Overview All releases

Version History

v1.18.1 v1.18.0 v1.18.0-rc1 v1.17.4 v1.17.3 v1.17.2 v1.17.1 v1.17.0 v1.17.0-rc1 v1.16.7 v1.16.6 v1.16.5 v1.16.4 v1.16.3 v1.16.2 v1.16.1 v1.16.0 v1.16.0-rc1 v1.15.11 v1.15.10 v1.15.9 v1.15.8 v1.15.7 v1.15.6 v1.15.5 v1.15.4 v1.15.3 v1.15.2 v1.15.1 v1.15.0 v1.14.11 v1.14.10

v1.14.9

v1.14.8 v1.14.7 v1.14.6 v1.14.5 v1.14.4 v1.14.3 v1.14.2 v1.14.1 v1.14.0

v1.14.0-beta1

v1.13.9 v1.13.8 v1.13.7 v1.13.6 v1.13.5 v1.13.4 v1.13.3 v1.13.2 v1.13.1 v1.13.0

v1.13.0-alpha2

v1.13.0-alpha1

v1.12.9 v1.12.8 v1.12.7 v1.12.6 v1.12.5 v1.12.4 v1.12.3 v1.12.2 v1.12.1 v1.12.0

v1.12.0-beta1

v1.11.11 v1.11.10 v1.11.9 v1.11.8 v1.11.7 v1.11.6 v1.11.5 v1.11.4 v1.11.3 v1.11.2

v1.11.1

v1.11.0

v1.11.0-rc

v1.11.0-beta3

v1.11.0-beta2

v1.11.0-beta1

v1.11.0-alpha

v1.10.12 v1.10.11 v1.10.10 v1.10.9 v1.10.8 v1.10.7

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.1-beta1

v1.10.0

v1.10.0-rc2

v1.10.0-rc

v1.10.0-beta4

v1.10.0-beta3

v1.10.0-beta2

v1.10.0-beta1

v1.10.0-alpha

v1.9.17 v1.9.16 v1.9.15 v1.9.14

v1.9.13

v1.9.12

v1.9.11

v1.9.10

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc1

v1.9.0-beta3

v1.9.0-beta2

v1.9.0-beta1

v1.8.19

v1.8.18

v1.8.17

v1.8.16

v1.8.15

v1.8.14

v1.8.13

v1.8.12

v1.8.11

v1.8.11-beta2

v1.8.11-beta1

v1.8.10

v1.8.9

v1.8.9-beta1

v1.8.8

v1.8.7

v1.8.7-beta1

v1.8.6

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc1

v1.8.0-beta2

v1.8.0-beta1

v1.7.14

v1.7.13

v1.7.12

v1.7.11

v1.7.10

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.6.10

v1.6.9

v1.6.8

v1.6.7

v1.6.6

Consul - v1.14.9

Security

1.14.9 (August 7, 2023)

SECURITY:

Update golang.org/x/net to v0.13.0 to address CVE-2023-3978. [GH-18358]
Upgrade golang.org/x/net to address CVE-2023-29406 [GH-18186]
Upgrade to use Go 1.20.6.
This resolves CVE-2023-29406(net/http) for uses of the standard library.
A separate change updates dependencies on golang.org/x/net to use 0.12.0. [GH-18190]
Upgrade to use Go 1.20.7.
This resolves vulnerability CVE-2023-29409(crypto/tls). [GH-18358]

FEATURES:

cli: consul members command uses -filter expression to filter members based on bexpr. [GH-18223]
cli: consul watch command uses -filter expression to filter response from checks, services, nodes, and service. [GH-17780]
reloadable config: Made enable_debug config reloadable and enable pprof command to work when config toggles to true [GH-17565]

IMPROVEMENTS:

Fix some typos in metrics docs [GH-18080]
acl: added builtin ACL policy that provides global read-only access (builtin/global-read-only) [GH-18319]
acl: allow for a single slash character in policy names [GH-18319]
connect: update supported envoy versions to 1.21.6, 1.22.11, 1.23.12, 1.24.10 [GH-18305]
hcp: Removes requirement for HCP to provide a management token [GH-18140]
xds: Explicitly enable WebSocket connection upgrades in HTTP connection manager [GH-18150]

BUG FIXES:

Fix a bug that wrongly trims domains when there is an overlap with DC name. [GH-17160]
connect/ca: Fixes a bug preventing CA configuration updates in secondary datacenters [GH-17846]
connect: Fix incorrect protocol config merging for transparent proxy implicit upstreams. [GH-17894]
connect: fix a bug with Envoy potentially starting with incomplete configuration by not waiting enough for initial xDS configuration. [GH-18024]
snapshot: fix access denied and handle is invalid when we call snapshot save on windows - skip sync() for folders in windows in
https://github.com/rboyer/safeio/pull/3 [GH-18302]

Security

Details

date

Aug. 8, 2023, 3:28 p.m.

name

v1.14.9

type

Patch

official page

https://github.com/hashicorp/consul/releases/tag/v1.14.9

👇

🔍View and search all Consul releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity