ยซ Changelog History


consul v1.9.5 Release Notes

Release Date: 2021-04-15 // about 3 years ago

  • ๐Ÿ”’ SECURITY:

    • โž• Add content-type headers to raw KV responses to prevent XSS attacks CVE-2020-25864 [GH-10023]
    • ๐Ÿ“œ audit-logging: Parse endpoint URL to prevent requests from bypassing the audit log CVE-2021-28156

    ๐Ÿ‘Œ IMPROVEMENTS:

    • ๐Ÿ“œ api: AutopilotServerHelath now handles the 429 status code returned by the v1/operator/autopilot/health endpoint and still returned the parsed reply which will indicate server healthiness [GH-8599]
    • 0๏ธโƒฃ client: when a client agent is attempting to dereigster a service, anddoes not have access to the ACL token used to register a service, attempt to use the agent token instead of the default user token. If no agent token is set, fall back to the default user token. [GH-9683]
    • connect: Automatically rewrite the Host header for Terminating Gateway HTTP services [GH-9042]
    • ๐Ÿ”’ ui: support stricter content security policies [GH-9847]

    ๐Ÿ› BUG FIXES:

    • api: ensure v1/health/ingress/:service endpoint works properly when streaming is enabled [GH-9967]
    • ๐Ÿ›  areas: Fixes a bug which would prevent newer servers in a network areas from connecting to servers running a version of Consul prior to 1.7.3.
    • ๐Ÿ›  audit-logging: (Enterprise only) Fixed an issue that resulted in usage of the agent master token or managed service provider tokens from being resolved properly. [GH-10013]
    • cache: fix a bug in the client agent cache where streaming could potentially leak resources. [GH-9978]. [GH-9978]
    • cache: fix a bug in the client agent cache where streaming would disconnect every 20 minutes and cause delivery delays. [GH-9979]. [GH-9979]
    • ๐Ÿ”Š command: when generating envoy bootstrap configs to stdout do not mix informational logs into the json [GH-9980]
    • โž• config: correct config key from advertise_addr_ipv6 to advertise_addr_wan_ipv6 [GH-9851]
    • ๐Ÿ”Š http: fix a bug in Consul Enterprise that would cause the UI to believe namespaces were supported, resulting in warning logs and incorrect UI behaviour. [GH-9923]
    • ๐Ÿ›  snapshot: fixes a bug that would cause snapshots to be missing all but the first ACL Auth Method. [GH-10025]
    • ๐Ÿ’ป ui: Fix intention form cancel button [GH-9901]