Releases: hashicorp/consul
v1.19.6 (Enterprise)
v1.18.9 (Enterprise)
1.18.9 Enterprise (February 20, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
IMPROVEMENTS:
- dependency: upgrade consul/api to use Go 1.31.2 [GH-22174]
BUG FIXES:
v1.20.4
v1.20.3
1.20.3 (February 13, 2025)
SECURITY:
- Upgrade Go to use v1.22.11 and bump Go X-Repositories to latest. This addresses CVE
CVE-2024-45341 and
CVE-2024-45336 [GH-22084] - Upgrade Go to use v1.22.12 and bump Go X-Repositories to latest. This addresses CVE
CVE-2025-22866 [GH-22132]
IMPROVEMENTS:
- connect: update supported envoy versions to 1.33.0, 1.32.3 [GH-22138]
- metadata: memoize the parsed build versions [GH-22113]
BUG FIXES:
- Fixed logging error while building for OpenBSD OS [GH-22120] [GH-22120]
- api-gateway: Fixed TLS configuration to properly enforce listener TLS versions and cipher suites [GH-21984]
- aws-auth: Fix bug where calls to AWS IAM and STS services error out due to URL with multiple trailing slashes. [GH-22109]
v1.19.5 (Enterprise)
1.19.5 Enterprise (February 13, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
SECURITY:
- Upgrade Go to use v1.22.11 and bump Go X-Repositories to latest. This addresses CVE
CVE-2024-45341 and
CVE-2024-45336 [GH-22084] - Upgrade Go to use v1.22.12 and bump Go X-Repositories to latest. This addresses CVE
CVE-2025-22866 [GH-22132]
IMPROVEMENTS:
- metadata: memoize the parsed build versions [GH-22113]
BUG FIXES:
- Fixed logging error while building for OpenBSD OS [GH-22120] [GH-22120]
- api-gateway: Fixed TLS configuration to properly enforce listener TLS versions and cipher suites [GH-21984]
- aws-auth: Fix bug where calls to AWS IAM and STS services error out due to URL with multiple trailing slashes. [GH-22109]
v1.18.8 (Enterprise)
1.18.8 Enterprise (February 13, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.
SECURITY:
- Upgrade Go to use v1.22.11 and bump Go X-Repositories to latest. This addresses CVE
CVE-2024-45341 and
CVE-2024-45336 [GH-22084] - Upgrade Go to use v1.22.12 and bump Go X-Repositories to latest. This addresses CVE
CVE-2025-22866 [GH-22132]
IMPROVEMENTS:
- metadata: memoize the parsed build versions [GH-22113]
BUG FIXES:
v1.15.18 (Enterprise)
1.15.18 Enterprise (February 07, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
Enterprise LTS: Consul Enterprise 1.15 is a Long-Term Support (LTS) release.
BUG FIXES:
- aws-auth: Fix bug where calls to AWS IAM and STS services error out due to URL with multiple trailing slashes. [GH-22109]
v1.15.17 (Enterprise)
1.15.17 Enterprise (February 05, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
Enterprise LTS: Consul Enterprise 1.15 is a Long-Term Support (LTS) release.
SECURITY:
- Upgrade Go to use v1.22.11 and bump Go X-Repositories to latest. This addresses CVE
CVE-2024-45341 and
CVE-2024-45336 [GH-22084]
v1.18.7 (Enterprise)
1.18.7 Enterprise (January 31, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.
BUG FIXES:
v1.19.4 (Enterprise)
1.19.4 Enterprise (January 10, 2025)
This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.
BREAKING CHANGES:
- mesh: (Enterprise Only) Enable Envoy
HttpConnectionManager.normalize_pathby default on inbound traffic to mesh proxies. This resolves CVE-2024-10005.
SECURITY:
- Removed ability to use bexpr to filter results without ACL read on endpoint [GH-21950]
- Resolved issue where hcl would allow duplicates of the same key in acl policy configuration. [GH-21908]
- Update
github.com/golang-jwt/jwt/v4to v4.5.1 to address GHSA-29wx-vh33-7x7r. [GH-21951] - Update
golang.org/x/cryptoto v0.31.0 to address GO-2024-3321. [GH-22001] - Update
golang.org/x/netto v0.33.0 to address GO-2024-3333. [GH-22021] - Update
registry.access.redhat.com/ubi9-minimalimage to 9.5 to address CVE-2024-3596,CVE-2024-2511,CVE-2024-26458. [GH-22011] - api: Enforces strict content-type header validation to protect against XSS vulnerability. [GH-21930]
- mesh: (Enterprise Only) Add
containsandignoreCaseto L7 Intentions HTTP header matching criteria to support configuration resilient to variable casing and multiple values. This resolves CVE-2024-10006. - mesh: (Enterprise Only) Add
http.incoming.requestNormalizationto Mesh configuration entry to support inbound service traffic request normalization. This resolves CVE-2024-10005 and CVE-2024-10006.
IMPROVEMENTS:
- Upgrade api submodule to 1.29.6 [GH-22058]
- snapshot agent: (Enterprise only) Implement Service Principal Auth for snapshot agent on azure.
- xds: configures Envoy to load balance over all instances of an external service configured with hostnames when "envoy_dns_discovery_type" is set to "STRICT_DNS" [GH-21655]
BUG FIXES: