RabbitMQ 3.7.18

RabbitMQ 3.7.18

RabbitMQ 3.7.18 is a maintenance release that includes a fix to CVE-2019-11281.
Kudos to Markus @RareData Alvila for responsibly disclosing the vulnerability.

The release also contains bug fixes and internal
API changes that refine the common plugin API with the upcoming 3.8.0 version.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

This release introduces credential obfuscation for Shovel connections and Federation links. This requires
one more application (library) from Erlang/OTP, tools. Operators must make sure that the Erlang runtime
provides it. On Debian-based systems, the package erlang-tools must be installed.

This release contains a breaking change to the plugin API around queue state access introduced in 3.7.17.
Plugins that do not use that API revision are not affected. All plugins that ship with RabbitMQ have been updated
as necessary.

This revision was necessary to maintain a single API with the upcoming 3.8.0 release.

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• New style config file parser is now more forgiving, handles trailing whitespace and empty lines
  better.

  GitHub issue: rabbitmq/rabbitmq-server#2073

• gen_server2 now includes two new functions, stop/1 and stop/3, which gen_server in OTP
  introduced a couple of releases ago.

  Contributed by @codeadict.

  GitHub issue: rabbitmq/rabbitmq-common#335

Bug Fixes

• Log rotation is functional again on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2059

• White space characters in RABBITMQ_BASE and other configurable paths are now handled better on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2025

• Eliminate a "deprecated Ranch options" log warning.

  GitHub issue: rabbitmq/rabbitmq-server#2069

Management Plugin

Enhancements

• Two more TLS listener options are now available via new style configuration file:
  management.ssl.verify and management.ssl.fail_if_no_peer_cert.

  GitHub issue: rabbitmq/rabbitmq-management#735

Bug Fixes

• HTTP API documentation correction.

  GitHub issue: rabbitmq/rabbitmq-management#737

AMQP 1.0 Plugin

Bug Fixes

• Connections that fail due to insufficient client permissions (authorisation failures) are now handled
  gracefully with reasonable log messages.

  GitHub issue: rabbitmq/rabbitmq-amqp1.0#92

Shovel Plugin

Bug Fixes

• Sensitive values in Shovel connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Federation Plugin

Bug Fixes

• Sensitive values in Federation link state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

RabbitMQ Erlang Client

Bug Fixes

• Sensitive values in connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Web STOMP Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-stomp-examples#18

Web MQTT Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-mqtt-examples#2

RabbitMQ 3.7.18-rc.1

RabbitMQ 3.7.18-rc.1

RabbitMQ 3.7.18-rc.1 is a preview of a maintenance release. It focuses on bug fixes and internal
API changes that refine the common plugin API with the upcoming 3.8.0 version.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

This release contains a breaking change to the plugin API around queue state access introduced in 3.7.17.
Plugins that do not use that API revision are not affected. All plugins that ship with RabbitMQ have been updated
as necessary.

This revision was necessary to maintain a single API with the upcoming 3.8.0 release.

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• New style config file parser is now more forgiving, handles trailing whitespace and empty lines
  better.

  GitHub issue: rabbitmq/rabbitmq-server#2073

• gen_server2 now includes two new functions, stop/1 and stop/3, which gen_server in OTP
  introduced a couple of releases ago.

  Contributed by @codeadict.

  GitHub issue: rabbitmq/rabbitmq-common#335

Bug Fixes

• Log rotation is functional again on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2059

• White space characters in RABBITMQ_BASE and other configurable paths are now handled better on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2025

• Eliminate a "deprecated Ranch options" log warning.

  GitHub issue: rabbitmq/rabbitmq-server#2069

AMQP 1.0 Plugin

Bug Fixes

• Connections that fail due to insufficient client permissions (authorisation failures) are now handled
  gracefully with reasonable log messages.

  GitHub issue: rabbitmq/rabbitmq-amqp1.0#92

Shovel Plugin

Bug Fixes

• Sensitive values in Shovel connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Federation Plugin

Bug Fixes

• Sensitive values in Federation link state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

RabbitMQ Erlang Client

Bug Fixes

• Sensitive values in connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Web STOMP Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-stomp-examples#18

Web MQTT Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-mqtt-examples#2

RabbitMQ 3.8.0-rc.1

RabbitMQ 3.8.0-rc.1

RabbitMQ 3.8.0-rc.1 is a preview of a feature release. It contains several major improvements in areas of
data safety, replication, observability, and ease of upgrades. Some highlight features are

• Quorum Queues
• Built-in Prometheus support with a set of Grafana dashboards to complement it
• Feature Flags
• Single Active Consumer
• New authentication and authorisation backend that uses OAuth 2.0 (JWT) tokens and scopes

For an overview of new features in webinary form, take a look at What's New in RabbitMQ 3.8.

Several features in this release are backed by a new Raft implementation for Erlang and Elixir,
Ra.

Erlang/OTP Compatibility Notes

This release requires Erlang 21.3 or later.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Rolling Upgrades to 3.8

RabbitMQ 3.8.0 nodes can run alongside 3.7.17 or later 3.7.x nodes.
No 3.8.0-specific features would be available in a mixed version cluster. Mixed versions are meant
to simplify rolling upgrades and not meant to be running for long periods of time.

See the Upgrading guide for documentation on upgrades.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See the Upgrading guide for documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Client Library Compatibility

Client libraries that were compatible with RabbitMQ 3.7.x will be compatible with 3.8.0.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• Quorum Queues built on top of the Raft consensus algorithm for data safety,
  more predictable failure recovery, more efficient synchronisation of new and recovered followers, and parallel replication.

• Feature Flags allow for mixed-version clusters and safer rolling upgrades.

• Single Active Consumer makes it possible
  to run a set of consumers for redundancy while ensuring that only one consumer is getting deliveries.

• New metric: dropped unroutable messages. Spotting faulty publishers and routing topology issues is now easier.

  GitHub issue: rabbitmq/rabbitmq-server#1904

• New metrics: connection and channel churn.

  GitHub issue: rabbitmq/rabbitmq-server#1723

• Quorum queues support redelivery tracking, which can be used by consumers to protect themselves from
  poison message redeliveries.

  GitHub issue: rabbitmq/rabbitmq-server#502

• New queue overflow behaviour: reject-publish-dlx. It is identical to reject-publish
  but also dead letters rejected messages.

  GitHub issue: rabbitmq/rabbitmq-server#1443

• Default bindings are now explicit instead of being rows in the internal data store. That means
  that high queue churn results in significantly less binding churn, reducing lock contention on
  schema database tables, and peak schema operation latencies with it.

  GitHub issue: rabbitmq/rabbitmq-server#1721

Internal API Changes

• amqqueue is a new public API module
  that should be used to access queue state instead of using queue state records directly. This allows the record
  to evolve a lot more rapidly with fewer or no code changes in the plugins that access queue state.

• authn and authz functions now have access to additional (e.g. protocol-specific) context information.

  GitHub issue: rabbitmq/rabbitmq-server#1767

• Backing queue interface now exposes a function for message deduplication. Plugins now can track duplicate messages
  in a way that makes it possible to negatively confirm duplicates back to the publisher.

  Contributed by Matteo Cafasso.

  GitHub issue: rabbitmq/rabbitmq-server#1774.

Usability

• New style configuration format is now more forgiving: it will ignore lines that only contain
  whitespace and tab characters, as well as leading and trailing whitespace.

  GitHub issue: rabbitmq/rabbitmq-server#2072

• Maximum message size is now configurable. The default was reduced to 128 MiB.e

  GitHub issue: rabbitmq/rabbitmq-server#1812

Bug Fixes

Most bug fixes in this release previously shipped in 3.7.x release series.
The list below contains community contributions and most important issues that were not backported to 3.7.x
prior to the 3.8.0-rc.1 release.

• Queue index consistency and safety improvements.

  Contributed by @tomyouyou.

  GitHub issues: rabbitmq/rabbitmq-server#2092, rabbitmq/rabbitmq-server#2096, rabbitmq/rabbitmq-server#2100.

CLI Tools

Enhancements

• More user-friendly rabbitmq-diagnostics status output.

  GitHub issue: rabbitmq/rabbitmq-cli#340

• New help command.

  GitHub issue: rabbitmq/rabbitmq-cli#316

• A new set of fine-grained health check commands.

  GitHub issue: rabbitmq/rabbitmq-cli#292

• New tool, rabbitmq-queues, with commands that display Raft state metrics and manage nodes that
  host quorum queue replicas.

  GitHub issues: rabbitmq/rabbitmq-cli#287, rabbitmq/rabbitmq-cli#286

• Feature flag status reporting.

  GitHub issue: rabbitmq/rabbitmq-cli#346

Usability

• rabbitmq-diagnostics cipher_suites now uses OpenSSL cipher suite format by default.

  GitHub issue: rabbitmq/rabbitmq-cli#267

Management Plugin

Enhancements

• Metric collection and visualisation in management UI now can be disabled in favor of built-in
  Prometheus support and Grafana dashboard from Team RabbitMQ.

  GitHub issue: rabbitmq/rabbitmq-management#707

• Feature flag management interface.

  rabbitmq/rabbitmq-management#648

• Quorum Queue support.

• Single Active Consumer support.

  GitHub issue: rabbitmq/rabbitmq-management#650

• Support for more TLS options.

  GitHub issue: rabbitmq/rabbitmq-management#644

• OAuth 2.0 Single Sign On support for UAA

  GitHub issue: rabbitmq/rabbitmq-management#722

• Username and password-based Basic HTTP Auth authentication for API operations now can be disabled
  in favor of OAuth 2.0 Single Sign On via UAA.

  GitHub issue: rabbitmq/rabbitmq-management#724

Shovel Plugin

Bug Fixes

Most bug fixes in this release previously shipped in 3.7.x release series.
The list below contains most prominent fixes.

• Sensitive values in Shovel connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: [rabbitmq-erlang-client#123](https://github.com/rab...

RabbitMQ 3.7.18-beta.1

RabbitMQ 3.7.18-beta.1

RabbitMQ 3.7.18-beta.1 is a preview of a maintenance release. It focuses on bug fixes and internal
API changes that refine the common plugin API with the upcoming 3.8.0 version.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

This release contains a breaking change to the plugin API around queue state access introduced in 3.7.17.
Plugins that do not use that API revision are not affected. All plugins that ship with RabbitMQ have been updated
as necessary.

This revision was necessary to maintain a single API with the upcoming 3.8.0 release.

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• New style config file parser is now more forgiving, handles trailing whitespace and empty lines
  better.

  GitHub issue: rabbitmq/rabbitmq-server#2073

• gen_server2 now includes two new functions, stop/1 and stop/3, which gen_server in OTP
  introduced a couple of releases ago.

  Contributed by @codeadict.

  GitHub issue: rabbitmq/rabbitmq-common#335

Bug Fixes

• Log rotation is functional again on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2059

• White space characters in RABBITMQ_BASE and other configurable paths are now handled better on Windows.

  GitHub issue: rabbitmq/rabbitmq-server#2025

• Eliminate a "deprecated Ranch options" log warning.

  GitHub issue: rabbitmq/rabbitmq-server#2069

AMQP 1.0 Plugin

Bug Fixes

• Connections that fail due to insufficient client permissions (authorisation failures) are now handled
  gracefully with reasonable log messages.

  GitHub issue: rabbitmq/rabbitmq-amqp1.0#92

Shovel Plugin

Bug Fixes

• Sensitive values in Shovel connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Federation Plugin

Bug Fixes

• Sensitive values in Federation link state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

RabbitMQ Erlang Client

Bug Fixes

• Sensitive values in connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Web STOMP Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-stomp-examples#18

Web MQTT Examples Plugin

Bug Fixes

• jQuery was upgraded to 3.4.x.

  GitHub issue: rabbitmq/rabbitmq-web-mqtt-examples#2

RabbitMQ 3.8.0-beta.7

RabbitMQ 3.8.0-beta.7

RabbitMQ 3.8.0-beta.7 is a preview of a feature release. It contains several major improvements in areas of
data safety, replication, observability, and ease of upgrades. Some highlight features are

• Quorum Queues
• Built-in Prometheus support with a set of Grafana
• Feature Flags
• Single Active Consumer
• New authentication and authorisation backend that uses OAuth 2.0 (JWT) tokens and scopes

For an overview of new features in webinary form, take a look at What's New in RabbitMQ 3.8.

Several features in this release are backed by a new Raft implementation for Erlang and Elixir,
Ra.

Erlang/OTP Compatibility Notes

This release requires Erlang 21.3 or later.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Rolling Upgrades to 3.8

RabbitMQ 3.8.0 nodes can run alongside 3.7.17 or later 3.7.x nodes.
No 3.8.0-specific features would be available in a mixed version cluster. Mixed versions are meant
to simplify rolling upgrades and not meant to be running for long periods of time.

See the Upgrading guide for documentation on upgrades.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See the Upgrading guide for documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Client Library Compatibility

Client libraries that were compatible with RabbitMQ 3.7.x will be compatible with 3.8.0.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• Quorum Queues built on top of the Raft consensus algorithm for data safety,
  more predictable failure recovery, more efficient synchronisation of new and recovered followers, and parallel replication.

• Feature Flags allow for mixed-version clusters and safer rolling upgrades.

• Single Active Consumer makes it possible
  to run a set of consumers for redundancy while ensuring that only one consumer is getting deliveries.

• New metric: dropped unroutable messages. Spotting faulty publishers and routing topology issues is now easier.

  GitHub issue: rabbitmq/rabbitmq-server#1904

• New metrics: connection and channel churn.

  GitHub issue: rabbitmq/rabbitmq-server#1723

• Quorum queues support redelivery tracking, which can be used by consumers to protect themselves from
  poison message redeliveries.

  GitHub issue: rabbitmq/rabbitmq-server#502

• New queue overflow behaviour: reject-publish-dlx. It is identical to reject-publish
  but also dead letters rejected messages.

  GitHub issue: rabbitmq/rabbitmq-server#1443

• Default bindings are now explicit instead of being rows in the internal data store. That means
  that high queue churn results in significantly less binding churn, reducing lock contention on
  schema database tables, and peak schema operation latencies with it.

  GitHub issue: rabbitmq/rabbitmq-server#1721

Internal API Changes

• amqqueue is a new public API module
  that should be used to access queue state instead of using queue state records directly. This allows the record
  to evolve a lot more rapidly with fewer or no code changes in the plugins that access queue state.

• authn and authz functions now have access to additional (e.g. protocol-specific) context information.

  GitHub issue: rabbitmq/rabbitmq-server#1767

• Backing queue interface now exposes a function for message deduplication. Plugins now can track duplicate messages
  in a way that makes it possible to negatively confirm duplicates back to the publisher.

  Contributed by Matteo Cafasso.

  GitHub issue: rabbitmq/rabbitmq-server#1774.

Usability

• New style configuration format is now more forgiving: it will ignore lines that only contain
  whitespace and tab characters, as well as leading and trailing whitespace.

  GitHub issue: rabbitmq/rabbitmq-server#2072

• Maximum message size is now configurable. The default was reduced to 128 MiB.e

  GitHub issue: rabbitmq/rabbitmq-server#1812

CLI Tools

Enhancements

• More user-friendly rabbitmq-diagnostics status output.

  GitHub issue: rabbitmq/rabbitmq-cli#340

• New help command.

  GitHub issue: rabbitmq/rabbitmq-cli#316

• A new set of fine-grained health check commands.

  GitHub issue: rabbitmq/rabbitmq-cli#292

• New tool, rabbitmq-queues, with commands that display Raft state metrics and manage nodes that
  host quorum queue replicas.

  GitHub issues: rabbitmq/rabbitmq-cli#287, rabbitmq/rabbitmq-cli#286

• Feature flag status reporting.

  GitHub issue: rabbitmq/rabbitmq-cli#346

Usability

• rabbitmq-diagnostics cipher_suites now uses OpenSSL cipher suite format by default.

  GitHub issue: rabbitmq/rabbitmq-cli#267

Management Plugin

Enhancements

• Metric collection and visualisation in management UI now can be disabled in favor of built-in
  Prometheus support and Grafana dashboard from Team RabbitMQ.

  GitHub issue: rabbitmq/rabbitmq-management#707

• Feature flag management interface.

  rabbitmq/rabbitmq-management#648

• Quorum Queue support.

• Single Active Consumer support.

  GitHub issue: rabbitmq/rabbitmq-management#650

• Support for more TLS options.

  GitHub issue: rabbitmq/rabbitmq-management#644

• OAuth 2.0 Single Sign On support for UAA

  GitHub issue: rabbitmq/rabbitmq-management#722

• Username and password-based Basic HTTP Auth authentication for API operations now can be disabled
  in favor of OAuth 2.0 Single Sign On via UAA.

  GitHub issue: rabbitmq/rabbitmq-management#724

Shovel Plugin

Bug Fixes

• Sensitive values in Shovel connection state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

Federation Plugin

Bug Fixes

• Sensitive values in federation link state (namely, the connection credentials) are now stored in
  encrypted form. This avoids unintentional credential logging by the runtime (exception logger)
  at the cost of making troubleshooting authentication failures harder.

  GitHub issue: rabbitmq-erlang-client#123

JWT and OAuth 2.0 Plugin

Initial release.

GitHub repository: rabbitmq/rabbitmq-auth-backend-oauth2

MQTT Plugin

Enhancements

• Client ID tracking is now cluster-wide (state is replicated across all nodes). A majority of nodes is required
  for client connections to be accepted. This is a consequence of the neew consistency-oriented design.

  GitHub iss...

RabbitMQ 3.8.0-beta.6

v3.8.0-beta.6

Release 3.8.0-beta.6

RabbitMQ 3.7.17

RabbitMQ 3.7.17

RabbitMQ 3.7.17 is a maintenance release. It focuses on bug fixes and upgrades
a JavaScript dependency in the management UI to patch three CVEs in that library.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• amqqueue module and the feature flag subsystem were backported from 3.8. This makes it possible
  for plugin developers to target both 3.7.x and 3.8.x release series.

  Note that this only backports the API. There are no feature flags to enable in 3.7.17.
  No 3.8-specific features that must be enabled via feature flags were backported and there are no
  plans to do it in later 3.7.x releases.

  GitHub issue: rabbitmq/rabbitmq-server#2028

CLI Tools

Bug Fixes

• rabbitmqctl stop description had a typo.

  Contributed by Eugene Pirogov.

  GitHub issue: rabbitmq/rabbitmq-cli#363

Enhancements

• Commands that take passwords as arguments now accept them via standard input.

  GitHub issue: rabbitmq/rabbitmq-cli#365

• rabbitmq-diagnostics observer no longer requires RabbitMQ application to be running on
  the target node.

  GitHub issue: rabbitmq/rabbitmq-cli#368

Management Plugin

Bug Fixes

• jQuery has been upgraded to 3.4.x. This series addresses a number of known CVEs in the library: CVE-2015-9251, CVE-2017-16012, CVE-2019-11358.

  GitHub issue: rabbitmq/rabbitmq-management#714

• Blank effective policy definitions were formatted as a JSON array instead of an empty object in API responses.

  GitHub issue: rabbitmq/rabbitmq-management#701

Usability

• Definition import endpoint no longer reports progress via 102 Processing responses. They proved to be problematic
  for some HTTP clients, including rabbitmqadmin.

  GitHub issues: rabbitmq/rabbitmq-management#715, rabbitmq/rabbitmq-management#718

• Leading and trailing white space characters are now highlighted in queue and exchange names to make them easier to spot.
  Tab characters are highlighted as well, even in the middle of the word. The idea is that those characters are typically used by mistake and should be easier to notice.

  GitHub issue: rabbitmq/rabbitmq-management#721

• It wasn't possible to delete a binding declared with routing_key set to null (only possible via the HTTP API).
  Now such bindings can be deleted but this practice is highly discouraged. Future HTTP API versions might refuse to accept
  null values as they are impossible to declare via AMQP 0-9-1.

  GitHub issue: rabbitmq/rabbitmq-management#723

Shovel Management Plugin

Bug Fixes

• Shovel restart link conflicted with that in the Federation management plugin. When both were enabled, only one
  was actually functional.

  GitHub issue: rabbitmq/rabbitmq-shovel-management#35

• Shovel URI was misformatted for a period of time after UI refresh happened and before the Shovel was fully initialised and running.

  GitHub issue: rabbitmq/rabbitmq-shovel-management#37

Source code archives

Warning: The source code archive provided by GitHub only contains the source of the broker,
not the plugins or the client libraries. Please download the archive named rabbitmq-server-3.7.17.tar.xz.

RabbitMQ 3.7.17-rc.3

RabbitMQ 3.7.17-rc.3

RabbitMQ 3.7.17-rc.3 is a maintenance release candidate. It focuses on bug fixes and upgrades
a JavaScript dependency in the management UI to patch three CVEs in that library.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• amqqueue module and the feature flag subsystem were backported from 3.8. This makes it possible
  for plugin developers to target both 3.7.x and 3.8.x release series.

  Note that this only backports the API. There are no feature flags to enable in 3.7.17.
  No 3.8-specific features that must be enabled via feature flags were backported and there are no
  plans to do it in later 3.7.x releases.

  GitHub issue: rabbitmq/rabbitmq-server#2028

CLI Tools

Bug Fixes

• rabbitmqctl stop description had a typo.

  Contributed by Eugene Pirogov.

  GitHub issue: rabbitmq/rabbitmq-cli#363

Enhancements

• Commands that take passwords as arguments now accept them via standard input.

  GitHub issue: rabbitmq/rabbitmq-cli#365

• rabbitmq-diagnostics observer no longer requires RabbitMQ application to be running on
  the target node.

  GitHub issue: rabbitmq/rabbitmq-cli#368

Management Plugin

Bug Fixes

• jQuery has been upgraded to 3.4.x. This series addresses a number of known CVEs in the library: CVE-2015-9251, CVE-2017-16012, CVE-2019-11358.

  GitHub issue: rabbitmq/rabbitmq-management#714

• Blank effective policy definitions were formatted as a JSON array instead of an empty object in API responses.

  GitHub issue: rabbitmq/rabbitmq-management#701

Usability

• Definition import endpoint no longer reports progress via 102 Processing responses. They proved to be problematic
  for some HTTP clients, including rabbitmqadmin.

  GitHub issues: rabbitmq/rabbitmq-management#715, rabbitmq/rabbitmq-management#718

• Leading and trailing white space characters are now highlighted in queue and exchange names to make them easier to spot.
  Tab characters are highlighted as well, even in the middle of the word. The idea is that those characters are typically used by mistake and should be easier to notice.

  GitHub issue: rabbitmq/rabbitmq-management#721

Shovel Management Plugin

Bug Fixes

• Shovel restart link conflicted with that in the Federation management plugin. When both were enabled, only one
  was actually functional.

  GitHub issue: rabbitmq/rabbitmq-shovel-management#35

• Shovel URI was misformatted for a period of time after UI refresh happened and before the Shovel was fully initialised and running.

  GitHub issue: rabbitmq/rabbitmq-shovel-management#37

Source code archives

Warning: The source code archive provided by GitHub only contains the source of the broker,
not the plugins or the client libraries. Please download the archive named rabbitmq-server-3.7.17.tar.xz.

RabbitMQ 3.7.17-rc.2

RabbitMQ 3.7.17-rc.2

RabbitMQ 3.7.17-rc.2 is a maintenance release candidate. It focuses on bug fixes and upgrades
a JavaScript dependency in the management UI to patch three CVEs in that library.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• amqqueue module and the feature flag subsystem were backported from 3.8. This makes it possible
  for plugin developers to target both 3.7.x and 3.8.x release series.

  Note that this only backports the API. There are no feature flags to enable in 3.7.17.
  No 3.8-specific features that must be enabled via feature flags were backported and there are no
  plans to do it in later 3.7.x releases.

  GitHub issue: rabbitmq/rabbitmq-server#2028

CLI Tools

Bug Fixes

• rabbitmqctl stop description had a typo.

  Contributed by Eugene Pirogov.

  GitHub issue: rabbitmq/rabbitmq-cli#363

Enhancements

• Commands that take passwords as arguments now accept them via standard input.

  GitHub issue: rabbitmq/rabbitmq-cli#365

• rabbitmq-diagnostics observer no longer requires RabbitMQ application to be running on
  the target node.

  GitHub issue: rabbitmq/rabbitmq-cli#368

Management Plugin

Bug Fixes

• jQuery has been upgraded to 3.4.x. This series addresses a number of known CVEs in the library: CVE-2015-9251, CVE-2017-16012, CVE-2019-11358.

  GitHub issue: rabbitmq/rabbitmq-management#714

• Blank effective policy definitions were formatted as a JSON array instead of an empty object in API responses.

  GitHub issue: rabbitmq/rabbitmq-management#701

Usability

• Definition import endpoint no longer reports progress via 102 Processing responses. They proved to be problematic
  for some HTTP clients, including rabbitmqadmin.

  GitHub issues: rabbitmq/rabbitmq-management#715, rabbitmq/rabbitmq-management#718

• Leading and trailing white space characters are now highlighted in queue and exchange names to make them easier to spot.
  Tab characters are highlighted as well, even in the middle of the word. The idea is that those characters are typically used by mistake and should be easier to notice.

  GitHub issue: rabbitmq/rabbitmq-management#721

Source code archives

Warning: The source code archive provided by GitHub only contains the source of the broker,
not the plugins or the client libraries. Please download the archive named rabbitmq-server-3.7.17.tar.xz.

RabbitMQ 3.7.17-rc.1

RabbitMQ 3.7.17-rc.1

RabbitMQ 3.7.17-rc.1 is a maintenance release candidate. It focuses on bug fixes and upgrades
a JavaScript dependency in the management UI to patch three CVEs in that library.

Erlang/OTP Compatibility Notes

Per the new Erlang version support policy in effect starting with January 2019,
this release no longer supports Erlang/OTP 19.3.
Make sure a supported Erlang version is used before upgrading.

Provisioning Latest Erlang Releases explains
what package repositories and tools can be used to provision latest patch versions of Erlang 21.3.x and 22.x.

Compatibility Notes

Upgrading to Erlang 21.x or Later Versions

When upgrading to this release and upgrading Erlang to 21.x or later at the same time, extra care has to be taken.
Since CLI tools from RabbitMQ releases older than 3.7.7 will fail on Erlang 21 or later,
RabbitMQ must be upgraded before Erlang.

Upgrade Doc Guides and Change Log

See 3.7.0 release notes upgrade
and compatibility notes first if upgrading from an earlier release.

See the Upgrading guide for general documentation on upgrades
and RabbitMQ change log for release notes of other releases.

Getting Help

Any questions about this release, upgrades or RabbitMQ in general are welcome on the
RabbitMQ mailing list.

Changes

Core Server

Enhancements

• amqqueue module and the feature flag subsystem were backported from 3.8. This makes it possible
  for plugin developers to target both 3.7.x and 3.8.x release series.

  Note that this only backports the API. There are no feature flags to enable in 3.7.17.
  No 3.8-specific features that must be enabled via feature flags were backported and there are no
  plans to do it in later 3.7.x releases.

  GitHub issue: rabbitmq/rabbitmq-server#2028

CLI Tools

Bug Fixes

• rabbitmqctl stop description had a typo.

  Contributed by Eugene Pirogov.

  GitHub issue: rabbitmq/rabbitmq-cli#363

Enhancements

• Commands that take passwords as arguments now accept them via standard input.

  GitHub issue: rabbitmq/rabbitmq-cli#365

Management Plugin

Bug Fixes

• jQuery has been upgraded to 3.4.x. This series addresses a number of known CVEs in the library: CVE-2015-9251, CVE-2017-16012, CVE-2019-11358.

  GitHub issue: rabbitmq/rabbitmq-management#714

• Blank effective policy definitions were formatted as a JSON array instead of an empty object in API responses.

  GitHub issue: rabbitmq/rabbitmq-management#701

Usability

• Definition import endpoint no longer reports progress via 102 Processing responses. They proved to be problematic
  for some HTTP clients, including rabbitmqadmin.

  GitHub issues: rabbitmq/rabbitmq-management#715, rabbitmq/rabbitmq-management#718

Source code archives

Warning: The source code archive provided by GitHub only contains the source of the broker,
not the plugins or the client libraries. Please download the archive named rabbitmq-server-3.7.17.tar.xz.