Overview All releases

Version History

v1.7.7 v1.7.6 v1.7.5 v1.7.4 v1.7.3 v1.7.2 v1.7.1 v1.7.0 v1.7.0-rc.1 v1.7.0-beta.2 v1.7.0-beta.1 v1.6.10 v1.6.9 v1.6.8 v1.6.7 v1.6.6 v1.6.5 v1.6.4 v1.6.3 v1.6.2 v1.6.1 v1.6.0 v1.6.0-rc.1 v1.6.0-beta.1 v1.5.17 v1.5.16 v1.5.15 v1.5.14 v1.5.13 v1.5.12 v1.5.11 v1.5.10 v1.5.9 v1.5.8 v1.5.7 v1.5.6 v1.5.5 v1.5.4 v1.5.3 v1.5.2 v1.5.1 v1.5.0

v1.5.0-rc.1

v1.5.0-beta.1

v1.4.14 v1.4.13 v1.4.12 v1.4.11 v1.4.10 v1.4.9 v1.4.8 v1.4.7 v1.4.6 v1.4.5 v1.4.4 v1.4.3 v1.4.2 v1.4.1 v1.4.0

v1.4.0-rc.1

v1.4.0-beta.1

v1.3.16 v1.3.15 v1.3.14 v1.3.13 v1.3.12 v1.3.11 v1.3.10 v1.3.9 v1.3.8 v1.3.7 v1.3.6 v1.3.5 v1.3.4 v1.3.3 v1.3.2 v1.3.1 v1.3.0

v1.3.0-rc.1

v1.3.0-beta.1

v1.2.16 v1.2.15 v1.2.14 v1.2.13 v1.2.12 v1.2.11 v1.2.10 v1.2.9 v1.2.8 v1.2.7

v1.2.6

v1.2.5 v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.18 v1.1.17 v1.1.16 v1.1.15 v1.1.14 v1.1.13

v1.1.9

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.15

v1.0.11

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-rc1

v1.0.0-beta2

v0.12.10

v0.12.9

v0.12.8

v0.12.7

v0.12.6

v0.12.5

v0.12.4

v0.12.4-rc1

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.12.0-rc1

v0.12.0-beta2

v0.12.0-beta1

v0.11.8

v0.11.7

v0.11.6

v0.11.5

v0.11.4

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.11.0-rc1

v0.11.0-beta2

v0.11.0-beta1

v0.10.9

v0.10.8

v0.10.7

v0.10.6

v0.10.5

v0.10.4

v0.10.4-rc1

v0.10.3

v0.10.2

v0.10.2-rc1

v0.10.1

v0.10.0

v0.10.0-rc1

v0.9.7

v0.9.6

v0.9.5

v0.9.4

nightly

Nomad - v1.2.6

Security

1.2.6 (February 9, 2022)

BACKWARDS INCOMPATIBILITIES:

ACL authentication is now required for the Nomad API job parse endpoint to address a potential security vulnerability

SECURITY:

Add ACL requirement and HCL validation to the job parse API endpoint to prevent excessive CPU usage. CVE-2022-24685 [GH-12038]
Fix race condition in use of go-getter that could cause a client agent to download the wrong artifact into the wrong destination. CVE-2022-24686 [GH-12036]
Prevent panic in spread iterator during allocation stop. CVE-2022-24684 [GH-12039]
Resolve symlinks to prevent unauthorized access to files outside the allocation directory. CVE-2022-24683 [GH-12037]

Security

Details

date

Feb. 10, 2022, 8:21 p.m.

name

v1.2.6

type

Patch

official page

https://github.com/hashicorp/nomad/releases/tag/v1.2.6

👇

🔍View and search all Nomad releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity