Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update module github.com/hashicorp/consul #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update module github.com/hashicorp/consul #1

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Jan 4, 2024
edited

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/hashicorp/consul v1.15.2 -> v1.15.3 age adoption passing confidence
github.com/hashicorp/consul v1.11.4 -> v1.12.5 age adoption passing confidence

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2023-1297

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2022-29153
High High 7.1 CVE-2021-41803

Release Notes

hashicorp/consul (github.com/hashicorp/consul)

v1.15.3

Compare Source

1.15.3 (June 1, 2023)

BREAKING CHANGES:

  • extensions: The Lua extension now targets local proxy listeners for the configured service's upstreams, rather than remote downstream listeners for the configured service, when ListenerType is set to outbound in extension configuration. See CVE-2023-2816 changelog entry for more details. [GH-17415]

SECURITY:

FEATURES:

  • hcp: Add new metrics sink to collect, aggregate and export server metrics to HCP in OTEL format. [GH-17460]

IMPROVEMENTS:

  • Fixes a performance issue in Raft where commit latency can increase by 100x or more when under heavy load. For more details see https://github.com/hashicorp/raft/pull/541. [GH-17081]
  • agent: add a configurable maximimum age (default: 7 days) to prevent servers re-joining a cluster with stale data [GH-17171]
  • agent: add new metrics to track cpu disk and memory usage for server hosts (defaults to: enabled) [GH-17038]
  • connect: update supported envoy versions to 1.22.11, 1.23.8, 1.24.6, 1.25.4 [GH-16889]
  • envoy: add MaxEjectionPercent and BaseEjectionTime to passive health check configs. [GH-15979]
  • hcp: Add support for linking existing Consul clusters to HCP management plane. [GH-16916]
  • logging: change snapshot log header from agent.server.snapshot to agent.server.raft.snapshot [GH-17236]
  • peering: allow re-establishing terminated peering from new token without deleting existing peering first. [GH-16776]
  • peering: gRPC queries for TrustBundleList, TrustBundleRead, PeeringList, and PeeringRead now support blocking semantics, reducing network and CPU demand. The HTTP APIs for Peering List and Read have been updated to support blocking. [GH-17426]
  • raft: Remove expensive reflection from raft/mesh hot path [GH-16552]
  • xds: rename envoy_hcp_metrics_bind_socket_dir to envoy_telemetry_collector_bind_socket_dir to remove HCP naming references. [GH-17327]

BUG FIXES:

  • Fix an bug where decoding some Config structs with unset pointer fields could fail with reflect: call of reflect.Value.Type on zero Value. [GH-17048]
  • acl: (Enterprise only) Check permissions in correct partition/namespace when resolving service in non-default partition/namespace
  • acl: Fix an issue where the anonymous token was synthesized in non-primary datacenters which could cause permission errors when federating clusters with ACL replication enabled. [GH-17231]
  • acls: Fix ACL bug that can result in sidecar proxies having incorrect endpoints.
  • connect: Fix multiple inefficient behaviors when querying service health. [GH-17241]
  • gateways: Fix an bug where targeting a virtual service defined by a service-resolver was broken for HTTPRoutes. [GH-17055]
  • grpc: ensure grpc resolver correctly uses lan/wan addresses on servers [GH-17270]
  • namespaces: adjusts the return type from HTTP list API to return the api module representation of a namespace. This fixes an error with the consul namespace list command when a namespace has a deferred deletion timestamp.
  • peering: Fix issue where modifying the list of exported services did not correctly replicate changes for services that exist in a non-default namespace. [GH-17456]
  • peering: Fix issue where peer streams could incorrectly deregister services in various scenarios. [GH-17235]
  • peering: ensure that merged central configs of peered upstreams for partitioned downstreams work [GH-17179]
  • xds: Fix possible panic that can when generating clusters before the root certificates have been fetched. [GH-17185]
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Jan 4, 2024
@mend-for-github-com mend-for-github-com bot changed the title chore(deps): update module github.com/hashicorp/consul Update module github.com/hashicorp/consul Feb 8, 2024
@mend-for-github-com mend-for-github-com bot changed the title Update module github.com/hashicorp/consul chore(deps): update module github.com/hashicorp/consul Feb 26, 2024
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/github.com-hashicorp-consul-1.x branch from 581f6e0 to de09d14 Compare March 13, 2024 14:09
@amplify-self-hosted-runners
Copy link

Check Name Conclusion Summary Output
Mend Security Check success Security Report output
Mend License Check failure License Report output
backport-check failure backport-check output
changelog-check failure changelog-check output
metrics_test_check failure metrics_test_check output
verify-ci-success success verify-ci-success output
dist-check success dist-check output
Get files changed and conditionally skip CI success Get files changed and conditionally skip CI output
get-go-version / Determine Go toolchain version success get-go-version / Determine Go toolchain version output
Setup success Setup output
scan failure scan output
Get files changed and conditionally skip CI success Get files changed and conditionally skip CI output
noop success noop output
get-go-version / Determine Go toolchain version success get-go-version / Determine Go toolchain version output
Setup success Setup output
lint-enums failure lint-enums output
check-generated-protobuf failure check-generated-protobuf output
check-codegen failure check-codegen output
lint-consul-retry failure lint-consul-retry output
lint-container-test-deps failure lint-container-test-deps output
check-go-mod / check-go-mod failure check-go-mod / check-go-mod output
dev-build / build failure dev-build / build output
lint / lint failure lint / lint output
lint / lint api failure lint / lint api output
lint-32bit / lint failure lint-32bit / lint output
lint / lint sdk failure lint / lint sdk output
lint-32bit / lint api failure lint-32bit / lint api output
lint / lint envoyextensions failure lint / lint envoyextensions output
lint-32bit / lint sdk failure lint-32bit / lint sdk output
lint / lint troubleshoot failure lint / lint troubleshoot output
lint-32bit / lint envoyextensions failure lint-32bit / lint envoyextensions output
lint / lint test/integration/consul-container failure lint / lint test/integration/consul-container output
lint-32bit / lint troubleshoot failure lint-32bit / lint troubleshoot output
lint / lint test-integ failure lint / lint test-integ output
lint-32bit / lint test/integration/consul-container failure lint-32bit / lint test/integration/consul-container output
lint / lint testing/deployer failure lint / lint testing/deployer output
lint-32bit / lint test-integ failure lint-32bit / lint test-integ output
lint-32bit / lint testing/deployer failure lint-32bit / lint testing/deployer output
Get files changed and conditionally skip CI success Get files changed and conditionally skip CI output
get-go-version / Determine Go toolchain version success get-go-version / Determine Go toolchain version output
Setup success Setup output
Generate Envoy Job Matrices failure Generate Envoy Job Matrices output
integration-test-with-deployer failure integration-test-with-deployer output
dev-build / build failure dev-build / build output
test-integrations-success failure test-integrations-success output
Setup success Setup output
get-go-version / Determine Go toolchain version success get-go-version / Determine Go toolchain version output
check-go-mod / check-go-mod failure check-go-mod / check-go-mod output
build-distros-success failure build-distros-success output

@github-actions GitHub Actions
Copy link

This pull request has been automatically flagged for inactivity because it has not been acted upon in the last 60 days. It will be closed if no new activity occurs in the next 30 days. Please feel free to re-open to resurrect the change if you feel this has happened by mistake. Thank you for your contributions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
meta/stale security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
0 participants