1libnbd-release-notes-1.2(1)         LIBNBD         libnbd-release-notes-1.2(1)
2
3
4

NAME

6       libnbd-release-notes-1.2 - release notes for libnbd 1.2
7

DESCRIPTION

9       These are the release notes for libnbd stable release 1.2.  This
10       describes the major changes since 1.0.
11
12       libnbd 1.2.0 was released on 14th November 2019.
13
14   Security
15       Two security problems were found during development of libnbd 1.2.
16       Both were backported to the 1.0 stable branch.  Upgrading is highly
17       advisable.
18
19       CVE-2019-14842 protocol downgrade attack when using
20       "LIBNBD_TLS_REQUIRE"
21
22       See the full announcement and links to mitigation, tests and fixes
23       here:
24       https://www.redhat.com/archives/libguestfs/2019-September/msg00128.html
25
26       remote code execution vulnerability
27
28       See the full announcement here:
29       https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html
30
31   New APIs
32       nbd_can_fast_zero(3)
33           Test support by the server for fast zeroing (Eric Blake).
34
35       nbd_connect_socket(3)
36       nbd_aio_connect_socket(3)
37           Connect to a local connected socket which you create in your main
38           program using your own chosen method.
39
40       nbd_connect_systemd_socket_activation(3)
41       nbd_aio_connect_systemd_socket_activation(3)
42           Connect to local processes that support systemd socket activation.
43
44       nbd_connect_vsock(3)
45       nbd_aio_connect_vsock(3)
46           Used to connect to servers over "AF_VSOCK".
47
48       nbd_get_handshake_flags(3)
49       nbd_set_handshake_flags(3)
50       nbd_get_request_structured_replies(3)
51       nbd_set_request_structured_replies(3)
52       nbd_get_structured_replies_negotiated(3)
53           Can be used when testing NBD servers to avoid various NBD features
54           (Eric Blake).
55
56       nbd_get_protocol(3)
57           Get the NBD protocol variant that the server supports.
58
59       nbd_get_tls_negotiated(3)
60           Did we actually negotiate a TLS connection?
61
62       nbd_set_uri_allow_local_file(3)
63       nbd_set_uri_allow_tls(3)
64       nbd_set_uri_allow_transports(3)
65           These can be used to filter NBD URIs before calling
66           nbd_connect_uri(3).
67
68   New features
69       New tool nbdfuse(1) lets you create a loop-mounted file backed by an
70       NBD server without needing root.
71
72       "AF_VSOCK" is now a supported protocol (thanks Stefan Hajnoczi and
73       Stefano Garzarella).
74
75       Support for the "FAST_ZERO" flag (Eric Blake).
76
77       Allow disabling certain protocol features, to make it easier to test
78       servers (Eric Blake).
79
80       Stack-allocated Variable Length Arrays (VLAs) are now banned throughout
81       the library, making the library easier to consume from threads and
82       other small stack situations.
83
84       Reproducible builds (Chris Lamb).
85
86       Support for filtering potentially dangerous or undesirable NBD URI
87       features.
88
89   Documentation
90       Many improvements to the generated manual pages, including:
91
92       •   Separate "RETURN VALUE" and "ERRORS" sections for each API
93           function.
94
95       •   Example code.
96
97       •   Relevant links can be added to the "SEE ALSO" section.
98
99       •   Link to NBD URI specification where relevant, and improve
100           documentation around what URIs libnbd supports.
101
102       •   Document libnbd version number scheme.
103
104       •   Document limits on export name length, encoding etc.
105
106       New libnbd-security(3) man page listing past security issues and
107       remediations (Eric Blake).
108
109   Tools
110       nbdsh(1) has a new --base-allocation option which can be used to
111       request "base:allocation" metadata context.
112
113       New nbdsh(1) --uri (-u) option to connect to URIs.
114
115   Tests
116       You can now fuzz libnbd using either American Fuzzy Lop or clang’s
117       libFuzzer.
118
119       Add unit tests for nbdsh(1) (Eric Blake).
120
121       Improved interop testing with various NBD servers and features.
122
123   Other improvements and bug fixes
124       nbd_connect_tcp(3) now tries to return the correct errno(3) from the
125       underlying connect(2) call when that fails.
126
127       The nbd-protocol.h header file is now shared between libnbd and nbdkit.
128
129       Better fork-safety in "nbd_connect_*" APIs.
130
131       The code was analyzed with Coverity and various problems identified and
132       fixed.
133

SEE ALSO

135       libnbd(3).
136

AUTHORS

138       Eric Blake
139
140       Richard W.M. Jones
141

COPYRIGHT

143       Copyright (C) 2019 Red Hat Inc.
144

LICENSE

146       This library is free software; you can redistribute it and/or modify it
147       under the terms of the GNU Lesser General Public License as published
148       by the Free Software Foundation; either version 2 of the License, or
149       (at your option) any later version.
150
151       This library is distributed in the hope that it will be useful, but
152       WITHOUT ANY WARRANTY; without even the implied warranty of
153       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
154       Lesser General Public License for more details.
155
156       You should have received a copy of the GNU Lesser General Public
157       License along with this library; if not, write to the Free Software
158       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
159       02110-1301 USA
160
161
162
163libnbd-1.10.1                     2021-10-25       libnbd-release-notes-1.2(1)