​

StreamNative Weekly Release Notes v3.3.2.3

​

Download

​

Distributions

• https://github.com/streamnative/pulsar/releases/tag/v3.3.2.3

​

Packages

• Maven Central

​

Images

• sn-platform
• sn-platform-slim
• private-cloud

​

General Changes

​

Apache Pulsar

[fix][broker] Fix failed TokenAuthenticatedProducerConsumerTest [improve][offload] Use filesystemURI as the storage path [fix][misc] Unable to connect an etcd metastore with recent releases due to jetc-core sharding problem Enabling DNS retryOnTimeout with TCP in DnsNameResolver [improve] [broker] replace HashMap with inner implementation ConcurrentLongLongPairHashMap in Negative Ack Tracker. [fix][client] The partitionedProducer maxPendingMessages always is 0 [improve][broker] Support cleanup replication cluster and allowed cluster when cluster metadata teardown [fix][broker] Broker is failing to create non-durable sub if topic is fenced [fix][client] fix the beforeConsume() method earlier hit with message listener [fix][test] Fix DeadLetterTopicTest.testDeadLetterTopicWithInitialSubscriptionAndMultiConsumers [fix][broker] Fix currently client retries until operation timeout if the topic does not exist [fix][test] Fix SimpleProducerConsumerTest.testMultiTopicsConsumerImplPauseForManualSubscription [fix][broker] fix logging with correct error message while loading the topic [improve][test] Disable OTel autoconfigured exporters in tests [fix][broker] Fix print cluster migration state response [fix][broker] Fix Broker migration NPE while broker tls url not configured [improve][broker] re-elect the channel owner if no channel owner is found [improve][broker] Exclude system topics from namespace level publish and dispatch rate limiting [improve][admin] Print error log if handle http response fails [fix][broker] Fix ownership loss

​

MoP

367595c fix checkstyle 4cc93c3 fix branch-3.3 Fix the auth data is NPE error Fix broker enable dedup cause client publish failed Seperate proxy and broker a single module Refactor MoP to prepare for split Proxy to seperate module Support returning user subject with variables for AuthenticationProviderMTls Fix mTls authorize bug Fix mTLS authorization bug Support mTLS authentication for MoP Fix workflow Fix authentication metrics for 4.0 Implement AuthenticationProviderMTls Fix TLS initialization Fix test for 3.4.0-SNAPSHOT Upgrade Pulsar from 2.10.0 to 3.4.0

​

KoP

Disable bundle ownership transferring for bundles in shadow namespaces

​

Cloud Storage Connector

Upgrade netty to fix CVE-2024-47535

​

Cloud Pulsar Plugins

Upgrade netty to fix CVE-2024-47535

​

StreamNative Tiered storage

Configure ksn entryformat in test Increase the kop test waiting time

​

StreamNative Unified RBAC

fix: fix build script typo fix: avoid spotless format pom fix(sdk-go-cloud): return nil when not found role feat: upgrade sdk-go to 0.1.7 feat: downgrade k8s client version to 0.24 feat: use CEL to instead CElExpression feat(sdk-go-cloud): upgrade sdk-go version to v0.1.5 feat(sdk-go): introduce sdk-go-cloud for control plane components feat(schema): use protobuf defined pojo for all the sdk. feat(provider): validate superuser along with permission check feat: support new permission clusterrole describe feat(sdk-go): make data source interface more general fix: fix wrong permission name feat: support mock cloud image feat: support variables for CEL expression feat: support an error to indicate empty role feat(endpoint): change apply endpoint success code to 200 feat(sdk): support apply for role and role binding feat(metadata): add missing verbs feat(authorizer): support CEL condition for role binding feat: application superuser support feat(generator): change APIGroups to APIVersion fix(k8s-generator): fix wrong group key causes wrong result Support cluster role

​

Security Fixes

​

Apache Pulsar

[fix][sec] Upgrade to Netty 4.1.115.Final to address CVE-2024-47535 [fix][sec] Upgrade Zookeeper to 3.9.3 to address CVE-2024-51504 [fix][sec] Replace bcprov-jdk15on dependency with bcprov-jdk18-on