SHA256
immudb-v1.4.1-darwin-amd64	120966d077c5ffca4bfd6745473a06c0ca219291adc49960108cc476e418cf5a
immudb-v1.4.1-darwin-arm64	d6469914115a58f9462c07b1d5aa0dbb1e777b80477d8baf8108bf51deabdd22
immudb-v1.4.1-freebsd-amd64	05a932c73bbb4305f6f7975a3bdc0f2198f8968776b16b84497584bb2742bc5a
immudb-v1.4.1-linux-amd64	a5ae370d6475026db7df5906ba037dc708b0a8bda52a0adf0d06c3dcdee587f1
immudb-v1.4.1-linux-amd64-fips	db4477eb54d0437b9b145dfa9f77b593fc3a149906b0c5cc1c4ed87301786298
immudb-v1.4.1-linux-amd64-static	7b2c31569a513e072cefbdc7cbcf7c36421516230bf388a5156d95a5f3034b02
immudb-v1.4.1-linux-arm64	3d5f8784bdf652d2c067885d19b330d28bf497459b59a9358c0774dbff1f4d6f
immudb-v1.4.1-linux-s390x	ee4efbcb850ab56da2fd3ed18226bd9808de404fd69ea425567952492e320e96
immudb-v1.4.1-windows-amd64.exe	707963320c94390ac9f9ce8d20d4f274baf636df789c4a65f3dc1a74bfd7f52c

immuclient Binaries

File	SHA256
immuclient-v1.4.1-darwin-amd64	076c4f474e8f57d59ec20016d5f445205b80d16c0a7aebe6ae0b1d07310c5360
immuclient-v1.4.1-darwin-arm64	41bfe74f900e7bbd9cc57b89d3111edf9faa3f5ff4204995e352f02c78fa3c53
immuclient-v1.4.1-freebsd-amd64	286c48668fd772464217f26cfc30772819175e61452d860d44ad6ec04c437c79
immuclient-v1.4.1-linux-amd64	3ab44ad6d956a7f4ecff2da08738227e63cd4816ef7047dc63f671c6536969b7
immuclient-v1.4.1-linux-amd64-fips	75cbdc3614cb345af53e127aaaf4e7633fde4710f1ce1f1191c12b1d7ce4ab0f
immuclient-v1.4.1-linux-amd64-static	1f33880078225f56b253e663fb5d6e8ef1927d4bc9019ad8ef40a1863d99be7e
immuclient-v1.4.1-linux-arm64	30e736810ab08f74e4dbd22b9ddb369b321dde1c65b35879a3ed164c97e5e8a0
immuclient-v1.4.1-linux-s390x	6fe337a5d14511eda8cad40d7ec4f6c483bf5b2811229678833286cfa373a7a0
immuclient-v1.4.1-windows-amd64.exe	6790a7dc306f3669cb824774b45c140c9331b6a83ae8fb10629a7c58c495405d

immuadmin Binaries

File	SHA256
immuadmin-v1.4.1-darwin-amd64	caf3308f916d43c79fc14c77c3452013f3580b4e7edfd0fe949219d945d3b245
immuadmin-v1.4.1-darwin-arm64	1a82fef2f16715591da9e74001a8db0d0838ce6e273cf08443e8261f89f6fedb
immuadmin-v1.4.1-freebsd-amd64	42679b08927dcbef84b18eac78391e78c29a5c817e9febf56bc18485ee39c5a5
immuadmin-v1.4.1-linux-amd64	24126f6699b3ae3fe18910c5a4fb45d996bc9237ebb92e91ee2916b8f8379b0c
immuadmin-v1.4.1-linux-amd64-fips	b5b457b179384a72a6486a5e82f16f8bfe449b467e31373627f94a736f7d7afb
immuadmin-v1.4.1-linux-amd64-static	e68a4fc4640082a67522c9a77f081ee513cc87732900b3f0dd644deda6a58843
immuadmin-v1.4.1-linux-arm64	9cc7d0283b4e7bd58c1daa39ec1c93c9bdaeb7818b11ac5ac88a8d91be3ba658
immuadmin-v1.4.1-linux-s390x	22408bc7d8e0cef8378fcff8b1079bfa574e0336e5ca77f77facf21c67e3f24e
immuadmin-v1.4.1-windows-amd64.exe	2fa628855a0c17aecb5cc675297a1bf217bbf595f40701ed740d6351279f7e2d

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.4.1