github hashicorp/consul v1.9.11

1.9.11 (November 11, 2021)

SECURITY:

  • agent: Use SHA256 instead of MD5 to generate persistence file names. [GH-11491]
  • namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace. This change fixes CVE-2021-41805.

IMPROVEMENTS:

  • ci: Artifact builds will now only run on merges to the release branches or to main [GH-11417]
  • ci: The Linux packages are now available for all supported Linux architectures including arm, arm64, 386, and amd64 [GH-11417]
  • ci: The Linux packaging service configs and pre/post install scripts are now available under [.release/linux] [GH-11417]
  • telemetry: Add new metrics for the count of connect service instances and configuration entries. [GH-11222]

BUG FIXES:

  • acl: fixes the fallback behaviour of down_policy with setting extend-cache/async-cache when the token is not cached. [GH-11136]
  • rpc: only attempt to authorize the DNSName in the client cert when verify_incoming_rpc=true [GH-11255]
  • server: (Enterprise only) Ensure that servers leave network segments when leaving other gossip pools
  • ui: Fixed styling of Role remove dialog on the Token edit page [GH-11298]
  • xds: fixes a bug where replacing a mesh gateway node used for WAN federation (with another that has a different IP) could leave gateways in the other DC unable to re-establish the connection [GH-11522]

Don't miss a new consul release

NewReleases is sending notifications on new releases.