Skip to content

Releases: hashicorp/consul

v1.20.0-rc1

20 Sep 15:42
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering
v1.20.0-rc1
f0004df
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.20.0-rc1 Pre-release
Pre-release

1.20.0-rc1 (September 19, 2024)

SECURITY:

  • Explicitly set 'Content-Type' header to mitigate XSS vulnerability. [GH-21704]
  • Implement HTML sanitization for user-generated content to prevent XSS attacks in the UI. [GH-21711]
  • UI: Remove codemirror linting due to package dependency [GH-21726]
  • Upgrade Go to use 1.22.7. This addresses CVE
    CVE-2024-34155 [GH-21705]
  • Upgrade to support aws/aws-sdk-go v1.55.5 or higher. This resolves CVEs
    CVE-2020-8911 and
    CVE-2020-8912. [GH-21684]
  • ui: Pin a newer resolution of Braces [GH-21710]
  • ui: Pin a newer resolution of Codemirror [GH-21715]
  • ui: Pin a newer resolution of Markdown-it [GH-21717]
  • ui: Pin a newer resolution of ansi-html [GH-21735]

FEATURES:

  • server: remove v2 tenancy, catalog, and mesh experiments [GH-21592]

IMPROVEMENTS:

  • security: upgrade ubi base image to 9.4 [GH-21750]
  • connect: Add Envoy 1.31 and 1.30 to support matrix [GH-21616]

BUG FIXES:

  • jwt-provider: change dns lookup family from the default of AUTO which would prefer ipv6 to ALL if LOGICAL_DNS is used or PREFER_IPV4 if STRICT_DNS is used to gracefully handle transitions to ipv6. [GH-21703]
Assets 2
Loading

v1.19.2

27 Aug 20:38
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering
v1.19.2
048f193
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.2 Latest
Latest

1.19.2 (August 26, 2024)

SECURITY:

  • ui: Upgrade modules with d3-color as a dependency to address denial of service issue in d3-color < 3.1.0 [GH-21588]

IMPROVEMENTS:

  • Use Envoy's default for a route's validate_clusters option, which is false. This fixes a case where non-existent clusters could cause a route to no longer route to any of its backends, including existing ones. [GH-21587]

BUG FIXES:

  • api-gateway: (Enterprise only) ensure clusters are properly created for JWT providers with a remote URI for the JWKS endpoint [GH-21604]
Assets 2
Loading

v1.18.4 (Enterprise)

27 Aug 23:50
@jmurret jmurret
ent-changelog-1.18.4
60e2379
Compare
Choose a tag to compare
v1.18.4 (Enterprise)

1.18.4 Enterprise (August 26, 2024)

Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.

SECURITY:

  • ui: Upgrade modules with d3-color as a dependency to address denial of service issue in d3-color < 3.1.0

IMPROVEMENTS:

  • Use Envoy's default for a route's validate_clusters option, which is false. This fixes a case where non-existent clusters could cause a route to no longer route to any of its backends, including existing ones. [GH-21587]
Assets 2
Loading

v1.17.7 (Enterprise)

27 Aug 23:51
@jmurret jmurret
ent-changelog-1.17.7
008a273
Compare
Choose a tag to compare
v1.17.7 (Enterprise)

1.17.7 Enterprise (August 26, 2024)

SECURITY:

  • ui: Upgrade modules with d3-color as a dependency to address denial of service issue in d3-color < 3.1.0

IMPROVEMENTS:

  • Use Envoy's default for a route's validate_clusters option, which is false. This fixes a case where non-existent clusters could cause a route to no longer route to any of its backends, including existing ones. [GH-21587]
Assets 2
Loading

v1.15.14 (Enterprise)

27 Aug 23:52
@jmurret jmurret
ent-changelog-1.15.14
77dba1e
Compare
Choose a tag to compare
v1.15.14 (Enterprise)

1.15.14 Enterprise (August 26, 2024)

Enterprise LTS: Consul Enterprise 1.15 is a Long-Term Support (LTS) release.

SECURITY:

  • ui: Upgrade modules with d3-color as a dependency to address denial of service issue in d3-color < 3.1.0 [GH-21588]

IMPROVEMENTS:

  • Use Envoy's default for a route's validate_clusters option, which is false. This fixes a case where non-existent clusters could cause a route to no longer route to any of its backends, including existing ones. [GH-21587]
Assets 2
Loading

v1.19.1

11 Jul 20:54
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering
v1.19.1
9f62fb4
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.1

1.19.1 (July 11, 2024)

SECURITY:

IMPROVEMENTS:

  • mesh: update supported envoy version 1.29.5 in addition to 1.28.4, 1.27.6. [GH-21277]

BUG FIXES:

  • core: Fix multiple incorrect type conversion for potential overflows [GH-21251]
  • core: Fix panic runtime error on AliasCheck [GH-21339]
  • dns: Fix a regression where DNS SRV questions were returning duplicate hostnames instead of encoded IPs.
    This affected Nomad integrations with Consul. [GH-21361]
  • dns: Fix a regression where DNS tags using the standard lookup syntax, tag.name.service.consul, were being disregarded. [GH-21361]
  • dns: Fixes a spam log message "Failed to parse TTL for prepared query..."
    that was always being logged on each prepared query evaluation. [GH-21381]
  • terminating-gateway: (Enterprise Only) Fixed issue where enterprise metadata applied to linked services was the terminating-gateways enterprise metadata and not the linked services enterprise metadata. [GH-21382]
  • txn: Fix a bug where mismatched Consul server versions could result in undetected data loss for when using newer Transaction verbs. [GH-21519]
Assets 2
Loading

v1.18.3 (Enterprise)

17 Jul 18:50
@sarahalsmiller sarahalsmiller
ent-changelog-1.18.3
0c3bacc
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.18.3 (Enterprise)

1.18.3 Enterprise (July 11, 2024)

Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.

SECURITY:

IMPROVEMENTS:

  • mesh: update supported envoy version 1.29.4
  • mesh: update supported envoy version 1.29.5 in addition to 1.28.4, 1.27.6. [GH-21277]
  • upgrade go version to v1.22.3. [GH-21113]
  • upgrade go version to v1.22.4. [GH-21265]

BUG FIXES:

  • core: Fix multiple incorrect type conversion for potential overflows [GH-21251]
  • core: Fix panic runtime error on AliasCheck [GH-21339]
  • dns: Fixes a spam log message "Failed to parse TTL for prepared query..."
    that was always being logged on each prepared query evaluation. [GH-21381]
  • terminating-gateway: (Enterprise Only) Fixed issue where enterprise metadata applied to linked services was the terminating-gateways enterprise metadata and not the linked services enterprise metadata. [GH-21382]
  • txn: Fix a bug where mismatched Consul server versions could result in undetected data loss for when using newer Transaction verbs. [GH-21519]
  • v2dns: Fix a regression where DNS SRV questions were returning duplicate hostnames instead of encoded IPs.
    This affected Nomad integrations with Consul. [GH-21361]
  • v2dns: Fix a regression where DNS tags using the standard lookup syntax, tag.name.service.consul, were being disregarded. [GH-21361]
Assets 2
Loading

v1.17.6 (Enterprise)

17 Jul 18:49
@sarahalsmiller sarahalsmiller
ent-changelog-1.17.6
5e93061
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.6 (Enterprise)

1.17.6 Enterprise (July 11, 2024)

SECURITY:

IMPROVEMENTS:

  • upgrade go version to v1.22.3. [GH-21113]
  • upgrade go version to v1.22.4. [GH-21265]

BUG FIXES:

  • core: Fix panic runtime error on AliasCheck [GH-21339]
  • terminating-gateway: (Enterprise Only) Fixed issue where enterprise metadata applied to linked services was the terminating-gateways enterprise metadata and not the linked services enterprise metadata. [GH-21382]
  • txn: Fix a bug where mismatched Consul server versions could result in undetected data loss for when using newer Transaction verbs. [GH-21519]
Assets 2
Loading

v1.15.13 (Enterprise)

17 Jul 18:48
@sarahalsmiller sarahalsmiller
ent-changelog-1.15.13
ef6e2a6
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.15.13 (Enterprise)

1.15.13 Enterprise (July 11, 2024)

Enterprise LTS: Consul Enterprise 1.15 is a Long-Term Support (LTS) release.

SECURITY:

IMPROVEMENTS:

  • mesh: update supported envoy version 1.29.4
  • upgrade go version to v1.22.3. [GH-21113]
  • upgrade go version to v1.22.4. [GH-21265]

BUG FIXES:

  • core: Fix panic runtime error on AliasCheck [GH-21339]
  • terminating-gateway: (Enterprise Only) Fixed issue where enterprise metadata applied to linked services was the terminating-gateways enterprise metadata and not the linked services enterprise metadata. [GH-21382]
  • txn: Fix a bug where mismatched Consul server versions could result in undetected data loss for when using newer Transaction verbs. [GH-21519]
Assets 2
Loading

v1.19.0

12 Jun 15:11
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering
v1.19.0
bf0166d
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.19.0

1.19.0 (June 12, 2024)

BREAKING CHANGES:

  • telemetry: State store usage metrics with a double consul element in the metric name have been removed. Please use the same metric without the second consul instead. As an example instead of consul.consul.state.config_entries use consul.state.config_entries [GH-20674]

SECURITY:

FEATURES:

  • dns: queries now default to a refactored DNS server that is v1 and v2 Catalog compatible.
    Use v1dns in the experiments agent config to disable.
    The legacy server will be removed in a future release of Consul.
    See the Consul 1.19.x Release Notes for removed DNS features. [GH-20715]
  • gateways: api-gateway can leverage listener TLS certificates available on the gateway's local filesystem by specifying the public certificate and private key path in the new file-system-certificate configuration entry [GH-20873]

IMPROVEMENTS:

  • dns: new version was not supporting partition or namespace being set to 'default' in CE version. [GH-21230]
  • mesh: update supported envoy version 1.29.4 in addition to 1.28.3, 1.27.5, 1.26.8. [GH-21142]
  • upgrade go version to v1.22.4. [GH-21265]
  • Upgrade github.com/envoyproxy/go-control-plane to 0.12.0. [GH-20973]
  • dns: DNS-over-grpc when using consul-dataplane now accepts partition, namespace, token as metadata to default those query parameters.
    consul-dataplane v1.5+ will send this information automatically. [GH-20899]
  • snapshot: Add consul snapshot decode CLI command to output a JSON object stream of all the snapshots data. [GH-20824]
  • telemetry: Add telemetry.disable_per_tenancy_usage_metrics in agent configuration to disable setting tenancy labels on usage metrics. This significantly decreases CPU utilization in clusters with many admin partitions or namespaces.
  • telemetry: Improved the performance usage metrics emission by not outputting redundant metrics. [GH-20674]

DEPRECATIONS:

  • snapshot agent: (Enterprise only) Top level single snapshot destinations local_storage, aws_storage, azure_blob_storage, and google_storage in snapshot agent configuration files are now deprecated. Use the backup_destinations config object instead.

BUG FIXES:

Assets 2
Loading