Consul - v1.13.5
Security
1.13.5 (December 13, 2022)
SECURITY:
- Upgrade to use Go 1.18.9. This resolves a vulnerability where restricted files can be read on Windows. CVE-2022-41720 [GH-15706]
- Upgrades
golang.org/x/net
to prevent a denial of service by excessive memory usage caused by HTTP2 requests. CVE-2022-41717 [GH-15743]
IMPROVEMENTS:
- connect: ensure all vault connect CA tests use limited privilege tokens [GH-15669]
BUG FIXES:
- cli: (Enterprise Only) Fix issue where
consul partition update
subcommand was not registered and therefore not available through the cli. - connect: Fixed issue where using Vault 1.11+ as CA provider in a secondary datacenter would eventually break Intermediate CAs [GH-15661]
Security
Details
date
Dec. 14, 2022, 4:19 p.m.
name
v1.13.5
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Consul releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!