--- - branch: MAIN date: Tue Jul 31 12:34:55 UTC 2018 files: - new: '1.35' old: '1.34' path: pkgsrc/sysutils/consul/Makefile pathrev: pkgsrc/sysutils/consul/Makefile@1.35 type: modified - new: '1.27' old: '1.26' path: pkgsrc/sysutils/consul/distinfo pathrev: pkgsrc/sysutils/consul/distinfo@1.27 type: modified id: 20180731T123455Z.59f73abb09b1ecde67e89a868f625a771c88de9d log: | sysutils/consul: Update to 1.2.2 ## 1.2.2 (July 30, 2018) SECURITY: - acl: Fixed an issue where writes operations on the Keyring and Operator were being allowed with a default allow policy even when explicitly denied in the policy. FEATURES: - **Alias Checks:** Alias checks allow a service or node to alias the health status of another service or node in the cluster. - agent: New Cloud Auto-join providers: vSphere and Packet.net. - cli: Added `-serf-wan-port`, `-serf-lan-port`, and `-server-port` flags to CLI for cases where these can't be specified in config files and `-hcl` is too cumbersome. - connect: The TTL of leaf (service) certificates in Connect is now configurable. IMPROVEMENTS: - proxy: With `-register` flag, heartbeat failures will only log once service registration succeeds. - http: 1.0.3 introduced rejection of non-printable chars in HTTP URLs due to a security vulnerability. Some users who had keys written with an older version which are now dissallowed were unable to delete them. A new config option disable_http_unprintable_char_filter is added to allow those users to remove the offending keys. Leaving this new option set long term is strongly discouraged as it bypasses filtering necessary to prevent some known vulnerabilities. - agent: Allow for advanced configuration of some gossip related parameters. - agent: Make some Gossip tuneables configurable via the config file - ui: Included searching on `.Tags` when using the freetext search field. - ui: Service.ID's are now shown in the Service detail page and (only if it is different from the service name) the Node Detail > [Services] tab. BUG FIXES: - acl/connect: Fix an issue that was causing managed proxies not to work when ACLs were enabled. - connect: Fix issue with managed proxies and watches attempting to use a client addr that is 0.0.0.0 or :: - connect: Allow Native and Unmanaged proxy configurations via config file - connect: Fix bug causing 100% CPU on agent when Connect is disabled but a proxy is still running - proxy: Don't restart proxies setup in a config file when Consul restarts - ui: Display the Service.IP address instead of the Node.IP address in the Service detail view. - ui: Watch for trailing slash stripping 301 redirects and forward the user to the correct location. - connect: Fixed an issue in the connect native HTTP client where it failed to resolve service names. ## 1.2.1 (July 12, 2018) IMPROVEMENTS: - acl: Prevented multiple ACL token refresh operations from occurring simultaneously. - acl: Add async-cache down policy mode to always do ACL token refreshes in the background to reduce latency. - proxy: Pass through HTTP client env vars to managed proxies so that they can connect back to Consul over HTTPs when not serving HTTP. - connect: Persist intermediate CAs on leader change. BUG FIXES: - api: Intention APIs parse error response body for error message. - agent: Intention read endpoint returns a 400 on invalid UUID - agent: Service registration with "services" does not error on Connect upstream configuration. - dns: Ensure that TXT RRs dont get put in the Answer section for A/AAAA queries. - dns: Ensure that only 1 CNAME is returned when querying for services that have non-IP service addresses. - api: Fixed issue where `Lock` and `Semaphore` would return earlier than their requested timeout when unable to acquire the lock. - watch: Fix issue with HTTPs only agents not executing watches properly - agent: Managed proxies that bind to 0.0.0.0 now get a health check on a sane IP - server: (Consul Enterprise) Fixed an issue causing Consul to panic when network areas were used - license: (Consul Enterprise) Fixed an issue causing the snapshot agent to log erroneous licensing errors module: pkgsrc subject: 'CVS commit: pkgsrc/sysutils/consul' unixtime: '1533040495' user: fhajny