Skip to content

v1.7.9
Compare
Choose a tag to compare
@hashicorp-ci hashicorp-ci released this 26 Oct 19:15
v1.7.9
f4a12c0

1.7.9 (October 26, 2020)

SECURITY:

  • Fix Consul Enterprise Namespace Config Entry Replication DoS. Previously an operator with service:write ACL permissions in a Consul Enterprise cluster could write a malicious config entry that caused infinite raft writes due to issues with the namespace replication logic. [CVE-2020-25201] [GH-9024]

IMPROVEMENTS:

  • connect: update supported envoy releases to 1.13.6, 1.12.7, 1.11.2, 1.10.0 for 1.7.x [GH-9000]

BUG FIXES:

  • agent: when enable_central_service_config is enabled ensure agent reload doesn't revert check state to critical [GH-8747]
Assets 2
Loading