Merge pull request #9246 from hashicorp/changelog-186
This commit is contained in:
commit
14da6b4089
32
CHANGELOG.md
32
CHANGELOG.md
|
@ -145,6 +145,12 @@ BUG FIXES:
|
|||
* raft: (Enterprise only) properly update consul server meta non_voter for non-voting Enterprise Consul servers [[GH-8731](https://github.com/hashicorp/consul/issues/8731)]
|
||||
* ui: show correct datacenter for gateways [[GH-8704](https://github.com/hashicorp/consul/issues/8704)]
|
||||
|
||||
## 1.8.6 (November 19, 2020)
|
||||
|
||||
SECURITY:
|
||||
|
||||
* Increase the permissions to read from the `/connect/ca/configuration` endpoint to `operator:write`. Previously Connect CA configuration, including the private key, set via this endpoint could be read back by an operator with `operator:read` privileges. [CVE-2020-28053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28053) [[GH-9240](https://github.com/hashicorp/consul/issues/9240)]
|
||||
|
||||
## 1.8.5 (October 23, 2020)
|
||||
|
||||
SECURITY:
|
||||
|
@ -311,6 +317,26 @@ BUGFIXES:
|
|||
* ui: Miscellaneous amends for Safari and Firefox [[GH-7904](https://github.com/hashicorp/consul/issues/7904)] [[GH-7907](https://github.com/hashicorp/consul/pull/7907)]
|
||||
* ui: Ensure a value is always passed to CONSUL_SSO_ENABLED [[GH-7913](https://github.com/hashicorp/consul/pull/7913)]
|
||||
|
||||
## 1.7.10 (November 19, 2020)
|
||||
|
||||
SECURITY:
|
||||
|
||||
* Increase the permissions to read from the `/connect/ca/configuration` endpoint to `operator:write`. Previously Connect CA configuration, including the private key, set via this endpoint could be read back by an operator with `operator:read` privileges. [CVE-2020-28053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28053) [[GH-9240](https://github.com/hashicorp/consul/issues/9240)]
|
||||
|
||||
## 1.7.9 (October 26, 2020)
|
||||
|
||||
SECURITY:
|
||||
|
||||
* Fix Consul Enterprise Namespace Config Entry Replication DoS. Previously an operator with service:write ACL permissions in a Consul Enterprise cluster could write a malicious config entry that caused infinite raft writes due to issues with the namespace replication logic. [CVE-2020-25201] (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25201) [[GH-9024](https://github.com/hashicorp/consul/issues/9024)]
|
||||
|
||||
IMPROVEMENTS:
|
||||
|
||||
* connect: update supported envoy releases to 1.13.6, 1.12.7, 1.11.2, 1.10.0 for 1.7.x [[GH-9000](https://github.com/hashicorp/consul/issues/9000)]
|
||||
|
||||
BUG FIXES:
|
||||
|
||||
* agent: when enable_central_service_config is enabled ensure agent reload doesn't revert check state to critical [[GH-8747](https://github.com/hashicorp/consul/issues/8747)]
|
||||
|
||||
## 1.7.8 (September 11, 2020)
|
||||
|
||||
FEATURES:
|
||||
|
@ -546,6 +572,12 @@ BUGFIXES:
|
|||
* ui: Discovery-Chain: Improve parsing of redirects [[GH-7174](https://github.com/hashicorp/consul/pull/7174)]
|
||||
* ui: Fix styling of ‘duplicate intention’ error message [[GH6936]](https://github.com/hashicorp/consul/pull/6936)
|
||||
|
||||
## 1.6.10 (November 19, 2020)
|
||||
|
||||
SECURITY:
|
||||
|
||||
* Increase the permissions to read from the `/connect/ca/configuration` endpoint to `operator:write`. Previously Connect CA configuration, including the private key, set via this endpoint could be read back by an operator with `operator:read` privileges. [CVE-2020-28053](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28053) [[GH-9240](https://github.com/hashicorp/consul/issues/9240)]
|
||||
|
||||
## 1.6.9 (September 11, 2020)
|
||||
|
||||
BUG FIXES:
|
||||
|
|
|
@ -1 +1 @@
|
|||
export default '1.8.5'
|
||||
export default '1.8.6'
|
||||
|
|
Loading…
Reference in New Issue