Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update module github.com/hashicorp/consul to v1.14.5 [security] (release-2.8.x) #119

Open
wants to merge 1 commit into
base: release-2.8.x
Choose a base branch
from
Open

chore(deps): update module github.com/hashicorp/consul to v1.14.5 [security] (release-2.8.x) #119

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Aug 25, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/hashicorp/consul v1.5.1 -> v1.14.5 age adoption passing confidence

Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul

BIT-consul-2020-7219 / CVE-2020-7219 / GHSA-23jv-v6qj-3fhh / GO-2022-0776

More information

Details

Denial of Service (DoS) in HashiCorp Consul in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Incorrect Authorization in HashiCorp Consul

BIT-consul-2020-7955 / CVE-2020-7955 / GHSA-r9w6-rhh9-7v53 / GO-2022-0874

More information

Details

HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3.

Severity

  • CVSS Score: 5.3 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Denial of Service (DoS) in HashiCorp Consul

BIT-consul-2020-7219 / CVE-2020-7219 / GHSA-23jv-v6qj-3fhh / GO-2022-0776

More information

Details

HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3.

Specific Go Packages Affected

github.com/hashicorp/consul/agent/consul

Severity

  • CVSS Score: 7.5 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul

BIT-consul-2020-7955 / CVE-2020-7955 / GHSA-r9w6-rhh9-7v53 / GO-2022-0874

More information

Details

Incorrect Authorization in HashiCorp Consul in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul

BIT-consul-2020-13250 / CVE-2020-13250 / GHSA-rqjq-mrgx-85hp / GO-2022-0879

More information

Details

Allocation of Resources Without Limits or Throttling in Hashicorp Consul in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Allocation of Resources Without Limits or Throttling in Hashicorp Consul

BIT-consul-2020-13250 / CVE-2020-13250 / GHSA-rqjq-mrgx-85hp / GO-2022-0879

More information

Details

HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service.

Specific Go Packages Affected

github.com/hashicorp/consul/agent/config

Fix

The vulnerability is fixed in versions 1.6.6 and 1.7.4.

Severity

  • CVSS Score: 7.5 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Privilege Escalation in HashiCorp Consul

BIT-consul-2020-28053 / CVE-2020-28053 / GHSA-6m72-467w-94rh / GO-2024-2505

More information

Details

HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. Fixed in 1.6.10, 1.7.10, and 1.8.6.

Severity

  • CVSS Score: 6.5 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul

BIT-consul-2020-28053 / CVE-2020-28053 / GHSA-6m72-467w-94rh / GO-2024-2505

More information

Details

Privilege Escalation in HashiCorp Consul in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

HashiCorp Consul Cross-site Scripting vulnerability

BIT-consul-2020-25864 / CVE-2020-25864 / GHSA-8xmx-h8rq-h94j / GO-2023-1851

More information

Details

HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.

Severity

  • CVSS Score: 6.1 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul

BIT-consul-2020-25864 / CVE-2020-25864 / GHSA-8xmx-h8rq-h94j / GO-2023-1851

More information

Details

HashiCorp Consul Cross-site Scripting vulnerability in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic.

BIT-consul-2021-38698 / CVE-2021-38698 / GHSA-6hw5-6gcx-phmw / GO-2022-0559

More information

Details

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.

Severity

  • CVSS Score: 6.5 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul Privilege Escalation Vulnerability

BIT-consul-2021-37219 / CVE-2021-37219 / GHSA-ccw8-7688-vqx4 / GO-2022-0593

More information

Details

HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.

Severity

  • CVSS Score: 8.8 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul

BIT-consul-2021-38698 / CVE-2021-38698 / GHSA-6hw5-6gcx-phmw / GO-2022-0559

More information

Details

HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul

BIT-consul-2021-37219 / CVE-2021-37219 / GHSA-ccw8-7688-vqx4 / GO-2022-0593

More information

Details

HashiCorp Consul Privilege Escalation Vulnerability in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul

BIT-consul-2022-29153 / CVE-2022-29153 / GHSA-q6h7-4qgw-2j9p / GO-2022-0615

More information

Details

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector

BIT-consul-2022-29153 / CVE-2022-29153 / GHSA-q6h7-4qgw-2j9p / GO-2022-0615

More information

Details

A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that HTTP health check endpoints returning an HTTP redirect may be abused as a vector for server-side request forgery (SSRF). This vulnerability, CVE-2022-29153, was fixed in Consul 1.9.17, 1.10.10, and 1.11.5.

Severity

  • CVSS Score: 7.5 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul L7 deny intention results in an allow action

BIT-consul-2021-36213 / CVE-2021-36213 / GHSA-8h2g-r292-j8xh / GO-2022-0895

More information

Details

In HashiCorp Consul before 1.10.1 (and Consul Enterprise), xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.

Severity

  • CVSS Score: 7.5 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul

BIT-consul-2021-32574 / CVE-2021-32574 / GHSA-25gf-8qrr-g78r / GO-2022-0894

More information

Details

Hashicorp Consul Missing SSL Certificate Validation in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Hashicorp Consul Missing SSL Certificate Validation

BIT-consul-2021-32574 / CVE-2021-32574 / GHSA-25gf-8qrr-g78r / GO-2022-0894

More information

Details

HashiCorp Consul before 1.10.1 (and Consul Enterprise) has Missing SSL Certificate Validation. xds does not ensure that the Subject Alternative Name of an upstream is validated.

Severity

  • CVSS Score: 7.5 / 10 (High)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul

BIT-consul-2021-36213 / CVE-2021-36213 / GHSA-8h2g-r292-j8xh / GO-2022-0895

More information

Details

HashiCorp Consul L7 deny intention results in an allow action in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

HashiCorp Consul vulnerable to authorization bypass

BIT-consul-2022-40716 / CVE-2022-40716 / GHSA-m69r-9g56-7mv8 / GO-2022-1029

More information

Details

HashiCorp Consul and Consul Enterprise versions prior to 1.11.9, 1.12.5, and 1.13.2 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. A specially crafted CSR sent directly to Consul’s internal server agent RPC endpoint can include multiple SAN URI values with additional service names. This issue has been fixed in versions 1.11.9, 1.12.5, and 1.13.2. There are no known workarounds.

Severity

  • CVSS Score: 6.5 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul

BIT-consul-2022-40716 / CVE-2022-40716 / GHSA-m69r-9g56-7mv8 / GO-2022-1029

More information

Details

HashiCorp Consul vulnerable to authorization bypass in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul

BIT-consul-2023-1297 / CVE-2023-1297 / GHSA-c57c-7hrj-6q6v / GO-2023-1827

More information

Details

Hashicorp Consul vulnerable to denial of service in github.com/hashicorp/consul

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Hashicorp Consul vulnerable to denial of service

BIT-consul-2023-1297 / CVE-2023-1297 / GHSA-c57c-7hrj-6q6v / GO-2023-1827

More information

Details

Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3

Severity

  • CVSS Score: 4.9 / 10 (Medium)
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Release Notes

hashicorp/consul (github.com/hashicorp/consul)

v1.14.5

Compare Source

1.14.5 (March 7, 2023)

SECURITY:

IMPROVEMENTS:

  • container: Upgrade container image to use to Alpine 3.17. [GH-16358]
  • mesh: Add ServiceResolver RequestTimeout for route timeouts to make request timeouts configurable [GH-16495]

BUG FIXES:

  • mesh: Fix resolution of service resolvers with subsets for external upstreams [GH-16499]
  • peering: Fix bug where services were incorrectly imported as connect-enabled. [GH-16339]
  • peering: Fix issue where mesh gateways would use the wrong address when contacting a remote peer with the same datacenter name. [GH-16257]
  • peering: Fix issue where secondary wan-federated datacenters could not be used as peering acceptors. [GH-16230]
  • proxycfg: fix a bug where terminating gateways were not cleaning up deleted service resolvers for their referenced services [GH-16498]

v1.14.4

Compare Source

1.14.4 (January 26, 2023)

BREAKING CHANGES:

  • connect: Fix configuration merging for transparent proxy upstreams. Proxy-defaults and service-defaults config entries were not correctly merged for implicit upstreams in transparent proxy mode and would result in some configuration not being applied. To avoid issues when upgrading, ensure that any proxy-defaults or service-defaults have correct configuration for upstreams, since all fields will now be properly used to configure proxies. [GH-16000]
  • peering: Newly created peering connections must use only lowercase characters in the name field. Existing peerings with uppercase characters will not be modified, but they may encounter issues in various circumstances. To maintain forward compatibility and avoid issues, it is recommended to destroy and re-create any invalid peering connections so that they do not have a name containing uppercase characters. [GH-15697]

FEATURES:

  • connect: add flags envoy-ready-bind-port and envoy-ready-bind-address to the consul connect envoy command that allows configuration of readiness probe on proxy for any service kind. [GH-16015]
  • deps: update to latest go-discover to provide ECS auto-discover capabilities. [GH-13782]

IMPROVEMENTS:

  • acl: relax permissions on the WatchServers, WatchRoots and GetSupportedDataplaneFeatures gRPC endpoints to accept any valid ACL token [GH-15346]
  • connect: Add support for ConsulResolver to specifies a filter expression [GH-15659]
  • grpc: Use new balancer implementation to reduce periodic WARN logs when shuffling servers. [GH-15701]
  • partition: (Consul Enterprise only) when loading service from on-disk config file or sending API request to agent endpoint,
    if the partition is unspecified, consul will default the partition in the request to agent's partition [GH-16024]

BUG FIXES:

  • agent: Fix assignment of error when auto-reloading cert and key file changes. [GH-15769]
  • agent: Fix issue where the agent cache would incorrectly mark protobuf objects as updated. [GH-15866]
  • cli: Fix issue where consul connect envoy was unable to configure TLS over unix-sockets to gRPC. [GH-15913]
  • connect: (Consul Enterprise only) Fix issue where upstream configuration from proxy-defaults and service-defaults was not properly merged. This could occur when a mixture of empty-strings and "default" were used for the namespace or partition fields.
  • connect: Fix issue where service-resolver protocol checks incorrectly errored for failover peer targets. [GH-15833]
  • connect: Fix issue where watches on upstream failover peer targets did not always query the correct data. [GH-15865]
  • xds: fix bug where sessions for locally-managed services could fail with "this server has too many xDS streams open" [GH-15789]

v1.14.3

Compare Source

1.14.3 (December 13, 2022)

SECURITY:

  • Upgrade to use Go 1.19.4. This resolves a vulnerability where restricted files can be read on Windows. CVE-2022-41720 [GH-15705]
  • Upgrades golang.org/x/net to prevent a denial of service by excessive memory usage caused by HTTP2 requests. CVE-2022-41717 [GH-15737]

FEATURES:

  • ui: Add field for fallback server addresses to peer token generation form [GH-15555]

IMPROVEMENTS:

  • connect: ensure all vault connect CA tests use limited privilege tokens [GH-15669]

BUG FIXES:

  • agent: (Enterprise Only) Ensure configIntentionsConvertToList does not compare empty strings with populated strings when filtering intentions created prior to AdminPartitions.
  • connect: Fix issue where DialedDirectly configuration was not used by Consul Dataplane. [GH-15760]
  • connect: Fix peering failovers ignoring local mesh gateway configuration. [GH-15690]
  • connect: Fixed issue where using Vault 1.11+ as CA provider in a secondary datacenter would eventually break Intermediate CAs [GH-15661]

v1.14.2

Compare Source

1.14.2 (November 30, 2022)

FEATURES:

  • connect: Add local_idle_timeout_ms to allow configuring the Envoy route idle timeout on local_app
    connect: Add IdleTimeout to service-router to allow configuring the Envoy route idle timeout [GH-14340]
  • snapshot: (Enterprise Only) Add support for the snapshot agent to use an IAM role for authentication/authorization when managing snapshots in S3.

IMPROVEMENTS:

  • dns: Add support for cluster peering .service and .node DNS queries. [GH-15596]

BUG FIXES:

  • acl: avoid debug log spam in secondary datacenter servers due to management token not being initialized. [GH-15610]
  • agent: Fixed issue where blocking queries with short waits could timeout on the client [GH-15541]
  • ca: Fixed issue where using Vault as Connect CA with Vault-managed policies would error on start-up if the intermediate PKI mount existed but was empty [GH-15525]
  • cli: (Enterprise Only) Fix issue where consul partition update subcommand was not registered and therefore not available through the cli.
  • connect: Fixed issue where using Vault 1.11+ as CA provider would eventually break Intermediate CAs [GH-15217] [GH-15253]
  • namespace: (Enterprise Only) Fix a bug that caused blocking queries during namespace replication to timeout
  • peering: better represent non-passing states during peer check flattening [GH-15615]
  • peering: fix the limit of replication gRPC message; set to 8MB [GH-15503]

v1.14.1

Compare Source

1.14.1 (November 21, 2022)

BUG FIXES:

  • cli: Fix issue where consul connect envoy incorrectly uses the HTTPS API configuration for xDS connections. [GH-15466]
  • sdk: Fix SDK testutil backwards compatibility by only configuring grpc_tls port for new Consul versions. [GH-15423]

v1.14.0

Compare Source

1.14.0 (November 15, 2022)

BREAKING CHANGES:

  • config: Add new ports.grpc_tls configuration option.
    Introduce a new port to better separate TLS config from the existing ports.grpc config.
    The new ports.grpc_tls only supports TLS encrypted communication.
    The existing ports.grpc now only supports plain-text communication. [GH-15339]
  • config: update 1.14 config defaults: Enable peering and connect by default. [GH-15302]
  • config: update 1.14 config defaults: Set gRPC TLS port default value to 8503 [GH-15302]
  • connect: Removes support for Envoy 1.20 [GH-15093]
  • peering: Rename PeerName to Peer on prepared queries and exported services. [GH-14854]
  • xds: Convert service mesh failover to use Envoy's aggregate clusters. This
    changes the names of some Envoy dynamic HTTP metrics. [GH-14178]

SECURITY:

  • Ensure that data imported from peers is filtered by ACLs at the UI Nodes/Services endpoints CVE-2022-3920 [GH-15356]

FEATURES:

  • DNS-proxy support via gRPC request. [GH-14811]
  • cli: Add -node-name flag to redirect-traffic command to support running in environments without client agents. [GH-14933]
  • cli: Add -consul-dns-port flag to the consul connect redirect-traffic command to allow forwarding DNS traffic to a specific Consul DNS port. [GH-15050]
  • connect: Add Envoy connection balancing configuration fields. [GH-14616]
  • grpc: Added metrics for external gRPC server. Added server_type=internal|external label to gRPC metrics. [GH-14922]
  • http: Add new get-or-empty operation to the txn api. Refer to the API docs for more information. [GH-14474]
  • peering: Add mesh gateway local mode support for cluster peering. [GH-14817]
  • peering: Add support for stale queries for trust bundle lookups [GH-14724]
  • peering: Add support to failover to services running on cluster peers. [GH-14396]
  • peering: Add support to redirect to services running on cluster peers with service resolvers. [GH-14445]
  • peering: Ensure un-exported services get deleted even if the un-export happens while cluster peering replication is down. [GH-14797]
  • peering: add support for routine peering control-plane traffic through mesh gateways [GH-14981]
  • sdk: Configure iptables to forward DNS traffic to a specific DNS port. [GH-15050]
  • telemetry: emit memberlist size metrics and broadcast queue depth metric. [GH-14873]
  • ui: Added support for central config merging [GH-14604]
  • ui: Create peerings detail page [GH-14947]
  • ui: Detect a TokenSecretID cookie and passthrough to localStorage [GH-14495]
  • ui: Display notice banner on nodes index page if synthetic nodes are being filtered. [GH-14971]
  • ui: Filter agentless (synthetic) nodes from the nodes list page. [GH-14970]
  • ui: Filter out node health checks on agentless service instances [GH-14986]
  • ui: Remove node meta on service instances when using agentless and consolidate external-source labels on service instances page if they all match. [GH-14921]
  • ui: Removed reference to node name on service instance page when using agentless [GH-14903]
  • ui: Use withCredentials for all HTTP API requests [GH-14343]
  • xds: servers will limit the number of concurrent xDS streams they can handle to balance the load across all servers [GH-14397]

IMPROVEMENTS:

  • peering: Add peering datacenter and partition to initial handshake. [GH-14889]
  • xds: Added a rate limiter to the delivery of proxy config updates, to prevent updates to "global" resources such as wildcard intentions from overwhelming servers (see: xds.update_max_per_second config field) [GH-14960]
  • xds: Removed a bottleneck in Envoy config generation, enabling a higher number of dataplanes per server [GH-14934]
  • agent/hcp: add initial HashiCorp Cloud Platform integration [GH-14723]
  • agent: Added configuration option cloud.scada_address. [GH-14936]
  • api: Add filtering support to Catalog's List Services (v1/catalog/services) [GH-11742]
  • api: Increase max number of operations inside a transaction for requests to /v1/txn (128) [GH-14599]
  • auto-config: Relax the validation on auto-config JWT authorization to allow non-whitespace, non-quote characters in node names. [GH-15370]
  • config-entry: Validate that service-resolver Failovers and Redirects only
    specify Partition and Namespace on Consul Enterprise. This prevents scenarios
    where OSS Consul would save service-resolvers that require Consul Enterpr

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
area/security dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants