From 105c7cdee1a76550ba6170003188787799211021 Mon Sep 17 00:00:00 2001 From: Tim Gross Date: Fri, 16 Aug 2019 11:00:39 -0400 Subject: [PATCH] upgrade notes for 0.9.5 --- website/source/guides/upgrade/upgrade-specific.html.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/website/source/guides/upgrade/upgrade-specific.html.md b/website/source/guides/upgrade/upgrade-specific.html.md index 3aa235a65..c54edd81a 100644 --- a/website/source/guides/upgrade/upgrade-specific.html.md +++ b/website/source/guides/upgrade/upgrade-specific.html.md @@ -44,6 +44,16 @@ to match the default. For more information on upgrading Raft, see [Upgrading to Raft Protocol 3](/guides/upgrade/upgrade-specific.html#upgrading-to-raft-protocol-3). +## Nomad 0.9.5 + +### Template Rendering + +Nomad 0.9.5 includes security fixes for privilege escalation vulnerabilities in handling of job `template` stanzas: + + * The client host's environment variables are now cleaned before rendering the template. If a template includes the `env` function, the job should include an [`env`](https://www.nomadproject.io/docs/job-specification/env.html) stanza to allow access to the variable in the template. + * The `plugin` function is no longer permitted by default and will raise an error if used in a template. Operator can opt-in to permitting this function with the new [`template.function_blacklist`](https://www.nomadproject.io/docs/configuration/client.html#template-parameters) field in the client configuration. + * The `file` function has been changed to restrict paths to fall inside the task directory by default. Paths that used the `NOMAD_TASK_DIR` environment variable to prefix file paths should work unchanged. Relative paths or symlinks that point outside the task directory will raise an error. An operator can opt-out of this protection with the new [`template.disable_file_sandbox`](https://www.nomadproject.io/docs/configuration/client.html#template-parameters) field in the client configuration. + ## Nomad 0.9.0 ### Preemption