Overview All releases

Version History

v1.18.1 v1.18.0 v1.18.0-rc1 v1.17.4 v1.17.3 v1.17.2 v1.17.1 v1.17.0 v1.17.0-rc1 v1.16.7 v1.16.6 v1.16.5 v1.16.4 v1.16.3 v1.16.2 v1.16.1 v1.16.0 v1.16.0-rc1 v1.15.11 v1.15.10 v1.15.9 v1.15.8 v1.15.7 v1.15.6 v1.15.5 v1.15.4 v1.15.3 v1.15.2 v1.15.1 v1.15.0 v1.14.11 v1.14.10 v1.14.9 v1.14.8 v1.14.7 v1.14.6 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0

v1.14.0-beta1

v1.13.9 v1.13.8 v1.13.7 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0

v1.13.0-alpha2

v1.13.0-alpha1

v1.12.9 v1.12.8 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0

v1.12.0-beta1

v1.11.11 v1.11.10 v1.11.9 v1.11.8 v1.11.7 v1.11.6 v1.11.5 v1.11.4 v1.11.3 v1.11.2

v1.11.1

v1.11.0

v1.11.0-rc

v1.11.0-beta3

v1.11.0-beta2

v1.11.0-beta1

v1.11.0-alpha

v1.10.12 v1.10.11 v1.10.10 v1.10.9 v1.10.8

v1.10.7

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.1-beta1

v1.10.0

v1.10.0-rc2

v1.10.0-rc

v1.10.0-beta4

v1.10.0-beta3

v1.10.0-beta2

v1.10.0-beta1

v1.10.0-alpha

v1.9.17 v1.9.16 v1.9.15 v1.9.14

v1.9.13

v1.9.12

v1.9.11

v1.9.10

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc1

v1.9.0-beta3

v1.9.0-beta2

v1.9.0-beta1

v1.8.19

v1.8.18

v1.8.17

v1.8.16

v1.8.15

v1.8.14

v1.8.13

v1.8.12

v1.8.11

v1.8.11-beta2

v1.8.11-beta1

v1.8.10

v1.8.9

v1.8.9-beta1

v1.8.8

v1.8.7

v1.8.7-beta1

v1.8.6

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc1

v1.8.0-beta2

v1.8.0-beta1

v1.7.14

v1.7.13

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.6.10

v1.6.9

v1.6.8

v1.6.7

v1.6.6

Consul - v1.10.7

Security

1.10.7 (January 12, 2022)

SECURITY:

namespaces: (Enterprise only) Creating or editing namespaces that include default ACL policies or ACL roles now requires acl:write permission in the default namespace. This change fixes CVE-2021-41805.

FEATURES:

ui: Adds visible Consul version information [GH-11803]

BUG FIXES:

Mutate NodeService struct properly to avoid a data race. [GH-11940]
Upgrade to raft 1.3.3 which fixes a bug where a read replica node can trigger a raft election and become a leader. [GH-11958]
ca: fixes a bug that caused non blocking leaf cert queries to return the same cached response regardless of ca rotation or leaf cert expiry [GH-11693]
ca: fixes a bug that caused the SigningKeyID to be wrong in the primary DC, when the Vault provider is used, after a CA config creates a new root. [GH-11672]
ca: fixes a bug that caused the intermediate cert used to sign leaf certs to be missing from the /connect/ca/roots API response when the Vault provider was used. [GH-11671]
cli: Display assigned node identities in output of consul acl token list. [GH-11926]
cli: when creating a private key, save the file with mode 0600 so that only the user has read permission. [GH-11781]
snapshot: (Enterprise only) fixed a bug where the snapshot agent would ignore the license_path setting in config files
structs: (Enterprise only) Remove partition field parsing from 1.10 to prevent further 1.11 upgrade compatibility issues.
ui: Differentiate between Service Meta and Node Meta when choosing search fields
in Service Instance listings [GH-11774]
ui: Ensure we show a readonly designed page for readonly intentions [GH-11767]
ui: Fix an issue where attempting to delete a policy from the policy detail page when
attached to a token would result in the delete button disappearing and no
deletion being attempted [GH-11868]
ui: Fix visual issue with slight table header overflow [GH-11670]
ui: Fixes an issue where once a 403 page is displayed in some circumstances its
diffcult to click back to where you where before receiving a 403 [GH-11891]
ui: Fixes an issue where under some circumstances after logging we present the
data loaded previous to you logging in. [GH-11681]
ui: Include Service.Namespace into available variables for dashboard_url_templates [GH-11640]
ui: Revert to depending on the backend, 'post-user-action', to report
permissions errors rather than using UI capabilities 'pre-user-action' [GH-11520]
ui: Temporarily remove KV pre-flight check for KV list permissions [GH-11968]
windows: Fixes a bug with empty log files when Consul is run as a Windows Service [GH-11960]
xds: fix a deadlock when the snapshot channel already have a snapshot to be consumed. [GH-11924]

Security

CVE-2021-41805

Details

date

Jan. 14, 2022, 1:39 a.m.

name

v1.10.7

type

Patch

official page

https://github.com/hashicorp/consul/releases/tag/v1.10.7

👇

🔍View and search all Consul releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity