Upgrade to use golang.org/x/net v0.24.0. This resolves CVE
CVE-2023-45288 (x/net). [GH-20956]
IMPROVEMENTS:
gateways: service defaults configuration entries can now be used to set default upstream limits for mesh-gateways [GH-20945]
connect: Add ability to disable Auto Host Header Rewrite on Terminating Gateway at the service level [GH-20802]
BUG FIXES:
dns: fix a bug with sameness group queries in DNS where responses did not respect DefaultForFailover.
DNS requests against sameness groups without this field set will now error as intended.
error running consul server in 1.18.0: failed to configure SCADA provider user's home directory path: $HOME is not defined [GH-20926]
server: fix Ent snapshot restore on CE when CE downgrade is enabled [GH-20977]
xds: Make TCP external service registered with terminating gateway reachable from peered cluster [GH-19881]
v1.18.1
1.18.1 (March 26, 2024)
Enterprise LTS: Consul Enterprise 1.18 is a Long-Term Support (LTS) release.
BREAKING CHANGES:
ui: Adds a "Link to HCP Consul Central" modal with integration to side-nav and link to HCP banner. There will be an option to disable the Link to HCP banner from the UI in a follow-up release. [GH-20474]
Upgrade to use golang.org/x/net v0.24.0. This resolves CVE
CVE-2023-45288 (x/net). [GH-20956]
IMPROVEMENTS:
gateways: service defaults configuration entries can now be used to set default upstream limits for mesh-gateways [GH-20945]
connect: Add ability to disable Auto Host Header Rewrite on Terminating Gateway at the service level [GH-20802]
BUG FIXES:
dns: fix a bug with sameness group queries in DNS where responses did not respect DefaultForFailover.
DNS requests against sameness groups without this field set will now error as intended.
error running consul server in 1.18.0: failed to configure SCADA provider user's home directory path: $HOME is not defined [GH-20926]
server: fix Ent snapshot restore on CE when CE downgrade is enabled [GH-20977]
xds: Make TCP external service registered with terminating gateway reachable from peered cluster [GH-19881]
1.17.5 Enterprise (May 14, 2024)
SECURITY:
Bump Dockerfile base image to alpine:3.19. [GH-20897]
Update vault/api to v1.12.2 to address CVE-2024-28180
(removes indirect dependency on impacted go-jose.v2) [GH-20910]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/hashicorp/consul/api from 1.18.0 to 1.28.3.
Release notes
Sourced from github.com/hashicorp/consul/api's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/consul/api's changelog.
... (truncated)
Commits
fd6d38e
Backport of build: update gha to latest approved tsccr into release/1.18.x (#...6716981
Backport of Fixed broken link in the ECS documentation into release/1.18.x (#...4c9a4aa
Backport of docs: Add fault injection to Envoy extensions list into release/1...8145cf0
Backport of docs: fix typo in security/acl into release/1.18.x (#21086)a683be0
Backport of docs: Fix docs for-ui-content-path
CLI flag into release/1.18....a15c9c3
Backport of [NET-8601] security: upgrade vault/api to remove go-jose.v2 into ...8d167ee
Backport of NET-9143 - sameness group queries in DNS do not respect DefaultFo...c52e8fa
Backport of security: Upgrade Go to 1.21.10 into release/1.18.x (#21077)8341e96
Backport of [NET-9141] ci: skip LICENSE copy for Ent linux packages into rele...537b50e
Backport of [NET-9098] Narrow scope of peering config on terminating gw filte...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show