Releases: redpanda-data/redpanda
Releases · redpanda-data/redpanda
Release list
v26.1.12
Bug Fixes
- Fixes a bug in which a
generate_report()request to thetransformsystem could result in anullptrdereference at startup by @WillemKauf in #30910 - Fixes a bug in which a stale read in the l0 write scheduler could result in a division by zero (raising SIGFPE). by @WillemKauf in #30920
- Fixes a reactor stall seen when there are a large number of pending files in the Iceberg Topics coordinator. by @andrwng in #30880
- PR #30929 [v26.1.x] datalake: Fix deleted namespace race for REST_HADOOP catalog by @wdberkeley
- PR #30944 [v26.1.x] dt/kgo: surface worker crashes as descriptive errors by @nvartolomei
Improvements
- adds stuck raft0 escape hatches by @vbotbuildovich in #30945
- PR #30922 [v26.1.x] [CORE-16282] json: make the schema walk keyword-aware by @mnajda-redpanda
Full Changelog: v26.1.11...v26.1.12
v26.1.11
Features
rpk --print-tree: emits the full rpk command tree as a single JSON document, suited for LLMs and automations. by @r-vasquez in #30834
Bug Fixes
- Fix consumer group lag metrics inflated after retention or trim-prefix. by @bartoszpiekny-redpanda in #30870
- Fixed shadow link replication advancing the shadow partition start
offset past the source partition's start offset when a replicator
resumes after a shadow partition leadership change. by @Lazin in #30819 - Fixes a bug in which hung requests to the schema registry or in shadow linking could cause a deadlock during shutdown. by @WillemKauf in #30788
- Fixes a crash that could occur in the Cloud Topics metastore upon certain errors from during metastore database compaction. by @andrwng in #30775
- Fixes a wedge in multi-output transforms where a produce failure on one output topic silently stalled the processor instead of restarting it. by @WillemKauf in #30855
- Upgrade krb5 to 1.22.2 to address CVE-2026-40355 and CVE-2026-40356 (NegoEx parsing vulnerabilities). by @tyson-redpanda in #30874
- #30561 Fixed a bug in the schema registry where adding a new required field to a JSON schema was incorrectly allowed under
BACKWARDcompatibility mode. by @TheJohnMatti in #30563
Improvements
- Optimize compaction logic, especially for large batches. by @WillemKauf in #30760
ct/l1: checkis_linked()on owner shard by @WillemKauf in #30747- build/deps: upgrade openssl to 3.5.7 by @tyson-redpanda in #30813
- ct/scale: raise fetch concurrency for cloud_topics MPT variants by @oleiman in #30867
cluster: remove shard aggregation formax_offsetandunder_replicated_partitionsby @WillemKauf in #30877
Full Changelog: v26.1.10...v26.1.11
v26.1.10
Features
- New live-reloadable cluster configs
oidc_http_proxy_username/
oidc_http_proxy_passwordadd HTTP Basic authentication to the OIDC forward
proxy (oidc_http_proxy_url); set both to authenticate, leave unset for an
anonymous proxy. The password is secret. by @nguyen-andrew in #30767
Bug Fixes
- Fix schema evolution incorrectly rejecting new optional Iceberg columns whose nested types contain structurally-required fields (e.g. maps, whose keys are always required). by @nvartolomei in #30590
- Fixed Avro schema lookup false negatives when equivalent nested primitive schemas used simple form, such as
"string", and object form, such as{"type":"string"}. by @pgellert in #30641 - Fixed a leak in the Iceberg translation subsystem where per-partition
metrics were not released after a partition was removed from a broker. by @nvartolomei in #30706 - Fixes a bug in the
feature_tablein which nodes which are holding back the cluster-widecluster_version, when decommissioned, result in thecluster_versionnever being updated until a restart/controller leadership move is forced. by @WillemKauf in #30636 - Fixes a bug where fetches against tiered storage could fail when retention advances past all segments and new segments are added. by @wdberkeley in #30637
- Patched krb5 against CVE-2026-40355 (null pointer dereference) and CVE-2026-40356 (integer underflow) in NegoEx message parsing, both exploitable by an unauthenticated remote attacker to crash the process (CVSS 8.7). by @tyson-redpanda in #30572
- The
daypartition transform now produces adate-typed partition
column (matching the Iceberg spec) instead ofint. by @mmaslankaprv in #30534 - report Iceberg-disabled topics as DISABLED in translation_state response. by @bharathv in #30770
Improvements
- Added a new cluster property
iceberg_default_schema_case_insensitivewith possible values of yes, no, or auto, default is auto. This property determines whether the Iceberg subsystem compares field names case-insensitively or not. The auto value means the system will attempt to detect if it should use case insensitive comparison. This will happen if the detected REST catalog is AWS Glue, which addresses a sporadic issue with AWS Glue where it would return field names lower-cased instead of verbatim. by @wdberkeley in #30577 - Avoid recompression of unchanged batches in the local storage and cloud topics compaction implementation. by @WillemKauf in #30672
- Optimize the
segment_meta_cstore::insert_entries()path for the generic append case. by @WillemKauf in #30610 - Prevent oversized allocations in the
kafkalayer when utilizing large consumer groups by @WillemKauf in #30753 - Purging an Iceberg table managed by the filesystem catalog will now delete all the table's files, not just the metadata files. by @wdberkeley in #30698
- The iceberg translation state REST endpoint now returns a partition
state entry for every partition of the topic and reports the topic's
partition_count. by @mmaslankaprv in #30657
Full Changelog: v26.1.9...v26.1.10
v25.3.15
Features
- Add OAUTHBEARER SASL mechanism support to rpk, enabling OIDC-based authentication for the Kafka client, admin API, and schema registry. Pass the token via --password (raw value or token: format) with --sasl-mechanism OAUTHBEARER. by @david-yu in #30312
Bug Fixes
- Allow combining
aws_sigv4Iceberg REST catalog authentication with thestscloud credentials source. by @nvartolomei in #30554 - Correctly decode variable-length Avro
decimalpayloads on the
ingest path. by @nvartolomei in #30518 - Fix Iceberg map columns being unreadable from strict Parquet readers
(e.g. Apache Spark) due to a missingLogicalType.MAPannotation in
the written Parquet schema. by @nvartolomei in #30458 - Fix a process abort when the tiered storage cache's local disk fills
up while a segment download is in progress on a non-zero shard. by @nvartolomei in #30352 - Fix corruption of negative decimal partition values in Iceberg
manifests for decimal columns whose precision does not require 16
bytes (e.g.decimal(10,2)). by @nvartolomei in #30518 - Fix schema evolution incorrectly rejecting new optional Iceberg columns whose nested types contain structurally-required fields (e.g. maps, whose keys are always required). by @nvartolomei in #30591
- Fix tiered storage I/O remaining throttled at the previously-configured rate after
cloud_storage_max_throughput_per_shardwas unset. by @nvartolomei in #30472 - Fixed Avro schema lookup false negatives when equivalent nested primitive schemas used simple form, such as
"string", and object form, such as{"type":"string"}. by @pgellert in #30642 - Fixed schema registry returning 40403 when looking up Avro schemas that use unqualified named type references (e.g.
"Inner") against registered schemas using fully-qualified references (e.g."com.example.Inner") within
the same namespace. by @ksitnik-tc in #30267 - Fixed the
vectorized_rpc_client_requests_pendinggauge drifting
over time. by @nvartolomei in #30297 - Fixes a bug in the
feature_tablein which nodes which are holding back the cluster-widecluster_version, when decommissioned, result in thecluster_versionnever being updated until a restart/controller leadership move is forced. by @WillemKauf in #30634 - Fixes a bug where fetches against tiered storage could fail when retention advances past all segments and new segments are added. by @wdberkeley in #30639
- Fixes an issue that prevented raft followers across high-RTT links from establishing connections long enough to receive heartbeat request replies. by @ballard26 in #30550
- Patched krb5 against CVE-2026-40355 (null pointer dereference) and CVE-2026-40356 (integer underflow) in NegoEx message parsing, both exploitable by an unauthenticated remote attacker to crash the process (CVSS 8.7). by @tyson-redpanda in #30571
- Upgraded OpenSSL from 3.0.19 to 3.0.20 to address CVE-2026-31790, which could allow an attacker supplying a malformed RSA public key to trigger use of uninitialized memory during RSA key encapsulation. by @tyson-redpanda in #30239
- Upgraded libxml2 to v2.15.3 to fix CVE-2026-6732 type confusion vulnerability in XSD validation. by @tyson-redpanda in #30394
- #30439 Schema Registry: fixed protobuf compatibility checks incorrectly failing
withMESSAGE_REMOVEDwhen a map field is removed. by @QueLLL in #30440 - #30504 Fixes a bug in which a double metric registration could occur when
stscredentials were used for bothicebergandtiered_storagesystems. by @WillemKauf in #30505 cluster: fix enterprise validation foricebergenablement by @WillemKauf in #30526datalake: stop bucketing unknown_error as file_io_error by @nvartolomei in #30617
Improvements
- Backport
features_auto_finalizationcluster configuration option to allow opting out of automatic upgrade finalization before upgrading to v26.2. by @dotnwat in #30461 - Optimize the
segment_meta_cstore::insert_entries()path for the generic append case. by @WillemKauf in #30609 - #30270 Avoid potential oversized allocations in the segment index materialization path by @WillemKauf in #30274
- Avoid oversized alloc in compaction reducers by @StephanDollberg in #30218
- Validate
iceberg_rest_catalog_endpointat config time by @WillemKauf in #30569 - Trace schema evolution inputs by @nvartolomei in #30603
Full Changelog: v25.3.14...v25.3.15
v26.1.9
Bug Fixes
- Allow combining
aws_sigv4Iceberg REST catalog authentication with thestscloud credentials source. by @nvartolomei in #30553 - Correctly decode variable-length Avro
decimalpayloads on the ingest path. by @nvartolomei in #30517 - Fix corruption of negative decimal partition values in Iceberg manifests for decimal columns whose precision does not require 16
bytes (e.g.decimal(10,2)). by @nvartolomei in #30517 - Fix parsing of Iceberg table metadata whose sort orders use the spec-canonical singular
source-idfield (e.g. metadata produced by Unity Catalog). by @mmaslankaprv in #30477 - Fix tiered storage I/O remaining throttled at the previously-configured rate after
cloud_storage_max_throughput_per_shardwas unset. by @nvartolomei in #30473 - Fixes an issue that prevented raft followers across high-RTT links from establishing connections long enough to receive heartbeat request replies. by @ballard26 in #30549
- #30502 Fixes a bug in which a double metric registration could occur when
stscredentials were used for bothicebergandtiered_storagesystems. by @WillemKauf in #30503
Improvements
- Backport
features_auto_finalizationcluster configuration option to allow opting out of automatic upgrade finalization before upgrading to v26.2. by @dotnwat in #30460 - PR #30507 cloud_topics/l1: fix UB in db_domain_manager error-logging paths by @Lazin
- PR #30509
storage: don't override withshard_local_cfg()inntp_confighelpers by @WillemKauf - PR #30527
cluster: fix enterprise validation foricebergenablement by @WillemKauf - PR #30540
ct/l1: guardstop_collecting_logs()onlocal_is_initialized()by @WillemKauf - PR #30542 rpk: bump Go to 1.26.3, x/net to v0.54.0 (Snyk findings) by @twmb
Full Changelog: v26.1.8...v26.1.9
v26.1.8
Features
- New configuration:
iceberg_rest_catalog_credentials_host: The hostname to connect to for retrieving role-based credentials for the Iceberg REST catalog. May be required when the REST catalog uses a different credentials source than cloud storage — for example, if cloud storage is configured to use STS with a custom credentials host, but the REST catalog uses aws_instance_metadata, this should be set to 169.254.169.254 to prevent the cloud storage host override from applying to catalog credential requests. by @wdberkeley in #30446
Bug Fixes
- Avoid OOM under memory fragmentation when there are many ACLs. by @pgellert in #30401
- Fix Iceberg map columns being unreadable from strict Parquet readers
(e.g. Apache Spark) due to a missingLogicalType.MAPannotation in
the written Parquet schema. by @nvartolomei in #30457 - Fix an issue with Clout Topics garbage collection where deleting all cloud topics could leave stale objects in the bucket, forever. by @oleiman in #30283
- Iceberg REST catalog credential refresh requests were sent to the wrong host when cloud_storage_credentials_host was set. The host override intended for cloud storage was applied globally, causing catalog credential fetches to fail if the catalog used a different credentials source with a different expected endpoint. by @wdberkeley in #30446
- Upgraded libxml2 to v2.15.3 to fix CVE-2026-6732 type confusion vulnerability in XSD validation. by @tyson-redpanda in #30393
- #30437 Schema Registry: fixed protobuf compatibility checks incorrectly failing
withMESSAGE_REMOVEDwhen a map field is removed. by @QueLLL in #30438 - rpk/debug/bundle: dedup admin addresses across host forms by @hidalgopl in #30411
- PR #30313 kafka/server: cap fetch memory allocation at max message size limit by @ballard26
Full Changelog: v26.1.7...v26.1.8
v26.1.7
Features
- Add OAUTHBEARER SASL mechanism support to rpk, enabling OIDC-based authentication for the Kafka client, admin API, and schema registry. Pass the token via --password (raw value or token: format) with --sasl-mechanism OAUTHBEARER. by @david-yu in #30306
- New cluster config oidc_http_proxy_url routes OIDC discovery and JWKS fetches through an HTTP forward proxy. Set to a URL of the form http://host:port or https://host:port to enable; leave unset (the default) to connect to the OIDC endpoint directly. When set, oidc_discovery_url must use https:// as plaintext OIDC endpoints through a forward proxy are not supported. The property is live-reloadable (no broker restart required). by @pgellert in #30407
- Schema Registry now accepts
/contexts/{context}/...prefixed URLs on all
endpoints, allowing serde clients to target a non-default context by
configuring their base URL (e.g.schema.registry.url=http://host:8081/contexts/.myctx). by @nguyen-andrew in #30363 rpk aiis a new managed plugin that installs and drives the Redpanda AI Gateway CLI (rpai).rpk ai install/upgrade/uninstallmanage the binary;rpk ai <subcommand>runsrpaiagainst the active rpk cloud profile's cluster (token viarpk cloud login, endpoint resolved from the cluster's AI Gateway v2 URL). by @simon0191 in #30304
Bug Fixes
- Bare `rpk ai` (with the plugin installed) now prints the same help screen as `rpk ai --help`, including the `install`, `uninstall`, and `upgrade` subcommands. by @simon0191 in #30376
- Fix a process abort when the tiered storage cache's local disk fills
up while a segment download is in progress on a non-zero shard. by @nvartolomei in #30351 - Fix an assertion crash in the cloud storage self-test when a multipart upload part failed mid-sequence. by @nvartolomei in #30346
- Fixed schema registry returning 40403 when looking up Avro schemas that use unqualified named type references (e.g.
"Inner") against registered schemas using fully-qualified references (e.g."com.example.Inner") within
the same namespace. by @ksitnik-tc in #30266 - Fixed the
vectorized_rpc_client_requests_pendinggauge drifting
over time. by @nvartolomei in #30295 - Invalidates LSM iterators when exceptions are thrown. by @ballard26 in #30361
- Upgraded OpenSSL from 3.5.5 to 3.5.6 to address CVE-2026-31790, which could allow an attacker supplying a malformed RSA public key to trigger use of uninitialized memory during RSA key encapsulation. by @tyson-redpanda in #30378
- `rpk ai help`, `rpk ai version`, and `rpk ai ` no longer trigger an OAuth flow before responding. by @simon0191 in #30376
Improvements
- Improves accuracy of TLS error reporting, making connection issues easier to diagnose. by @pgellert in #30289
- #30271 Avoid potential oversized allocations in the segment index materialization path by @WillemKauf in #30275
rpk ai <sub>now reads the active cloud profile's cached AI Gateway URL (populated at profile creation) and only contacts the publicapi when the cache is empty, removing an extra round trip on every plugin invocation. by @simon0191 in #30304- PR #30317 cluster/metrics_reporter: report local and cloud topic counts by @nvartolomei
- PR #30337 metastore: run requests on metastore scheduling group by @nvartolomei
- PR #30343 bazel: update seastar to 4152d2fc by @pgellert
- PR #30345
ct: reconcilation pending offset lag metric by @WillemKauf - PR #30383
utils: add and usexmlutilities by @WillemKauf - PR #30405 tests: Remove DCV DT support by @StephanDollberg
Full Changelog: v26.1.6...v26.1.7
v26.1.6
Bug Fixes
- Changes to
cloud_storage_throughput_limit_percentcluster config now take effect at runtime instead of being ignored until restart. by @nvartolomei in #30233 - Fixes a potential deadlock arising from race between raft snapshots and transaction opertions. by @bharathv in #30226
- Prevents a potential oversized allocation in kafka protocol parsing of tagged fields by @rockwotj in #30166
- PR #30209 [v26.1.x] utils: fix token bucket underflow after rate decrease by @nvartolomei
Improvements
- Better guard against malformed requests when parsing kafka messages by @rockwotj in #30196
- Cloud topics long-term storage metadata will now be managed as a part of the cloud cache. by @andrwng in #30201
- PR #30180 [v26.1.x] c/rm_stm: downgrade log level of skipping cleanup by @bharathv
- PR #30212 [v26.1.x] cloud_io: release client lease before retry backoff sleep by @nvartolomei
- PR #30215 [v26.1.x] storage: Avoid oversized alloc in compaction reducers by @StephanDollberg
- PR #30221 [v26.1.x] lsm/io: skip delete_objects call when no keys to delete by @nvartolomei
- PR #30234 [v26.1.x] ct/l1: remove unnecessary std::to_underlying in error formatting by @nvartolomei
Full Changelog: v26.1.5...v26.1.6
v25.3.14
Bug Fixes
- Fixes a rare crash due to race condition between transaction related operations and partition shutdown. by @bharathv in #30084
- Prevents a potential oversized allocation in kafka protocol parsing of tagged fields by @rockwotj in #30167
- Security: Prevent the default OpenSSL config from being loaded from the host machine (OPENSSL_CONF env var or /etc/ssl/openssl.cnf file) in self-hosted installations to ensure that only redpanda configs control the crypto and TLS settings of the broker. by @pgellert in #30144
Improvements
- Don't error on potentially unknown cluster properties when attempting to issue removal requests through the admin API. by @WillemKauf in #30061
Full Changelog: v25.3.13...v25.3.14
v26.1.5
Bug Fixes
- Prevent the default OpenSSL config from being loaded from the host machine (OPENSSL_CONF env var or /etc/ssl/openssl.cnf file) in self-hosted installations to ensure that only redpanda configs control the crypto and TLS settings of the broker. by @pgellert in #30141
- fixes a 3-way circular deadlock can occur in
rm_stminvolving. The deadlock can happen when processing transactions by @mmaslankaprv in #30153
Full Changelog: v26.1.4...v26.1.5