1.10.9 (February 28, 2022)
SECURITY:
- agent: Use SHA256 instead of MD5 to generate persistence file names.
FEATURES:
- ca: support using an external root CA with the vault CA provider [GH-11910]
IMPROVEMENTS:
- connect: Update supported Envoy versions to include 1.18.6 [GH-12450]
- connect: update Envoy supported version of 1.20 to 1.20.2 [GH-12434]
- debug: reduce the capture time for trace to only a single interval instead of the full duration to make trace.out easier to open without running into OOM errors. [GH-12359]
- raft: add additional logging of snapshot restore progress [GH-12325]
- rpc: improve blocking queries for items that do not exist, by continuing to block until they exist (or the timeout). [GH-12110]
- sentinel: (Enterprise Only) Sentinel now uses SHA256 to generate policy ids
- server: conditionally avoid writing a config entry to raft if it was already the same [GH-12321]
- server: suppress spurious blocking query returns where multiple config entries are involved [GH-12362]
BUG FIXES:
- agent: Parse datacenter from Create/Delete requests for AuthMethods and BindingRules. [GH-12370]
- areas: (Enterprise Only) Fixes a bug when using Yamux pool ( for servers version 1.7.3 and later), the entire pool was locked while connecting to a remote location, which could potentially take a long time. [GH-1368]
- raft: fixed a race condition in leadership transfer that could result in reelection of the current leader [GH-12325]
- server: (Enterprise only) Namespace deletion will now attempt to delete as many namespaced config entries as possible instead of halting on the first deletion that failed.
- server: partly fix config entry replication issue that prevents replication in some circumstances [GH-12307]
- ui: Ensure we always display the Policy default preview in the Namespace editing form [GH-12316]
- xds: Fixed Envoy http features such as outlier detection and retry policy not working correctly with transparent proxy. [GH-12385]