Overview All releases

Version History

v1.18.1 v1.18.0 v1.18.0-rc1 v1.17.4 v1.17.3 v1.17.2 v1.17.1 v1.17.0 v1.17.0-rc1 v1.16.7 v1.16.6 v1.16.5 v1.16.4 v1.16.3 v1.16.2 v1.16.1 v1.16.0 v1.16.0-rc1 v1.15.11 v1.15.10 v1.15.9 v1.15.8 v1.15.7 v1.15.6 v1.15.5 v1.15.4 v1.15.3 v1.15.2 v1.15.1 v1.15.0 v1.14.11 v1.14.10 v1.14.9 v1.14.8 v1.14.7 v1.14.6 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0

v1.14.0-beta1

v1.13.9

v1.13.8

v1.13.7 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0

v1.13.0-alpha2

v1.13.0-alpha1

v1.12.9 v1.12.8 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0

v1.12.0-beta1

v1.11.11 v1.11.10 v1.11.9 v1.11.8 v1.11.7 v1.11.6 v1.11.5 v1.11.4 v1.11.3 v1.11.2

v1.11.1

v1.11.0

v1.11.0-rc

v1.11.0-beta3

v1.11.0-beta2

v1.11.0-beta1

v1.11.0-alpha

v1.10.12 v1.10.11 v1.10.10 v1.10.9 v1.10.8 v1.10.7

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.1-beta1

v1.10.0

v1.10.0-rc2

v1.10.0-rc

v1.10.0-beta4

v1.10.0-beta3

v1.10.0-beta2

v1.10.0-beta1

v1.10.0-alpha

v1.9.17 v1.9.16 v1.9.15 v1.9.14

v1.9.13

v1.9.12

v1.9.11

v1.9.10

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc1

v1.9.0-beta3

v1.9.0-beta2

v1.9.0-beta1

v1.8.19

v1.8.18

v1.8.17

v1.8.16

v1.8.15

v1.8.14

v1.8.13

v1.8.12

v1.8.11

v1.8.11-beta2

v1.8.11-beta1

v1.8.10

v1.8.9

v1.8.9-beta1

v1.8.8

v1.8.7

v1.8.7-beta1

v1.8.6

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc1

v1.8.0-beta2

v1.8.0-beta1

v1.7.14

v1.7.13

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.6.10

v1.6.9

v1.6.8

v1.6.7

v1.6.6

Consul - v1.13.8

Security

1.13.8 (May 16, 2023)

SECURITY:

Upgrade to use Go 1.20.1.
This resolves vulnerabilities CVE-2022-41724 in crypto/tls and CVE-2022-41723 in net/http. [GH-16263]
Upgrade to use Go 1.20.4.
This resolves vulnerabilities CVE-2023-24537(go/scanner),
CVE-2023-24538(html/template),
CVE-2023-24534(net/textproto) and
CVE-2023-24536(mime/multipart).
Also, golang.org/x/net has been updated to v0.7.0 to resolve CVEs CVE-2022-41721, CVE-2022-27664 and CVE-2022-41723 [GH-17240]

IMPROVEMENTS:

api: updated the go module directive to 1.18. [GH-15297]
connect: update supported envoy versions to 1.20.7, 1.21.6, 1.22.11, 1.23.8 [GH-16891]
sdk: updated the go module directive to 1.18. [GH-15297]

BUG FIXES:

Fix an bug where decoding some Config structs with unset pointer fields could fail with reflect: call of reflect.Value.Type on zero Value. [GH-17048]
audit-logging: (Enterprise only) Fix a bug where /agent/monitor and /agent/metrics endpoints return a Streaming not supported error when audit logs are enabled. This also fixes the delay receiving logs when running consul monitor against an agent with audit logs enabled. [GH-16700]
ca: Fixes a bug where updating Vault CA Provider config would cause TLS issues in the service mesh [GH-16592]
connect: Fix multiple inefficient behaviors when querying service health. [GH-17241]
grpc: ensure grpc resolver correctly uses lan/wan addresses on servers [GH-17270]
peering: Fixes a bug that can lead to peering service deletes impacting the state of local services [GH-16570]
xds: Fix possible panic that can when generating clusters before the root certificates have been fetched. [GH-17185]

Security

Details

date

May 16, 2023, 4:47 p.m.

name

v1.13.8

type

Patch

official page

https://github.com/hashicorp/consul/releases/tag/v1.13.8

👇

🔍View and search all Consul releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity