github hashicorp/consul v1.8.10

latest releases: v1.15.11, v1.16.7, v1.17.4...
2 years ago

1.8.10 (April 15, 2021)

SECURITY:

  • Add content-type headers to raw KV responses to prevent XSS attacks CVE-2020-25864 [GH-10023]
  • audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log CVE-2021-28156

BUG FIXES:

  • areas: Fixes a bug which would prevent newer servers in a network areas from connecting to servers running a version of Consul prior to 1.7.3.
  • audit-logging: (Enterprise only) Fixed an issue that resulted in usage of the agent master token or managed service provider tokens from being resolved properly. [GH-10013]
  • command: when generating envoy bootstrap configs to stdout do not mix informational logs into the json [GH-9980]
  • config: correct config key from advertise_addr_ipv6 to advertise_addr_wan_ipv6 [GH-9851]
  • snapshot: fixes a bug that would cause snapshots to be missing all but the first ACL Auth Method. [GH-10025]

Don't miss a new consul release

NewReleases is sending notifications on new releases.