commit ab921f22f628b40cd6efcc9dc77ccdaf9b3ec8f1 Author: Tim Burke Date: Mon Oct 5 15:43:32 2020 -0700 ChangeLog for 2.23.2 Change-Id: I313e22e078805f58f07f8e05c4b874db7b1a3ce6 diff --git a/CHANGELOG b/CHANGELOG index 6a9e97a..4884f75 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,52 @@ +swift (2.23.2, train stable backports) + + * Python 3 bug fixes: + + * Fixed an error when reading encrypted data that was written while + running Python 2 for a path that includes non-ASCII characters. This + was caused by a difference in string types that resulted in + ambiguity when decrypting. To prevent the ambiguity for new data, set + `meta_version_to_write = 3` in your keymaster configuration after + upgrading all proxy servers. + + If upgrading from Swift 2.20.0 or Swift 2.19.1 or earlier, set + `meta_version_to_write = 1` in your keymaster configuration prior + to upgrading. + + * Fixed an issue when reading or writing objects with a content-type + like `message/*`. Previously, Swift would fail to respond. + + * Object expiration respects the `expiring_objects_container_divisor` + config option. + + * `fallocate_reserve` may be specified as a percentage in more places. + + * The formpost middleware now works with unicode file names. + + * Certain S3 API headers are now lower case as they would be coming + from AWS. + + * Improved how containers reclaim deleted rows to reduce locking and object + update throughput. + + * Fix a proxy-server error when retrieving erasure coded data when + there are durable fragments but not enough to reconstruct. + + * Fixed 500 from cname_lookup middleware. Previously, if the looked-up + domain was used by domain_remap to update the request path, the + server would respond Internal Error. + + * The bulk extract middleware once again allows clients to specify metadata + (including expiration timestamps) for all objects in the archive. + + * Errors encountered while validating static symlink targets no longer + cause BadResponseLength errors in the proxy-server. + + * Fixed some SignatureDoesNotMatch errors when using the AWS .NET SDK. + + * Various other minor bug fixes and improvements. + + swift (2.23.1, train stable backports) * On Python 3, the KMS keymaster now works with secrets stored diff --git a/releasenotes/notes/2_23_2_release-03f1cc3f2e28c7b3.yaml b/releasenotes/notes/2_23_2_release-03f1cc3f2e28c7b3.yaml new file mode 100644 index 0000000..f8859d2 --- /dev/null +++ b/releasenotes/notes/2_23_2_release-03f1cc3f2e28c7b3.yaml @@ -0,0 +1,69 @@ +--- +upgrade: + - | + **If your cluster has encryption enabled and is still running Swift + under Python 2**, we recommend upgrading Swift *before* transitioning to + Python 3. Otherwise, new writes to objects with non-ASCII characters + in their paths may result in corrupted downloads when read from a + proxy-server still running old swift on Python 2. See `bug 1888037 + `__ for more information. + + - | + The above bug was caused by a difference in string types that resulted + in ambiguity when decrypting. To prevent the ambiguity for new data, set + ``meta_version_to_write = 3`` in your keymaster configuration *after* + upgrading all proxy servers. + + If upgrading from Swift 2.20.0 or Swift 2.19.1 or earlier, set + ``meta_version_to_write = 1`` in your keymaster configuration *prior* + to upgrading. + + See the provided ``keymaster.conf-sample`` for more information about + this setting. + +fixes: + - | + Python 3 bug fixes: + + * Fixed an error when reading encrypted data that was written while + running Python 2 for a path that includes non-ASCII characters. + + * Fixed an issue when reading or writing objects with a content-type + like ``message/*``. Previously, Swift would fail to respond. + + * Object expiration respects the ``expiring_objects_container_divisor`` + config option. + + * ``fallocate_reserve`` may be specified as a percentage in more places. + + * The formpost middleware now works with unicode file names. + + * Certain S3 API headers are now lower case as they would be coming + from AWS. + + - | + Improved how containers reclaim deleted rows to reduce locking and object + update throughput. + + - | + Fix a proxy-server error when retrieving erasure coded data when + there are durable fragments but not enough to reconstruct. + + - | + Fixed 500 from cname_lookup middleware. Previously, if the looked-up + domain was used by domain_remap to update the request path, the + server would respond Internal Error. + + - | + The bulk extract middleware once again allows clients to specify metadata + (including expiration timestamps) for all objects in the archive. + + - | + Errors encountered while validating static symlink targets no longer + cause BadResponseLength errors in the proxy-server. + + - | + Fixed some SignatureDoesNotMatch errors when using the AWS .NET SDK. + + - | + Various other minor bug fixes and improvements.