Provided by: libnbd-dev_1.20.0-1_amd64 
NAME
libnbd-release-notes-1.18 - release notes for libnbd 1.18
DESCRIPTION
These are the release notes for libnbd stable release 1.18. This describes the major
changes since 1.16.
libnbd 1.18.0 was released on 27 September 2023.
Security
Eric Blake found a case where a server could cause libnbd to crash, although not in the
normal libnbd configuration. For more information see the announcement here:
https://listman.redhat.com/archives/libguestfs/2023-July/032035.html
Eric Blake found an issue with nbd_get_size(3) where a server that returns a size >
(uint64_t)INT64_MAX and < (uint64_t)-1 would cause nbd_get_size to return a negative
number (which is not -1 and so callers may or may not treat it as an error). While no
client code in libnbd itself is affected by this, it could affect external clients.
libnbd ≥ 1.16.5 now returns an error (-1) and sets nbd_get_errno to "EOVERFLOW" in this
case. This was assigned CVE-2023-5215 (low severity). See the announcement here:
https://listman.redhat.com/archives/libguestfs/2023-September/032711.html
During routine fuzzing we found several security problems which had been introduced during
this development cycle and have subsequently been fixed. Stable (even numbered) releases
of libnbd should not be vulnerable; do not use the development (odd numbered) releases in
production.
If you find a security issue, please read SECURITY in the source (online here:
https://gitlab.com/nbdkit/libnbd/blob/master/SECURITY). To find out about previous
security issues in libnbd, see libnbd-security(3).
New APIs
nbd_block_status_64(3)
nbd_aio_block_status_64(3)
Make a 64 bit block status request, see "Protocol" below (Eric Blake).
nbd_block_status_filter(3)
nbd_aio_block_status_filter(3)
Send filtered block status command, see "Protocol" below (Eric Blake).
nbd_can_block_status_payload(3)
Find out if the server supports filtered block status command (Eric Blake).
nbd_set_request_extended_headers(3)
nbd_get_request_extended_headers(3)
nbd_get_extended_headers_negotiated(3)
nbd_opt_extended_headers(3)
nbd_aio_opt_extended_headers(3)
Set/get whether we request extended headers from the server, and find out if we
negotiated extended headers, see "Protocol" below (Eric Blake).
Enhancements to existing APIs
"qemu:" meta-context constants (eg. "qemu:dirty-bitmap" as
"LIBNBD_CONTEXT_QEMU_DIRTY_BITMAP") are now available through the C, Golang, OCaml and
Python language bindings (Eric Blake).
nbd_shutdown(3) now works correctly when in opt mode (Eric Blake).
nbd_set_strict_mode(3) adds "LIBNBD_STRICT_AUTO_FLAG" which allows the client to test how
servers behave when the payload length flag is adjusted (Eric Blake).
Protocol
libnbd now supports NBD 64 bit "extended headers" and extent sizes. In practice this
allows certain requests such as zeroing very large sections of the disk to be implemented
much more efficiently, with servers that support this (Eric Blake).
libnbd now supports filtered block status requests (Eric Blake).
Tools
nbdcopy(1), nbdinfo(1) and nbddump(1) have been expanded to use and report NBD 64 bit /
extended header support when the server supports it (Eric Blake).
nbdinfo --has can be used as an alias for --can, eg. "nbdinfo --has structured-reply URI"
(Eric Blake).
nbdinfo makes the export size output optional, for servers which send an oversized one
(Eric Blake).
nbdcopy now supports "human sizes" for some parameters, eg.
"nbdcopy --request-size=1M ...".
Language bindings
New Rust bindings. There is a basic API for ordinary use, and an asynch API implemented
using Tokio. Rust ≥ 1.69 is required. (Tage Johansson, supported by sponsorship from
Google Summer of Code 2023, additional review and fixes by Eric Blake).
OCaml 5 is now supported.
Golang 1.21 is now supported. The minimum version is now 1.17 (Eric Blake).
Use "gofmt" to format Golang bindings (Eric Blake).
Use "unsafe.Slice" when converting C arrays to Golang slices (Eric Blake).
All language bindings support NBD 64 bit / extended headers, and examples of how to use
this feature are available (Eric Blake).
Tests
Fix a couple of race conditions in tests where we did not fully consume stdin in
nbdkit-sh-plugin(3) pwrite method (Eric Blake).
Fuzzing now disables client-side strictness checks, enabling a wider range of inputs to be
fuzzed (Eric Blake).
Other improvements and bug fixes
Consistently wrap source code at 80 columns (Laszlo Ersek).
Debug messages no longer print the very verbose state transitions inside the state machine
as these are not usually useful. You can reenable this by defining
"-DLIBNBD_STATE_VERBOSE=1" at compile time.
Completion ".callback" methods are now always called exactly once, and documentation is
clearer on when this happens (Eric Blake).
Documentation
"podwrapper" has a new --replace parameter which makes it easier to use
"AC_SUBST"-substitutions in documentation.
Build
Automake's "subdir-objects" option is now used (Eric Blake).
Multiple, ongoing fixes to the CI tests (Eric Blake).
SEE ALSO
libnbd(3).
AUTHORS
Eric Blake
Laszlo Ersek
Richard W.M. Jones
Tage Johansson
COPYRIGHT
Copyright Red Hat
LICENSE
This library is free software; you can redistribute it and/or modify it under the terms of
the GNU Lesser General Public License as published by the Free Software Foundation; either
version 2 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this
library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth
Floor, Boston, MA 02110-1301 USA