v1.4.1
Release notes
We're pleased to announce new version of immudb: 1.4.1. This is a smaller maintenance release that fixes important issues discovered in the previous 1.4.0 release.
Important issues fixed
Along with this release, the go SDK for immudb comes with fixes to two security vulnerabilities (CVE-2022-36111 and CVE-2022-39199) that we've discovered through an internal security review. Those vulnerabilities only affect the client SDK that is part of the immudb release - for that reason make sure that the most recent go SDK version is used in your application.
More information about those vulnerabilities can be found in those adversaries:
Small improvements
Besides important fixes, this release also comes with improved naming convention related to replication options and an option to reset admin password without knowledge of the previous password. Such password reset is helpful in case the admin password is lost and can also be used to ensure there's a correct admin password set in cloud deployments such as Kubernetes.
Changelog
[v1.4.1] - 2022-11-16
Bug Fixes
- Change replication-related terms in codebase
- Change replication-related terms in tests
- cmd: Rename replication flags to follow consistent convention
- cmd/immudb: Better description of the
--force-admin-password
flag - cmd/immudb: Fix description of the
force-admin-password
flag - embedded/appendable: fsync parent directory
- embedded/appendable: fsync parent folder in remote appedable
- pkg: Rename replication-related fields in GRPC protocol
- pkg/client: Delay server identity validation
- pkg/client/cache: Add methods to validate server identity
- pkg/client/cache: Validate server's identity
- pkg/server: Remove includeDeactivated flag when querying for users
- pkg/server/servertest: Add uuid to buffconn server
- pkg/server/servertest: Fix resetting grpc connection
- test/perf-test-suite: Avoid dumping immudb logo on perf test results file
- test/performance-test-suite: Ensure results are shown after proper is finished
- verification: Additional Linear proof consistency check
- verification: Recreate linear advance proofs for older servers
Changes
- pkg/server: Add logs for activities related to users
- ci: migrate deprecating set-output commands
- cmd/immudb: Allow resetting sysadmin password
- docs/security: Be less specific about package version in examples
- docs/security: Add resources for the linear-fake vulnerability
- embedded/appendable: sync directories
- embedded/store: Disable asynchronous AHT generation
- embedded/store: Remove AHT Wait Hub
- pkg/client: Document
WithDisableIdentityCheck
option - pkg/client/cache: Describe serverIdentity parameter
- pkg/client/cache: Limit the hash part of the identity file name
- pkg/client/state: Cleanup mutex handling in StateService
- pkg/server: Warn if sysadmin user password was not reset
- pkg/server: Better warning for unchanged admin password
- test/performance-test-suite: Add summary to json output
Features
- ci: fix message and input
- ci: add runner name to mattermost message header
- ci: simplify results extraction
- ci: extract performance tests into separate workflow to be reused
- ci: add scheduled daily test runs and send results to Mattermost
- pkg/replication: Disable server's identity check in internal replication
Downloads
Docker image
https://hub.docker.com/r/codenotary/immudb
immudb Binaries
File | SHA256 |
---|---|
immudb-v1.4.1-darwin-amd64 | 120966d077c5ffca4bfd6745473a06c0ca219291adc49960108cc476e418cf5a |
immudb-v1.4.1-darwin-arm64 | d6469914115a58f9462c07b1d5aa0dbb1e777b80477d8baf8108bf51deabdd22 |
immudb-v1.4.1-freebsd-amd64 | 05a932c73bbb4305f6f7975a3bdc0f2198f8968776b16b84497584bb2742bc5a |
immudb-v1.4.1-linux-amd64 | a5ae370d6475026db7df5906ba037dc708b0a8bda52a0adf0d06c3dcdee587f1 |
immudb-v1.4.1-linux-amd64-fips | db4477eb54d0437b9b145dfa9f77b593fc3a149906b0c5cc1c4ed87301786298 |
immudb-v1.4.1-linux-amd64-static | 7b2c31569a513e072cefbdc7cbcf7c36421516230bf388a5156d95a5f3034b02 |
immudb-v1.4.1-linux-arm64 | 3d5f8784bdf652d2c067885d19b330d28bf497459b59a9358c0774dbff1f4d6f |
immudb-v1.4.1-linux-s390x | ee4efbcb850ab56da2fd3ed18226bd9808de404fd69ea425567952492e320e96 |
immudb-v1.4.1-windows-amd64.exe | 707963320c94390ac9f9ce8d20d4f274baf636df789c4a65f3dc1a74bfd7f52c |
immuclient Binaries
File | SHA256 |
---|---|
immuclient-v1.4.1-darwin-amd64 | 076c4f474e8f57d59ec20016d5f445205b80d16c0a7aebe6ae0b1d07310c5360 |
immuclient-v1.4.1-darwin-arm64 | 41bfe74f900e7bbd9cc57b89d3111edf9faa3f5ff4204995e352f02c78fa3c53 |
immuclient-v1.4.1-freebsd-amd64 | 286c48668fd772464217f26cfc30772819175e61452d860d44ad6ec04c437c79 |
immuclient-v1.4.1-linux-amd64 | 3ab44ad6d956a7f4ecff2da08738227e63cd4816ef7047dc63f671c6536969b7 |
immuclient-v1.4.1-linux-amd64-fips | 75cbdc3614cb345af53e127aaaf4e7633fde4710f1ce1f1191c12b1d7ce4ab0f |
immuclient-v1.4.1-linux-amd64-static | 1f33880078225f56b253e663fb5d6e8ef1927d4bc9019ad8ef40a1863d99be7e |
immuclient-v1.4.1-linux-arm64 | 30e736810ab08f74e4dbd22b9ddb369b321dde1c65b35879a3ed164c97e5e8a0 |
immuclient-v1.4.1-linux-s390x | 6fe337a5d14511eda8cad40d7ec4f6c483bf5b2811229678833286cfa373a7a0 |
immuclient-v1.4.1-windows-amd64.exe | 6790a7dc306f3669cb824774b45c140c9331b6a83ae8fb10629a7c58c495405d |
immuadmin Binaries
File | SHA256 |
---|---|
immuadmin-v1.4.1-darwin-amd64 | caf3308f916d43c79fc14c77c3452013f3580b4e7edfd0fe949219d945d3b245 |
immuadmin-v1.4.1-darwin-arm64 | 1a82fef2f16715591da9e74001a8db0d0838ce6e273cf08443e8261f89f6fedb |
immuadmin-v1.4.1-freebsd-amd64 | 42679b08927dcbef84b18eac78391e78c29a5c817e9febf56bc18485ee39c5a5 |
immuadmin-v1.4.1-linux-amd64 | 24126f6699b3ae3fe18910c5a4fb45d996bc9237ebb92e91ee2916b8f8379b0c |
immuadmin-v1.4.1-linux-amd64-fips | b5b457b179384a72a6486a5e82f16f8bfe449b467e31373627f94a736f7d7afb |
immuadmin-v1.4.1-linux-amd64-static | e68a4fc4640082a67522c9a77f081ee513cc87732900b3f0dd644deda6a58843 |
immuadmin-v1.4.1-linux-arm64 | 9cc7d0283b4e7bd58c1daa39ec1c93c9bdaeb7818b11ac5ac88a8d91be3ba658 |
immuadmin-v1.4.1-linux-s390x | 22408bc7d8e0cef8378fcff8b1079bfa574e0336e5ca77f77facf21c67e3f24e |
immuadmin-v1.4.1-windows-amd64.exe | 2fa628855a0c17aecb5cc675297a1bf217bbf595f40701ed740d6351279f7e2d |