LATEST VERSION: 3.6.5 - CHANGELOG
Pivotal RabbitMQ v3.x

Release Notes for Version 3.6.5

What’s New in Pivotal RabbitMQ 3.6.5

These are the release notes for Pivotal RabbitMQ 3.6.5. This is a feature release. It has breaking changes in a few areas:

  • Minimum required Erlang version is R16B03 for plain (“just TCP”) connections for all protocols and 17.5 for TLS ones (18.x is recommended for both).
  • Password hashing function is now SHA-256 by default: please read the docs before importing definitions from 3.5.x!
  • When RABBITMQ_NODENAME is not explicitly configured, hostname on Windows will be lowercased by default.
  • .NET client now requires .NET 4.5.
  • “Immediate” flag is removed from the .NET client (it hasn’t been supported by the server since RabbitMQ 3.0).
  • Default subscription TTL in MQTT is now 24 hours.
  • Server artifacts are now distributed as xz archives and not gz.
  • Build system has been completely reworked and now uses erlang.mk. 3rd party plugins must be adapted to the new build system.

Key improvements in this release are:

  • Lazy queues.
  • Much better queue synchronisation throughput.
  • Lower RAM use, tunable flow control.
  • Stronger password encryption with pluggable algorithms.
  • Development moved to GitHub; build system now uses erlang.mk.
  • Significant improvements to Web STOMP.
  • Experimental WinRT-compatible .NET client, SQL CLR compatibility in the “regular” one.
  • Pagination in management UI.
  • More popular plugins now ship with the broker: rabbitmq_sharding and rabbitmq_event_exchange, for example.
  • rabbitmq-top plugin to identify Erlang processes consuming the most CPU and RAM resources.
  • rabbitmq-trust-store plugin which manages trusted client x509/TLS certificates.
  • rabbitmq-jms-topic-exchange, which together with [RabbitMQ JMS Java client]](https://github.com/rabbitmq/rabbitmq-jms-client) provides support for the JMS 1.1 API atop RabbitMQ.

Pivotal RabbitMQ 3.6.5 is based on the open-source release 3.6.5. RabbitMQ 3.6.5 includes the following changes and enhancements:

  • server. RAM watermark can be configured as an absolute value in bytes (just like with disk space monitoring): pre [{rabbit, [{vm_memory_high_watermark, {absolute, 1073741824}}]}].
  • server. rabbitmqctl authenticate_user is a new command that can be used to test user authentication.
  • server. rabbitmqctl now supports exclusive as a queue info item. Contributed by Alexey Lebedeff (@binarin).
  • server. Lazy queues is a new feature that can significantly reduce the RAM cost of queues that can grow very long (e.g. don’t have consumers online for hours or day). Such queues page messages to disk as they enter the queue. This feature is opt-in and has virtually no overhead for consumers in most cases, making throughput for publishers much more even, and also reduce RAM usage.
  • server. Queue synchronisation to mirrors now happens in batches of configurable size, 4096 messages by default. This can improve sync throughput by an order of magnitude.
  • server. Queue master-to-node distribution is now more flexible: there are several strategies to choose from.
  • server. Stronger password encryption algorithm. SHA-256 is the hashing function used by default now, with SHA-512 being an option provided out of the box. Support for more options (Scrypt, bcrypt, etc) can be added with plugins. Existing user records will continue using MD5. To force re-hashing/encryption, change user password using rabbitmqctl or management UI/HTTP API. This should improve FIPS-180 compatibility.
  • server. Lower RAM use thanks to disabled in-process caching. RabbitMQ’s in-process read buffers are now disabled by default. This often significantly reduces RAM usage at effectively no throughput or latency cost because the OS and file system do the same job fairly well.
  • server. Configurable flow control settings Note that larger values will not necessarily lead to higher throughput or lower latency. They can also result in larger RAM use and therefore can be dangerous.
  • server. Build system switched to erlang.mk. erlang.mk is a modern build system for Erlang projects. RabbitMQ and all of its sub-projects have been switched to it. This yields several benefits for RabbitMQ maintainers and plugin developers, for example, dependency management for plugins is much more straightforward, build times are significantly improved, there is no need to depend on rabbitmq-server for most plugins. Various 3rd party plugins need to migrate to erlang.mk in order to be built against RabbitMQ 3.6.0 (rabbit_common). See the new plugin development guide here.
  • server. Streaming rabbitmqctl: rabbitmqctl list operations now stream results instead of waiting for the entire result set to arrive. This both improves responsiveness and makes it possible to list individual items, including those which did not respond in time.
  • server. (More) standard exit codes for command line tools rabbitmqctl and rabbitmq-plugins now use more standard, or at least distinctive, error codes for various failures.
  • server. Improved log message for channel exceptions.
  • server. Improved log message when a client’s TCP connection is closed unexpectedly.
  • server. Improved log message when a client connects to a non-existent vhost.
  • server. Improved log message for access_refused connection errors.
  • server. Improved log message for command_invalid connection errors.
  • server. More sensible error code when a client connects to a non-existent vhost (or vhost it has no permissions for). The code returned is now 530.
  • server. Memory monitoring interval is now configurable.
  • server. Prevent background GC interval from becoming too large due to backoff.
  • server. Windows installer now supports “unattended” NSIS installs.
  • server. Windows package name now includes RabbitMQ version it provides.
  • server. kernel.net_ticktime is now included into rabbitmqctl status output.
  • server. rabbitmqctl now has a command for setting up free disk space limit at runtime.
  • server. Backup directory location is now mentioned in failed upgrade messages.
  • server. Paths with non-ASCII characters on Windows are now handled RabbitMQ now can be installed into a location with non-ASCII characters, e.g. when username contains them.
  • server. Configurable number of TCP connection acceptors Plus a x10 increase of the default. This helps with workloads where connection churn is very high (e.g. all clients are PHP Web apps that cannot maintain long-lived connections).
  • server. rabbitmqctl cluster_status now includes cluster-wide resource alarm status.
  • server. Windows installer no longer jumps over installation log.
  • server. Improved rabbitmqctl reset error messages.
  • server. More unsigned field data types are supported.
  • server. Connections now emit stats unconditionally when they are blocked and unblocked by resource alarms. This makes management UI and HTTP API-reported data to be more up-to-date.
  • server. New (node-local) health check command rabbitmqctl node_health_check is a new command that performs basic health check of a node.
  • server. Automatic restart policy enabled for Windows service.
  • server. Default number of async I/O VM threads is now calculated based on the number of available CPU cores.
  • server. rabbitmqctl list_queues now supports new flags, --offline and --online, that limit result to only unavailable or available queues (queue masters, to be more precise).
  • server. RabbitMQ will no longer log a warning about disabled kernel polling on Windows. The runtime does not support kernel polling (I/O completion ports) on Windows, so there is nothing the user can do about it.
  • server. Queue index is now updated in batches when messages are requeued.
  • server. systemd support in Debian and RPM packages.
  • server. Debian repository and release artifacts are now signed with a new 4096-bit OpenGPG key.
  • server. More resilient worker_pool, particularly important for LDAP plugin users.
  • server. More efficient file handle management.
  • server. Test suite ported to Common Test. Plugin developers will be encouraged to port their test suites to Common Test in the future.
  • server. Compilation on Erlang/OTP 19.0.
  • server. Erlang VM scheduler binding type default has changed to db. This means fewer CPU context switches for some workloads.
  • Java client. Heartbeats are now enabled by default.
  • Java client. Shutdown threads can use an executor.
  • Java client. ChannelManager now can use an executor.
  • Java client. Channel#consumerCount(string) is a new convenience method for retrieving number of consumers on a queue.
  • Java client. Channel#messageCount(string) is a new convenience method for retrieving number of messages in a queue.
  • Java client. LongString#toString is part of the API.
  • Java client. Endpoints (hostnames) are now also accepted as a java.util.List.
  • Java client. Autorecovering connections now shuffle hosts in a more reliable way.
  • Java client. The client will now try to use TLS v1.2 and v1.1 before falling back to v1.0 by default.
  • .NET client. Heartbeats are now enabled by default.
  • .NET client. Host/address list support is back. Host selection strategy (when recovering a connection) is now pluggable.
  • .NET client Experimental .NET client with Windows RT support is now available.
  • .NET client SQL CLR compatibility.
  • .NET client IModel#ConsumerCount(string) is a new convenience method for retrieving number of consumers on a queue.
  • .NET client IModel#MessageCount(string) is a new convenience method for retrieving number of messages in a queue.
  • .NET client Continuation timeout is now configurable.
  • .NET client RabbitMQ.Client.Headers is a new class that contains constants for commonly used headers.
  • .NET client .NET 4.5 is now required by the library.
  • .NET client Code examples are removed from the .NET client repository. All examples belong to rabbitmq-tutorials now.
  • .NET client Compatibility with SQL Server 2014 CLR restored.
  • .NET client Autorecovering connections now respect all provided hostnames when reconnecting.
  • .NET client ConnectionFactory#CreateConnection now respects all provided hostnames when automatic connection recovery is disabled.
  • .NET client. New FAKE and Paket-based build tooling: development on OS X and Linux with Mono is now possible again.
  • Erlang client. Heartbeats are now enabled by default.
  • Erlang client Certain channel failures resulted in a race condition during process [tree] shutdown.
  • Erlang client. amqp_connection:close/4 is now exported.
  • Management Plugin. Pagination for connections, channels, exchanges, and queues.
  • Management Plugin. Queue information objects in responses now have a boolean property for queue exclusivity instead of a confusing owner_pid.
  • Management Plugin. Password hashing function is now included in exported definitions. Those upgrading from versions earlier than 3.6.0 via definitions export won’t have to temporarily set hashing function to MD5 to ensure export succeeds.
  • Management Plugin Management plugin has a new, better parallelised event collector which is less likely to fall behind.
  • Management Plugin Clients now can provide a human-readable connection name that will be displayed in the management UI. Currently Java, .NET and Erlang clients support this. In order to use this feature, set the connection_name key in client properties. Note that this name doesn’t have to be unique and cannot be used as a connection identifier, for example, in HTTP API requests.
  • Management Plugin GET /api/nodes/{node}/memory and GET /api/nodes/{node}/memory/relative are new HTTP API endpoints that return memory usage breakdown in absolute (same as rabbitmqctl status) and relative terms.
  • Management Plugin HTTPS related improvements in rabbitmqadmin.
  • Management Plugin Policies now can be listed (read) by the users tagged with management and monitoring. As well as those tagged with policymaker and administrator, of course.
  • Management Plugin Effective rates mode is now displayed for cluster nodes by default.
  • Management Plugin. New API endpoint for reporting ETS tables memory consumption (absolute and relative).
  • Management Plugin. Node information page now includes GC and context switching stats.
  • Management Plugin. Connection, channel, and queue information pages now include several runtime metrics.
  • Management Plugin. Node metrics now include information about how long it takes to obtain a file handle.
  • Management Plugin. Partial HTTPS support in rabbitmqadmin on Python versions older than 2.7.9.
  • Federation Management Plugin. Federation link form now includes more settings (that are exchange- and queue-federation specific).
  • STOMP plugin. Queue names now can be set explicitly using the x-queue-name header, for all destination types.
  • STOMP plugin. Control over queue properties.
  • STOMP plugin. Socket-based authentication plugins now can work with plugins such as MQTT and STOMP (those using direct Erlang client).
  • STOMP Plugin. Connections now emit stats unconditionally when they are blocked and unblocked by resource alarms. This makes management UI and HTTP API-reported data to be more up-to-date.
  • STOMP Plugin. More connection details for STOMP connections reported to management UI.
  • Web-STOMP plugin. Raw WebSocket endpoint.
  • Web-STOMP plugin. Support for binary data streams.
  • Web-STOMP plugin. STOMP heartbeat support.
  • Web-STOMP plugin. Heartbeats are disabled for SockJS.
  • Web-STOMP plugin. CORS headers support.
  • Web-STOMP plugin. Cowboy configuration. Key settings of Cowboy, the HTTP/WebSocket server powering the plugin, now can be fine tuned via this plugin.
  • Web-STOMP plugin. Cowboy is upgraded to 1.0.3.
  • Web-STOMP plugin. SockJS is upgraded to 1.0.3.
  • Web-STOMP plugin. Queue parameters now can be configured via headers (just like in the regular STOMP plugin).
  • Web-STOMP plugin. Address Web STOMP listener binds to now can be configured. Previously only port was configurable.
  • Web-STOMP Plugin. More connection details for STOMP-over-WebSockets connections reported to management UI.
  • Web-STOMP Plugin. The plugin now sends a protocol header (Sec-WebSocket-Protocol) response when client presents it.
  • MQTT plugin. Default subscription TTL is now 24 hours instead of 30 minutes. If you don’t override this value, this is a breaking change that may require deletion of the queues that back existing durable (QoS 1) subscriptions. New subscribers won’t be affected.
  • MQTT plugin. Pluggable retained message stores. Since MQTT 3.1.1 spec doesn’t dictate any consistency or availability from the store in clustered environments, we only provide an in-memory implementation suitable for development environments with a single node. For production environments, plugins that provide stores with specific consistency guarantees are expected to be developed.
  • MQTT plugin. Socket-based authentication plugins now can work with plugins such as MQTT and STOMP (those using direct Erlang client).
  • MQTT Plugin Connections now emit stats unconditionally when they are blocked and unblocked by resource alarms. This makes management UI and HTTP API-reported data to be more up-to-date.
  • MQTT Plugin More connection details for MQTT connections reported to management UI.
  • Web MQTT Plugin. More connection details for MQTT-over-WebSockets connections reported to management UI.
  • Web MQTT Plugin. Plugin deactivation now correctly stops TCP listener.
  • LDAP plugin. LDAP server connections are now pooled. This significantly reduces the load on LDAP servers.
  • LDAP Plugin. Virtual host is now available as a variable in tag_queries.
  • LDAP Plugin. Default LDAP connection pool size was increased from 10 to 64.
  • LDAP Plugin. Nested groups are now supported with a separate query type.
  • Sharding plugin. Routing key policy is now optional.
  • Delayed Message Exchange Initial public release.
  • Delayed Message Exchange Efficiency improvements when publications and delayed delivery happen concurrently.
  • HTTP Authentication/Authorisation Backend The plugin now uses HTTP 1.1 and keep-alive connections for requests.
  • HTTP Authentication/Authorisation Backend It is now possible to configure the plugin to use POST requests instead of GET, so that no sensitive information is logged.
  • HTTP Authentication/Authorisation Backend The plugin now supports HTTP client TLS options, so authenticating apps can use HTTPS.
  • HTTP Authentication/Authorisation Backend Vhost access requests now include client IP address.
  • Event Exchange plugin. Policy events now include a vhost field.
  • Event Exchange plugin. Binding events now include a vhost field.
  • Event Exchange plugin. Millisecond resolution timestamp of events is now back as a message header.
  • Event Exchange plugin. user.authentication.success no longer has the vhost field since vhost is only available at a later point. connection.created events should be used to track successful connections if vhost information is desired.
  • Trust Store Plugin. Certificate verification now can validate only leaf certificates. This is more convenient in some cases. It will be one of the opt-in modes in future versions.
  • Trust Store Plugin. The plugin now logs when a certificate is added (loaded) or removed (unloaded).
  • Trust Store Plugin. The plugin now provides a function for listing trust store certificates via rabbitmqctl eval: rabbitmqctl eval 'io:format(rabbit_trust_store:list()).'

What’s New in JMS Client for Pivotal RabbitMQ 1.4.4

JMS Client for Pivotal RabbitMQ 1.4.4 is upgraded to work with RabbitMQ 3.6.5 client and broker and is a compatibility release only. There are no new features in this release and no bug fixes. The server and plugin in Pivotal RabbitMQ 3.6.5 will interoperate with previously released versions of the client from RJMS 1.2.0 to RJMS 1.4.1.

Resolved Issues in Pivotal RabbitMQ 3.6.5

Resolved Issues in RabbitMQ 3.6.5

Note: Pivotal RabbitMQ, a commercial product, is based on open source RabbitMQ. Pivotal RabbitMQ 3.6.x releases are based on the prior open source release 3.6.x and incorporate all fixes that were added to open source RabbitMQ 3.6.x. The following section highlights some of those fixes.

See https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv35_7, https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_0, https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_1, https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_2, https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_3, https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_4, and https://github.com/rabbitmq/rabbitmq-server/releases/tag/rabbitmqv36_5 for the complete open source RabbitMQ 3.5.7 and 3.6.x release notes.

  • server. Fix a race condition that could prevent nodes from stopping.
  • server. file_handle_cache:clear_read_cache/0 no longer silently fails.
  • server. Default RABBITMQ_PLUGINS_DIR value on Windows should be calculated as relative to RabbitMQ server installation directory, not RABBITMQ_BASE. If you override RABBITMQ_BASE, you may need to copy plugins from %RABBITMQ_BASE%\plugins to the plugins directory under RabbitMQ installation.
  • server. When rabbitmq-server failed to start due to an unreadable config file, exit code was 0.
  • server. Overriding RABBITMQ_LOGS and RABBITMQ_SASL_LOGS on Windows prevented node from starting.
  • server. Some startup code bits assumed IPv4 is enabled in the environment.
  • server. More robust disk monitor, fewer errors logged.
  • server. rabbitmqctl forget_cluster_node no longer attempts to impersonate live (reachable) nodes.
  • server. rabbitmq-plugins was using an incorrect env variable.
  • server. Cluster-wide alarm state is not updated when alarmed node goes down.
  • server. Blocked connections could be unblocked too early. When multiple resource alarms were in effect, clearing just one of them would unblock all publishers prematurely.
  • server. Blocked connections that are closed by clients are now expired and cleaned up by the heartbeat mechanism.
  • server. If RABBITMQ_MNESIA_DIR was set to a value with a trailing slash, it could prevent automatic clustering (and other operations that assume pristine node state) from starting.
  • server. Standard output and error redirection in package scripts not respects RABBITMQ_LOG_BASE.
  • server. Properly seed pseudo-random number generator when picking client port.
  • server. RABBITMQ_ALLOW_INPUT was ignored on Windows.
  • server. Purging a lazy queue could result in an exception.
  • server. Ensure epmd is running before starting RabbitMQ node on Windows.
  • server. Channel error could make broker unreachable. Those errors were misleadingly logged as channel_termination_timeout, which the issue really was with unhandled messages from concurrently closed TCP socket process.
  • server. (Automatic) deletion of an auto-delete queue could lead to blocked channels.
  • server. During (from scratch) queue sync, queue master node didn’t respect mirror alarm state. With large data sets this could drive mirror node out of memory.
  • server. Changing password for users with non-standard (think broker configuration) password hashing function, for example, those migrated from 3.5.x releases, didn’t update effective hashing function.
  • server. Heavy and/or prolonged rabbitmqctl use could exhaust Erlang VM atom table.
  • server. “Min masters” queue master location strategy could result in an error.
  • server. Fixed a race condition in pause_minority handling mode.
  • server. Significantly reduce possibility of a race condition when an exchange is deleted and immediately re-declared, e.g. by a federation link. This could result in a link operation being blocked, preventing nodes from stopping.
  • server. amq.rabbitmq.log messages now have information about originating node in message headers.
  • server. scripts/rabbitmq-env now works with GNU sed 4.2.2.
  • server. Exceptions in VM memory use calculator no longer affect broker startup.
  • server. Direct Reply-to capability is now advertised to clients.
  • server. Channel operations that time out no longer produce noisy crash reports in RabbitMQ log files.
  • server. Channel operation timeout default is bumped to 15 seconds.
  • server. Windows service will pick up RabbitMQ config file regardless of whether it was present during service installation.
  • server. Erlang distribution failures for rabbitmqctl and cross-node links will provide more detail when running on Erlang 19 (scheduled for release in Q3 2016).
  • server. rabbitmqctl list_consumers now lists all consumers on a given queue. Previously it would only list one.
  • server. rabbitmqctl list_queues now correctly outputs rows for unavailable queues.
  • server. rabbitmqctl set_disk_free_limit mem_relative erroneously rejected values greater than 1.0.
  • server. Messages with an invalid client-provided x-death header value caused queue process termination.
  • server. Messages with priorities higher than queue max are now assigned max configured priority and no longer cause an unhandled exception that results in queue process restart.
  • server. Policy-related rabbitmqctl commands could return unformatted messages.
  • server. RABBITMQ_IO_THREAD_POOL_SIZE is no longer ignored by rabbitmq-server.bat.
  • server. Deleting a vhost in parallel with updating a policy in it resulted in unhandled exceptions.
  • server. (Newly elected) queue master process could terminate immediately after promotion.
  • server. Priority queue mirror could fail to synchronize after restart.
  • server. Shutdown timeouts for worker processes are now much more reasonable. Earlier the timeouts were virtually infinite which could lead to a deadlock during node shutdown.
  • server. Purging of a durable queue could result in undelivered publisher confirms.
  • server. Old incarnations of queue mirrors are now ensured to be stopped before new ones are started.
  • server. Nodes on Windows will successfully start if Erlang is installed in a directory with spaces in the path.
  • server. Node health check is now node-local, as it was meant to be.
  • server. Queue deletion and termination will no longer leave “tomb stone” messages in message store files. This eliminates the confusing behavior when a node or cluster having no messages enqueued could have many thousands of such “marker” messages in the message store.
  • server. rabbitmqctl cluster_status will now output an accurate error message if invoked shortly after a node was removed from the cluster and the node cannot be contacted.
  • server. Loading JSON definitions that included queue master locator policies could prevent node from starting.
  • Java client. AutorecoveringChannel#basicCancel could throw a NullPointerException.
  • Java client. Binding recovery could fail.
  • Java client. Channel.queueDelete could throw a NullPointerException.
  • .NET client. IConnection.Dispose could throw an exception.
  • .NET client. Autorecovering connections now use full list of provided hostnames during recovery
  • .NET client. Setting user-provided connection name didn’t have an effect.
  • .NET client. IConnection#CreateModel could throw a NullPointerException due to a race condition.
  • .NET client. Connections with automatic recovery enabled ignored ports from the hostname list.
  • .NET client. Fixes an underflow in delivery tag handling after connection recovery.
  • Erlang client. password and depth query parameters are now propagated to TLS options.
  • Erlang client. The client now compiles on Erlang/OTP 19.0.
  • Management Plugin. Management plugin could prevent a node from starting when it recovers after a network split.
  • Management Plugin. Sorting arrow direction in the UI is now more conventional. Contributed by Philippe Serhal.
  • Management Plugin. 401 responses correctly set content type to application/json.
  • Management Plugin. Consumer utilisation is correctly reported as a number instead of "" when it equals 0.
  • Management Plugin. rabbitmqadmin misinterpreted boolean settings in config as strings.
  • Management Plugin. Connection and channel filtering should respect active vhost.
  • Management Plugin. GET requests to /api/queues/{vhost}/{name}/get now accept/provide application/json.
  • Management Plugin. Internet Explorer (9+) compatibility restored.
  • Management Plugin. Internet Explorer 11 compatibility fixes.
  • Management Plugin. When policy fails to be created with invalid paramaters a sensible error message will be displayed.
  • Management Plugin. Samples (stats) for abnormally terminated connections and channels will now be cleaned up more aggressively.
  • Management Plugin Cluster name could be returned by HTTP API as a non-string value.
  • Management Plugin Improved IE 11 compatibility.
  • Management Plugin. A channel statistics-related memory leak fixed.
  • Management Plugin. Stats collectors event queue is now bounded (again).
  • Management Plugin. Stats table name was logged as a tuple.
  • Management Plugin. HTTP API is now compatible with Erlang 19.0.
  • Management Plugin. Temporary tables are no longer named using atoms, preventing a potential exhaustion of the runtime atom table.
  • Management Plugin. Cluster links and traffic charts are correctly displayed again.
  • Management Plugin. Runtime metric charts now have a description pop-up associated with them.
  • Management Plugin. Rate stats returned by GET /api/overview were always 0.0.
  • Management Plugin**. Some message rates chart colors were ambiguous.
  • Federation plugin. Significantly reduce possibility of a race condition when an exchange is deleted and immediately re-declared, e.g. by a federation link. This rendered federation links dysfunctional.
  • STOMP plugin. durable and persistent headers weren’t always used interchangeably, leading to non-durable subscriptions.
  • STOMP plugin. Client heartbeat timeouts resulted in confusing error messages in broker log.
  • STOMP Plugin. Resource alarms are handled correctly by STOMP connections.
  • Web-STOMP plugin. Cowboy options are now supported for TLS listeners.
  • MQTT plugin. Auto-deletion of queues that back QoS 1 subscriptions is again controlled by the clean session flag.
  • MQTT Plugin Resource alarms are handled correctly by MQTT connections.
  • MQTT Plugin Session [pre-existing] presence is now correctly communicated to clients.
  • LDAP Plugin. Query failures (e.g. noSuchObject responses) from LDAP servers are now correctly treated as false in or and and queries instead of erroring.
  • Event Exchange plugin. Event timestamps are now in seconds, not milliseconds. Per AMQP 0-9-1 spec. This is not a particularly great choice for events, so we will add an optional header with millisecond precision in a future release.
  • JSON RPC plugin. Note: this plugin is deprecated and its use is highly discouraged.
  • Trust Store Plugin. Invalid/unparseable certificates no longer prevent other certificates from (re)loading.
  • AMQP 1.0 Plugin. When an AMQP 1.0 specified its own list of source outcomes in a link attachment, it caused a crash of its session on the server. Now a protocol error is raised if the list contains invalid outcomes.

Security Fixes in RabbitMQ 3.6.5

  • Management Plugin. CVE-2015-8786: user-provided query parameters lengths_age and lengths_incr had no validation and could be used to exhaust server resources. The attacker needs to have access to HTTP API (authenticate successfully and have sufficient tags to pass authorisation) in order to carry out the attack. There is no workaround for earlier releases.

Resolved Issues in JMS Client for Pivotal RabbitMQ 1.4.4

JMS Client for Pivotal RabbitMQ 1.4.4 is a compatibility release only. There are no issues resolved.