ยซ Changelog History


consul v1.10.4 Release Notes

Release Date: 2021-11-11 // over 2 years ago

  • ๐Ÿ”’ SECURITY:

    • agent: Use SHA256 instead of MD5 to generate persistence file names. [GH-11491]
    • namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace. This change fixes CVE-2021-41805.

    ๐Ÿ‘Œ IMPROVEMENTS:

    • ๐Ÿš€ ci: Artifact builds will now only run on merges to the release branches or to main [GH-11417]
    • ๐Ÿง ci: The Linux packages are now available for all supported Linux architectures including arm, arm64, 386, and amd64 [GH-11417]
    • ๐Ÿš€ ci: The Linux packaging service configs and pre/post install scripts are now available under [.release/linux] [GH-11417]
    • connect/ca: Return an error when querying roots from uninitialized CA. [GH-11514]
    • ๐Ÿ”ง telemetry: Add new metrics for the count of connect service instances and configuration entries. [GH-11222]

    ๐Ÿ› BUG FIXES:

    • ๐Ÿ›  acl: fixes the fallback behaviour of down_policy with setting extend-cache/async-cache when the token is not cached. [GH-11136]
    • ๐Ÿ›  api: fixed backwards compatibility issue with AgentService SocketPath field. [GH-11318]
    • connect/ca: Allow secondary initialization to resume after being deferred due to unreachable or incompatible primary DC servers. [GH-11514]
    • 0๏ธโƒฃ connect: fix issue with attempting to generate an invalid upstream cluster from UpstreamConfig.Defaults. [GH-11245]
    • raft: do not trigger an election if not part of the servers list. [GH-11375]
    • rpc: only attempt to authorize the DNSName in the client cert when verify_incoming_rpc=true [GH-11255]
    • server: (Enterprise only) Ensure that servers leave network segments when leaving other gossip pools
    • snapshot: (Enterprise only) snapshot agent no longer attempts to refresh its license from the server when a local license is provided (i.e. via config or an environment variable)
    • telemetry: Consul Clients no longer emit Autopilot metrics. [GH-11241]
    • telemetry: fixes a bug with Prometheus consul_autopilot_failure_tolerance metric where 0 is reported instead of NaN on follower servers. [GH-11399]
    • telemetry: fixes a bug with Prometheus consul_autopilot_healthy metric where 0 is reported instead of NaN on servers. [GH-11231]
    • ui: (Enterprise only) When no namespace is selected, make sure to default to the tokens default namespace when requesting permissions [GH-11472]
    • ๐Ÿ’ป ui: Ensure we check intention permissions for specific services when deciding whether to show action buttons for per service intention actions [GH-11270]
    • ๐Ÿšš ui: Fixed styling of Role remove dialog on the Token edit page [GH-11298]
    • ๐Ÿ›  xds: fixes a bug where replacing a mesh gateway node used for WAN federation (with another that has a different IP) could leave gateways in the other DC unable to re-establish the connection [GH-11522]

    ๐Ÿ› BUG FIXES:

    • ๐Ÿ›  Fixing SOA record to return proper domain when alt domain in use. [GH-10431]