Releases · hashicorp/consul

1.21.2 (June 17, 2025)

SECURITY:

security: Upgrade UBI base image version to address CVE
CVE-2025-4802
CVE-2024-40896
CVE-2024-12243
CVE-2025-24528
CVE-2025-3277
CVE-2024-12133
CVE-2024-57970
CVE-2025-31115 [GH-22409]
cli: update tls ca and cert create to reduce excessive file perms for generated public files [GH-22286]
connect: Added non default namespace and partition checks to ConnectCA CSR requests. [GH-22376]
security: Upgrade Go to 1.23.10. [GH-22412]

IMPROVEMENTS:

config: Warn about invalid characters in datacenter resulting in non-generation of X.509 certificates when using external CA for agent TLS communication. [GH-22382]
connect: Use net.JoinHostPort for host:port formatting to handle IPv6. [GH-22359]

BUG FIXES:

http: return a clear error when both Service.Service and Service.ID are missing during catalog registration [GH-22381]
license: (Enterprise only) Fixed issue where usage metrics are not written to the snapshot to export the license data. [GH-10668]
wan-federation: Fixed an issue where advertised IPv6 addresses were causing WAN federation to fail. [GH-22226]

1.21.1 (May 21, 2025)

FEATURES:

xds: Extend LUA Script support for API Gateway [GH-22321]
xds: Added a configurable option to disable XDS session load balancing, intended for scenarios where an external load balancer is used in front of Consul servers, making internal load balancing unnecessary.

IMPROVEMENTS:

http: Add peer query param on catalog service API [GH-22189]

1.21.0 Enterprise (May 06, 2025)

FEATURES:

config: add UseSNI flag in remote JSONWebKeySet
agent: send TLS SNI in remote JSONWebKeySet [GH-22177]
v2: remove HCP Link integration [GH-21883]

IMPROVEMENTS:

raft: add a configuration raft_prevote_disabled to allow disabling raft prevote [GH-21758]
raft: update raft library to 1.7.0 which include pre-vote extension [GH-21758]
SubMatView: Log level change from ERROR to INFO for subject materialized view as subscription creation is retryable on ACL change. [GH-22141]
ui: Adds a copyable token accessor/secret on the settings page when signed in [GH-22105]
xDS: Log level change from ERROR to INFO for xDS delta discovery request. Stream can be cancelled on server shutdown and other scenarios. It is retryable and error is a superfluous log. [GH-22141]

1.20.7 Enterprise (May 21, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

FEATURES:

xds: Added a configurable option to disable XDS session load balancing, intended for scenarios where an external load balancer is used in front of Consul servers, making internal load balancing unnecessary.
xds: Extend LUA Script support for API Gateway

IMPROVEMENTS:

http: Add peer query param on catalog service API [GH-22189]

1.21.0 (May 06, 2025)

FEATURES:

Simplified external service discovery (Agentless/Gossipless)
Google Cloud Storage support for K8s snapshots
OpenShift 4.17 support
Pod Security Admissions compatibility
Refreshed documentation structure
Support for TLS SNI in remote JSONWebKeySet [GH-22177]

🔗 Link to full release details

IMPROVEMENTS:

raft: add a configuration raft_prevote_disabled to allow disabling raft prevote [GH-21758]
raft: update raft library to 1.7.0 which include pre-vote extension [GH-21758]
SubMatView: Log level change from ERROR to INFO for subject materialized view as subscription creation is retryable on ACL change. [GH-22141]
ui: Adds a copyable token accessor/secret on the settings page when signed in [GH-22105]
xDS: Log level change from ERROR to INFO for xDS delta discovery request. Stream can be cancelled on server shutdown and other scenarios. It is retryable and error is a superfluous log. [GH-22141]

1.19.9 Enterprise (May 21, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

IMPROVEMENTS:

http: Add peer query param on catalog service API [GH-22189]

1.19.8 Enterprise(April 25, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

SECURITY:

Update golang.org/x/net to v0.38.0 to address GHSA-vvgc-356p-c3xw and GO-2025-3595.
Update github.com/golang-jwt/jwt/v4 to v4.5.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp.
Update Go to v1.23.8 to address GO-2025-3563.
Update github.com/golang-jwt/jwt/v5 to v5.2.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp.
Update golang.org/x/crypto to v0.36.0 to address GO-2025-3487. [GH-10516]

BUG FIXES:

agent: Add the missing Service TaggedAddresses and Check Type fields to Txn API. [GH-22220]

1.19.7 Enterprise (March 11, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

SECURITY:

Update golang.org/x/crypto to v0.35.0 to address GO-2025-3487.
Update golang.org/x/oauth2 to v0.27.0 to address GO-2025-3488.
Update github.com/go-jose/go-jose/v3 to v3.0.4 to address GO-2025-3485. [GH-22207]
Upgrade Go to 1.23.6. [GH-22204]

BUG FIXES:

logging: Fixed compilation error for OS NetBSD. [GH-22184]

1.18.11 (April 25, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

SECURITY:

Update golang.org/x/net to v0.38.0 to address GHSA-vvgc-356p-c3xw and GO-2025-3595.
Update github.com/golang-jwt/jwt/v4 to v4.5.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp.
Update Go to v1.23.8 to address GO-2025-3563.
Update github.com/golang-jwt/jwt/v5 to v5.2.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp.
Update golang.org/x/crypto to v0.36.0 to address GO-2025-3487. [GH-10517 817B ]

1.18.10 Enterprise (March 11, 2025)

This release is created to share the Consul Enterprise changelog and notify consumers of availability. The attached source and assets do not include Consul Enterprise code and should not be used in place of official Docker images or binaries.

SECURITY:

Update golang.org/x/crypto to v0.35.0 to address GO-2025-3487.
Update golang.org/x/oauth2 to v0.27.0 to address GO-2025-3488.
Update github.com/go-jose/go-jose/v3 to v3.0.4 to address GO-2025-3485. [GH-22207]
Upgrade Go to 1.23.6. [GH-22204]

BUG FIXES:

logging: Fixed compilation error for OS NetBSD. [GH-22184]

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

1.21.2 (June 17, 2025)

Uh oh!

1.21.1 (May 21, 2025)

Uh oh!

1.21.0 Enterprise (May 06, 2025)

Uh oh!

1.20.7 Enterprise (May 21, 2025)

Uh oh!

1.21.0 (May 06, 2025)

Uh oh!

1.19.9 Enterprise (May 21, 2025)

Uh oh!

1.19.8 Enterprise(April 25, 2025)

Uh oh!

1.19.7 Enterprise (March 11, 2025)

Uh oh!

1.18.11 (April 25, 2025)

Uh oh!

1.18.10 Enterprise (March 11, 2025)

Uh oh!

Releases: hashicorp/consul

v1.21.2

1.21.2 (June 17, 2025)

Uh oh!

v1.21.1

1.21.1 (May 21, 2025)

Uh oh!

1.21.0 (Enterprise)

1.21.0 Enterprise (May 06, 2025)

Uh oh!

v1.20.7 (Enterprise)

1.20.7 Enterprise (May 21, 2025)

Uh oh!

v1.21.0

1.21.0 (May 06, 2025)

Uh oh!

v1.19.9 (Enterprise)

1.19.9 Enterprise (May 21, 2025)

Uh oh!

v1.19.8 (Enterprise)

1.19.8 Enterprise(April 25, 2025)

Uh oh!

v1.19.7 (Enterprise)

1.19.7 Enterprise (March 11, 2025)

Uh oh!

v1.18.11 (Enterprise)

1.18.11 (April 25, 2025)

Uh oh!

v1.18.10 (Enterprise)

1.18.10 Enterprise (March 11, 2025)

Uh oh!