1.10.3 (September 27, 2021)
FEATURES:
- sso/oidc: (Enterprise only) Add support for providing acr_values in OIDC auth flow [GH-11026]
IMPROVEMENTS:
- audit-logging: (Enterprise Only) Audit logs will now include select HTTP headers in each logs payload. Those headers are:
Forwarded,Via,X-Forwarded-For,X-Forwarded-HostandX-Forwarded-Proto. [GH-11107] - connect: update supported envoy versions to 1.18.4, 1.17.4, 1.16.5 [GH-10961]
- telemetry: Add new metrics for the count of KV entries in the Consul store. [GH-11090]
BUG FIXES:
- api: Revert early out errors from license APIs to allow v1.10+ clients to
manage licenses on older servers [GH-10952] - connect: Fix upstream listener escape hatch for prepared queries [GH-11109]
- grpc: strip local ACL tokens from RPCs during forwarding if crossing datacenters [GH-11099]
- tls: consider presented intermediates during server connection tls handshake. [GH-10964]
- ui: (Enterprise Only) Fix saving intentions with namespaced source/destination [GH-11095]
- ui: Don't show a CRD warning for read-only intentions [GH-11149]
- ui: Ensure routing-config page blocking queries are cleaned up correctly [GH-10915]
- ui: Ignore reported permissions for KV area meaning the KV is always enabled
for both read/write access if the HTTP API allows. [GH-10916] - ui: hide create button for policies/roles/namespace if users token has no write permissions to those areas [GH-10914]
- xds: ensure the active streams counters are 64 bit aligned on 32 bit systems [GH-11085]
- xds: fixed a bug where Envoy sidecars could enter a state where they failed to receive xds updates from Consul [GH-10987]