v1.1.4
1.1.4 (Aug 10, 2023)
SECURITY:
- Upgrade to use Go 1.20.6 and
x/net/http
0.12.0.
This resolves CVE-2023-29406(net/http
). [GH-2642] - Upgrade to use Go 1.20.7 and
x/net
0.13.0.
This resolves CVE-2023-29409(crypto/tls
)
and CVE-2023-3978(net/html
). [GH-2710]
IMPROVEMENTS:
- Add support to provide the logLevel flag via helm for multiple low level components. Introduces the following fields
global.acls.logLevel
global.tls.logLevel
global.federation.logLevel
global.gossipEncryption.logLevel
server.logLevel
client.logLevel
meshGateway.logLevel
ingressGateways.logLevel
terminatingGateways.logLevel
telemetryCollector.logLevel
[GH-2302]
- control-plane: increase timeout after login for ACL replication to 60 seconds [GH-2656]
- helm: adds values for
securityContext
andannotations
on TLS and ACL init/cleanup jobs. [GH-2525] - helm: do not set container securityContexts by default on OpenShift < 4.11 [GH-2678]
- helm: set container securityContexts to match the
restricted
Pod Security Standards policy to support running Consul in a namespace with restricted PSA enforcement enabled [GH-2572]
BUG FIXES: