- 1.14.10: Both release executables and Docker images are built with this Go release.
- Possible panic if server receives a maliciously crafted JWT CVE-2020-26521 (#1624)
- User and claims activation revocation checks CVE-2020-26892 (#1632, #1635, #1645)
- Panic on shutdown while accepting TLS client connections (6900905b0ac41b1d080db610438d4037c654aced)
- Added defensive code for handling of Leafnode connections (d99d0eb06983c3fc07617412019e03ecb1d68a38)