RATATOSKRATATOSK
Sign in

Releases

AI-analyzed release notes for CNCF graduated and incubating projects.

Jul 2026Clear ×

Envoy

Networking & MessagingYesterdayJul 14, 2026

Envoy v1.39.0 is a major release combining several breaking behavior changes (mandatory keyUsage enforcement, disabled DLB balancer, stricter TLS inspector validation, changed OTel sampling behavior) with a large batch of roughly 20 medium-severity CVE fixes spanning HTTP/2, HTTP/3, ext_authz, ext_proc, OAuth2, DNS, and several other subsystems. It also ships extensive non-actionable feature and performance work, including dynamic-modules extension points and a new streaming JSON parser for AI protocols.

  • securityBroad CVE batch fixed across core protocol and extension code

    This release fixes roughly 20 CVEs across HTTP/2, HTTP/3, ext_authz, ext_proc, gRPC stats, internal redirects, OAuth2, DNS, JSON parsing, PROXY protocol, formatters, StatsD, TLS SAN handling, and Zstd decompression, all rated medium by the notes. Notable ones include HTTP/2 cookie-based header-limit bypass (CVE-2026-47774), HTTP/3 QPACK blocked-decoding DoS (GHSA-p7c7-7c47-pwch), and Zstd decompression memory exhaustion (CVE-2026-48044). The fixes ship in v1.39.0.

  • securityOAuth2 cookie encryption moves to AES-256-GCM (opt-in migration)

    OAuth2 adds AES-256-GCM cookie encryption to address CVE-2026-47775, replacing the older CBC-based scheme. Migration is opt-in: enable oauth2_use_gcm_encryption, monitor the oauth_legacy_cbc_decrypt metric, then disable oauth2_legacy_cbc_decrypt_compat once legacy decryption is no longer observed.

  • breakingCertificate keyUsage enforcement is now mandatory

    Envoy now always enforces the certificate keyUsage extension; the enforce_rsa_key_usage field is deprecated and ignored. This applies unconditionally starting in v1.39.0, so certificates that previously relied on lax enforcement may now fail validation.

  • breakingDLB connection balancer disabled in all builds

    The Intel DLB connection balancer (envoy.network.connection_balance.dlb) is disabled in all builds because of a broken source archive. This applies wherever that extension is configured.

  • breakingTLS inspector now rejects out-of-range client TLS versions

    The TLS inspector now validates that client TLS versions fall between 1.0 and 1.3, rejecting anything outside that range. The check is unconditional in v1.39.0 but can be reverted with envoy.reloadable_features.tls_inspector_enforce_client_tls_version.

  • breakingOTel tracing now defers to Envoy's own sampling decision

    The OpenTelemetry tracer now honors Envoy's own request-entry sampling decision, including overall_sampling, even when a propagated trace context or configured sampler requests sampling. This applies to deployments relying on downstream or context-based sampling overriding Envoy's local config, and may reduce the volume of exported spans.

Key changes (8)
  • Roughly 20 medium-severity CVE fixes across HTTP/2, HTTP/3, ext_authz, ext_proc, gRPC stats, internal redirects, OAuth2, DNS, JSON parsing, PROXY protocol, formatters, StatsD, TLS SAN handling, and Zstd decompression; notable ones include CVE-2026-47774 (HTTP/2 cookie header-limit bypass), GHSA-p7c7-7c47-pwch (HTTP/3 QPACK DoS), and CVE-2026-48044 (Zstd memory exhaustion)
  • OAuth2 gains AES-256-GCM cookie encryption (CVE-2026-47775) with an opt-in, staged migration path off legacy CBC decryption
  • Certificate keyUsage enforcement is now mandatory (enforce_rsa_key_usage deprecated); TLS inspector now rejects client TLS versions outside 1.0-1.3
  • Intel DLB connection balancer extension disabled in all builds due to a broken source archive
  • OpenTelemetry tracer now defers to Envoy's own sampling decision (including overall_sampling), which may reduce exported spans
  • Unified DNS cluster implementation is now the default, enabling shared c-ares resolvers and qcache across clusters
  • HeaderMatcher now matches separately supplied header values individually rather than only their comma-joined form (revertible via feature gate)
  • Large non-actionable batch: dynamic-modules extension points and Rust SDK, new Wuffs-based streaming JSON parser for MCP/A2A/OpenAI/Anthropic, new bandwidth-sharing and sub-filter-chain HTTP filters, CNSA/post-quantum TLS policies, io_uring and SO_REUSEPORT BPF performance work, plus numerous bugfixes (connection-pool re-entrancy, DNS resolver leaks, Golang filter re-entry)
Source

Kyverno

SecurityJul 10, 2026

Kyverno v1.18.2 is a patch release fixing a HIGH security issue (GHSA-79gf-7frw-68m9) where generator policies could bypass namespace boundaries, plus backported security dependency updates, watcher restart fixes, and several CLI and policy improvements.

  • securityPatch namespace boundary bypass in generator policies

    Generator policies could bypass namespace boundaries when applying rules, allowing cross-namespace policy enforcement. Upgrade to v1.18.2 to restore proper isolation.

  • securityApply security dependency updates

    Security dependency updates have been backported to address known vulnerabilities in transitive dependencies.

Key changes (7)
  • HIGH: Namespace boundary enforcement in generator policies patched (GHSA-79gf-7frw-68m9)
  • Security dependency updates backported
  • Background reporting now restarts dynamic watchers correctly on 410 Gone responses
  • Required validation policies no longer abort on image mismatches
  • CLI now accepts multiple CRDs in a single --crd-path file
  • pss-helm policy chart adds 'image' to allowed volume types
  • Report label prefixes corrected for multi/delegated policies
Source

SPIRE

SecurityJul 9, 2026

SPIRE v1.15.2 is a mixed release addressing security concerns through docker/docker to moby/moby migration (resolving CVEs) and a HIGH-severity delegated identity API restriction preventing JWT-SVID exposure for admin or downstream entries. The release also introduces the SPIFFE Broker, per-caller rate limiting, TLS metrics endpoint support, and numerous performance and compatibility improvements across multiple attestors and plugins.

  • securityResolve docker/docker CVEs via moby/moby migration

    docker/docker dependencies have been migrated to moby/moby equivalents to resolve Docker/Moby CVEs. Upgrade to v1.15.2.

  • breakingDelegated API no longer serves JWT-SVIDs for admin/downstream entries

    The delegated identity API no longer serves JWT-SVIDs for admin or downstream entries. If you use the delegated identity API with admin or downstream entries, verify that clients no longer depend on JWT-SVID tokens from those entry types.

Key changes (7)
  • Security: docker/docker migrated to moby/moby to resolve CVEs
  • Security: Delegated identity API restricted—no longer serves JWT-SVIDs for admin or downstream entries
  • Enhancement: Per-caller rate limiting for agent Workload API and Envoy SDS
  • Enhancement: TLS support for Prometheus metrics endpoint with optional SPIFFE ID allowlist
  • Enhancement: SPIFFE Broker endpoint and API introduced
  • Performance: Attested nodes now fetched in bulk; optimized MySQL list entries query for reduced database load
  • Plus 16 additional features, fixes, and improvements: post-quantum cryptography curves, aws_kms tag-based discovery, azure_imds fixes, CA journal durability, structured logging, Windows SE_DEBUG_PRIVILEGE support, and more
Source

Flatcar Container Linux

Provisioning & RuntimeJul 9, 2026

Flatcar stable-4593.2.4 is a security-only release: the Linux kernel moves to 6.12.95, closing a large batch of CVEs (critical severity), alongside a routine ca-certificates bump to 3.125. There are no other bug fixes or behavioral changes in this build.

  • securityUpdate to kernel 6.12.95 to close a large batch of CVEs

    Flatcar stable-4593.2.4 bundles fixes for well over 130 Linux kernel CVEs (including CVE-2026-46242, CVE-2026-53332, CVE-2026-53331, CVE-2026-53356, CVE-2026-53329 among many others) by updating the kernel to 6.12.95. Rated critical; upgrade promptly across fleets since it touches the base OS kernel on every node.

Key changes (3)
  • Kernel updated to 6.12.95 (incl. 6.12.94), fixing well over 130 CVEs rated critical, including CVE-2026-46242, CVE-2026-53332, CVE-2026-53331, CVE-2026-53356 and CVE-2026-53329
  • ca-certificates package updated to version 3.125 (routine trust-store refresh)
  • No reported bug fixes or behavioral changes outside the kernel security update
Source

Flatcar Container Linux

Provisioning & RuntimeJul 9, 2026

Flatcar Container Linux lts-4081.3.9 is a security-focused patch delivering a large kernel CVE fix set via Linux 6.6.144, alongside a ca-certificates update. No breaking changes or removals.

  • securityPatch 144 kernel CVEs via Linux 6.6.144

    Flatcar Container Linux lts-4081.3.9 bundles 144 Linux kernel CVEs fixed via upgrade to kernel 6.6.144 (which also incorporates 6.6.143 and 6.6.142). The highest-severity issues in this set include multiple vulnerabilities affecting core kernel subsystems; a sample of notable CVEs: CVE-2026-46242, CVE-2026-53357, CVE-2026-52941. Upgrade to patch your running systems.

Key changes (2)
  • 144 Linux kernel CVEs (HIGH severity, max) addressed in kernel 6.6.144 update
  • ca-certificates bumped to version 3.125
Source

TiKV

Storage & DataJul 9, 2026

TiKV/TiDB v8.5.7 is a mixed release combining several default/behavior changes operators must review (stricter max_ts and NOT NULL validation, auto IndexMerge, TiDB Lightning web UI removal, resource-control metric relabeling) with a security-relevant dependency upgrade and a broad set of new features, performance work, and bug fixes.

  • securityVulnerable TiKV third-party dependencies patched

    This release upgrades vulnerable third-party dependencies used by TiKV 8.5 and aligns required compatibility fixes with upstream, improving stability and security. Upgrade to pick up the patched dependencies.

  • breakingmax_ts invalid-update handling now errors by default

    TiKV now rejects max_ts updates confirmed invalid instead of only logging them. If you rely on the previous log-only behavior, set storage.max-ts.action-on-invalid-update to log before upgrading.

  • breakingFix control 52869 (auto IndexMerge) enabled by default

    TiDB now enables optimizer fix control 52869 by default, letting the optimizer consider IndexMerge automatically when alternative indexes exist. This can change query plans in some cases; review plans for sensitive queries after upgrade.

  • breakingStrict NOT NULL validation on INSERT enabled by default

    tidb_enable_strict_not_null_check now defaults to ON, enforcing strict validation when an INSERT explicitly writes NULL into a NOT NULL column. Statements that previously succeeded may now fail; audit INSERT paths that rely on lenient NULL handling.

  • breakingResource-control background metrics lose resource_group label

    TiKV background resource-control metrics are now aggregated globally via a single rate limiter, dropping the per resource_group label. Update dashboards and alerting rules that filter or group by resource_group for background metrics.

  • breakingTiDB Lightning web interface removed

    TiDB Lightning drops its web interface starting in v8.5.7. Switch to the command-line tools tidb-lightning for import tasks and tidb-lightning-ctl for checkpoint and troubleshooting operations.

Key changes (8)
  • TiKV rejects invalid max_ts updates by default instead of just logging them (revert via storage.max-ts.action-on-invalid-update=log)
  • Optimizer fix control 52869 (auto IndexMerge) is now enabled by default and can shift query plans
  • tidb_enable_strict_not_null_check now defaults to ON, causing stricter INSERT NULL validation
  • TiKV background resource-control metrics are now aggregated without the resource_group label; dashboards/alerts need updating
  • TiDB Lightning web interface removed; use tidb-lightning / tidb-lightning-ctl CLI tools instead
  • Vulnerable third-party dependencies patched across TiKV 8.5 for stability and security
  • New features: CPU-aware hot Region read scheduling in PD/TiKV, partial index support, per-user connection limits, TiCDC table routing
  • Plus various performance work (fail-fast on disk I/O hangs, fairer read-pool scheduling) and bug fixes across TiKV memory usage, PD resource control, BR log backup, and TiCDC stability
Source

cert-manager

SecurityJul 8, 2026

cert-manager v1.21.0 is a mixed release: it ships a security-hardening RBAC restriction (GHSA-8rvj-mm4h-c258) plus two other breaking Helm/RBAC changes, alongside new ARI, Vault AWS-IAM, and Gateway API capabilities and several bug fixes. Operators should review Helm values and RBAC assumptions before upgrading.

  • securityReview cert-manager-edit permissions after Challenge/Order create rights removed

    cert-manager-edit no longer grants create on Challenge resources or create/patch/update on Order resources, closing a path where a user with edit access could tamper with ACME validation flow. Fixed upstream in v1.20.3 and carried into v1.21.0; upgrade if your tooling or users create Challenge/Order resources directly, since those workflows will need the cert-manager-approve or a custom role instead.

  • breakingDefault tokenrequest RBAC for the controller ServiceAccount removed

    The Helm chart no longer creates the default Role/RoleBinding granting serviceaccounts/token: create to the controller's own ServiceAccount. This only affects clusters relying on the undocumented pattern of serviceAccountRef.name pointing at the controller's ServiceAccount; those setups need an explicit RBAC grant added post-upgrade.

  • breakingRemove deprecated Prometheus Helm values before upgrading

    prometheus.servicemonitor.targetPort, prometheus.servicemonitor.path, and prometheus.podmonitor.path are gone from the Helm values schema (the ServiceMonitor port was also renamed from tcp-prometheus-servicemonitor to http-metrics). Any values override still setting these keys will fail Helm's schema validation on upgrade; scrub them from your values files first.

Key changes (8)
  • Security: cert-manager-edit ClusterRole restricted, removing Challenge/Order create-patch-update rights (GHSA-8rvj-mm4h-c258, fixed since v1.20.3)
  • Breaking: default RBAC for controller ServiceAccount tokenrequest creation removed from the Helm chart
  • Breaking: legacy Prometheus Helm values (servicemonitor.targetPort/path, podmonitor.path) removed; ServiceMonitor port renamed to http-metrics
  • Deprecated: enableGatewayAPI/enableGatewayAPIListenerSet in favor of gatewayAPI.enabled/enableListenerSet; cainjector's ServerSideApply feature gate also deprecated (old fields still work)
  • New features: experimental ACME Renewal Information (ARI) support, Vault AWS IAM auth (IRSA/EKS Pod Identity), Certificate renewalPolicies field, and a FIPS 140-3 compatible Modern2026 PKCS#12 profile
  • Gateway API additions: http01-parentreffallback annotation for TLS-only ListenerSets and ignore-tls-listeners annotation
  • Notable bug fixes: renewBeforePercentage integer overflow for long-duration certs, infinite re-issuance loop on expired issuer certs, ACME challenges now retry transient network errors instead of failing terminally
  • Plus roughly a dozen smaller items: DoH response size cap, Vault path traversal validation, DNS secret pre-validation, cainjector --ignore-namespaces, startupapicheck cleanup TTL, Debian 13 base images
Source

etcd

Kubernetes CoreJul 8, 2026

etcd v3.7.0 is a security release: its one grounded change closes a HIGH-severity CRL enforcement bypass on the gRPC listener that occurs when --listen-client-http-urls is set (GHSA-3wh4-j44w-pg92). The upgrade guide mentions other possible breaking changes, but the provided notes give no detail on them.

  • securityCRL enforcement bypass on gRPC listener fixed

    When --listen-client-http-urls is configured, certificate revocation lists (CRLs) were not enforced on the gRPC listener, allowing connections that should have been rejected by the CRL. Upgrade to v3.7.0 if you rely on CRL enforcement for client or peer authentication (GHSA-3wh4-j44w-pg92).

Key changes (2)
  • Security: CRL enforcement bypass on the gRPC listener fixed when --listen-client-http-urls is configured, rated HIGH (GHSA-3wh4-j44w-pg92)
  • Upgrade guide flags possible breaking changes for v3.7.0, but no specifics are given in the available changelog text
Source

Thanos

ObservabilityJul 8, 2026

Thanos v0.42.0 is a mixed release: it patches a critical gRPC authorization-bypass vulnerability (CVE-2026-33186, CVSS 9.1) that could defeat path-based deny rules, alongside several breaking flag removals in Receive and Store, a gRPC keepalive policy change, and a batch of new TLS/cipher configuration options. Upgrade promptly for the security fix, but review the removed flags and renamed Query-Frontend field before rolling out.

  • securityFix critical gRPC authorization bypass (CVE-2026-33186)

    A malformed `:path` header in gRPC requests can bypass path-based "deny" rules in `grpc/authz` interceptors, effectively defeating authorization checks. Fixed via an updated `thanos-community/grpc-go` fork. CVSS 9.1, critical, tracked as CVE-2026-33186. Upgrade to v0.42.0 immediately if you rely on gRPC path-based authorization.

  • breakingReceive: --shipper.ignore-unequal-block-size removed

    `--shipper.ignore-unequal-block-size` is gone. TSDB now delays compaction until the shipper finishes uploading blocks, so compaction can safely proceed during upload without the risk this flag used to guard against. Remove any references to it from Receive configs.

  • breakingStore: --debug.advertise-compatibility-label removed

    `--debug.advertise-compatibility-label` is gone and Store no longer advertises the `@thanos_compatibility_store_type=store` external label by default. This breaks compatibility with Thanos Query instances older than v0.8.0; upgrade Queriers first if you still run pre-v0.8.0 components.

  • breakingQuery-Frontend: time_taken field renamed to time_taken_ms

    The Query-Frontend JSON field `time_taken` is now `time_taken_ms`, aligning naming with its unit for easier log parsing. Update any log collector rules or dashboards that key off the old field name.

Key changes (8)
  • Critical: gRPC authorization bypass via malformed :path headers fixed (CVE-2026-33186, CVSS 9.1) by bumping the thanos-community/grpc-go fork
  • Breaking: Receive drops --shipper.ignore-unequal-block-size; TSDB now delays compaction until shipper upload completes instead
  • Breaking: Store drops --debug.advertise-compatibility-label, no longer advertising the store-type compatibility label by default (breaks pre-v0.8.0 Query compatibility)
  • Breaking: Query-Frontend JSON field time_taken renamed to time_taken_ms
  • All gRPC servers now enforce a KeepaliveEnforcementPolicy with MinTime 10s, matching client keepalive interval
  • New TLS/cipher configuration options added across components: --grpc-server-tls-ciphers/-curves, Receive's remote-write TLS cipher/curve flags, and per-endpoint TLS support in Query
  • Several bugfixes: exemplar proxy label stripping in multi-tier Query setups, OTLP tracing TLS config being ignored, a Query-Frontend panic in AnalyzesMerge, spurious Receive 503s on restart, and tenant ID path-traversal validation in Receive
  • Plus smaller enhancements: TSDB stats endpoint on Ruler/Sidecar gRPC servers, os.Root filesystem confinement for Receive/Compact/Sidecar, Rueidis SendToReplicas support, and S3 directory marker cleanup in Compactor
Source

Tekton

CI/CD & App DeliveryJul 8, 2026

Tekton v1.6.5 is a routine patch release that upgrades the Go toolchain to 1.25.10 to address medium-severity CVEs. No breaking changes or new features are included.

  • securityApply Go toolchain CVE fixes

    Tekton v1.6.5 upgrades Go to 1.25.10 to fix medium-severity CVEs in the toolchain. Upgrade to v1.6.5 to apply the patch.

Key changes (1)
  • Go bumped to 1.25.10 for CVE remediation
Source

Tekton

CI/CD & App DeliveryJul 8, 2026

Tekton v1.9.6 is a security patch that remediates CVEs by bumping Go and two key golang.org dependencies. A build hygiene fix replacing LICENSE symlinks with files is also included.

  • securityApply dependency CVE remediations

    Tekton v1.9.6 bumps Go to 1.25.10 and updates golang.org/x/crypto to v0.52.0 and golang.org/x/net to v0.55.0 to address CVEs in those dependencies. Upgrade to receive these remediation fixes.

Key changes (2)
  • Go bumped to 1.25.10, golang.org/x/crypto to v0.52.0, and golang.org/x/net to v0.55.0 for CVE remediation
  • Build hygiene: kodata LICENSE symlinks replaced with actual files
Source

Rook

Storage & DataJul 7, 2026

Rook v1.20.2 is a routine patch release for the Ceph operator: it tightens the mgr NetworkPolicy to ingress-only, bumps Ceph to v20.2.2 and ceph-csi-operator to v1.0.4, and ships a batch of smaller bug fixes and enhancements. No breaking changes or CVEs are included.

  • securitymgr NetworkPolicy restricted to ingress-only

    The mgr NetworkPolicy is now restricted to ingress-only traffic, tightening the default network posture for the Ceph manager pod (#17827). Review your NetworkPolicy setup after upgrading if you rely on egress rules for mgr.

Key changes (6)
  • mgr NetworkPolicy tightened to ingress-only, reducing egress exposure for the Ceph manager (#17827)
  • Ceph bumped to v20.2.2 and ceph-csi-operator to v1.0.4
  • Node watcher now reconciles on node label/annotation changes and skips during initial cache sync to avoid spurious loops
  • Stale VolumeAttachment resources are now cleaned up on unmount in external clusters
  • Floating mon reschedule time reduced for faster failover
  • Several smaller fixes: config overrides now end with a trailing newline, OSD raw activate fallback no longer misclassifies rbd devices, realm access keys are now URL-safe, plus example NetworkPolicy CRs and new API support for muting Ceph warnings
Source

Harbor

Storage & DataJul 2, 2026

Harbor v2.15.2 is a maintenance patch backporting the 2.15.0 security hardening set (blob-mount token validation, crypto/SMTP cleanup) plus the Redis-to-Valkey cache backend swap, alongside a large batch of UI/UX fixes following the Angular 21/Clarity v18 upgrade. No critical or high severity issues are involved; upgrade at normal patch cadence, but check external Redis/Valkey compatibility first.

  • securityBlob-mount token validation hardened

    Blob-mount now validates that the source project matches and rejects tokens missing the 'iat' claim, closing a gap that could let a token be replayed or misused across projects during blob mounting. No configuration change is needed, just upgrade.

  • securityCrypto usage hardened, unused SMTP package dropped

    Harbor tightened internal crypto usage and dropped the unused SMTP package, reducing attack surface. Rated low severity; upgrade covers it, no action required beyond that.

  • breakingCache backend switched from Redis to Valkey

    The cache backend moves from Redis to Valkey. If you run external Redis, or reference redis-specific config/images/health checks in your deployment, verify compatibility with Valkey before or during the upgrade.

  • breakingInternal YAML library replaced

    Harbor's YAML library changed from gopkg.in/yaml.v2 to github.com/goccy/go-yaml internally. This is an internal dependency swap with no expected operator-facing change, but flag it if you parse Harbor-generated YAML with strict schema assumptions.

  • breakingRegistry pinned to stable v2.8.3-harbor.1

    The bundled registry component now tracks the stable v2.8.3-harbor.1 tag instead of an rc.5 pre-release build, giving a more predictable registry version in this patch.

Key changes (7)
  • Blob-mount token validation hardened: rejects tokens missing 'iat' and checks source project (medium severity)
  • Crypto usage hardened and unused SMTP package removed (low severity)
  • Cache backend replaced: Redis swapped for Valkey
  • Internal dependency swaps: gopkg.in/yaml.v2 to goccy/go-yaml, registry pinned to stable v2.8.3-harbor.1
  • Harbor UI upgraded to Angular 21, Clarity v18, Node.js v22, with a large batch of accompanying UI/UX fixes (checkboxes, dark theme, i18n, job queue counts, pull command tag selection)
  • Fixed repository update_time not bumping on tag/artifact changes; Cosign verification adjusted to ignore/disable tlog
  • Plus several smaller build and packaging fixes: photon base image rebuild, net-tools removal, configurable openapi-generator/PIP_INDEX_URL, build system decoupling for 2.15
Source

etcd

Kubernetes CoreJul 1, 2026

etcd v3.6.13 is a security patch addressing a HIGH-severity CRL enforcement bypass (GHSA-3wh4-j44w-pg92) on the gRPC listener, active when --listen-client-http-urls is configured. It also fixes websocket bearer-token auth and adds a v2-deprecation flag option.

  • securityPatch the CRL enforcement bypass on the gRPC listener (GHSA-3wh4-j44w-pg92)

    Clusters using --listen-client-http-urls were not enforcing Certificate Revocation List checks on the gRPC listener, allowing revoked client certificates to authenticate. Upgrade to v3.6.13 if you configure that flag.

Key changes (3)
  • Security (HIGH): CRL enforcement bypass on the gRPC listener fixed (GHSA-3wh4-j44w-pg92) — affects clusters setting --listen-client-http-urls
  • Bugfix: websocket authentication corrected for bearer-prefixed auth tokens
  • Enhancement: --v2-deprecation flag gains a write-only-skip-check option to bypass the v2 content check
Source

etcd

Kubernetes CoreJul 1, 2026

etcd v3.5.32 is a security release patching a HIGH-severity CRL enforcement bypass (GHSA-3wh4-j44w-pg92) on the gRPC listener when --listen-client-http-urls is set. It also adds a v2-deprecation bypass option and several bug fixes.

  • securityCRL enforcement bypass on gRPC listener (GHSA-3wh4-j44w-pg92)

    When --listen-client-http-urls is configured, the CRL was not enforced on the gRPC listener, allowing revoked certificates through. Upgrade to v3.5.32 if you use this flag with mTLS and a certificate revocation list.

Key changes (6)
  • Security (HIGH): CRL enforcement bypass on gRPC listener fixed when --listen-client-http-urls is configured (GHSA-3wh4-j44w-pg92)
  • New write-only-skip-check option for the --v2-deprecation flag to bypass the v2 content check
  • Server now accepts non-admin maintenance status requests
  • etcdutl check v2store now inspects both v2 snapshot and WAL records
  • Websocket authentication fixed for bearer-prefixed auth tokens
  • JWT token content no longer logged when token parsing fails
Source

Prometheus

ObservabilityJul 1, 2026

Prometheus v3.13.0 is an LTS release leading with a HIGH-severity credential-forwarding fix (CVE-2025-4673, CVE-2023-45289) and a MEDIUM XSS fix (CVE-2026-44990), alongside four breaking changes to pagination tokens, path resolution, PromQL duration function names, and license file packaging, plus a broad set of new features and performance improvements.

  • securityHIGH: Credentials no longer forwarded on cross-host redirects

    Credentials (Authorization header, basic auth, bearer token, OAuth2, and configured headers) are no longer forwarded when following a redirect to a different host. This affects scraping, remote read/write, alerting, and service discovery where credentials are configured and cross-host redirects occur. Tracked as CVE-2025-4673 and CVE-2023-45289; driven by upgrading prometheus/common from v0.68.x to v0.69.0. Review any targets or endpoints that rely on redirects, as credentials will now be dropped silently on host change.

  • securityMEDIUM: XSS fix in UI dependency (CVE-2026-44990)

    sanitize-html was bumped to fix a cross-site scripting vulnerability (CVE-2026-44990) in the Prometheus UI. No configuration change needed; upgrade to v3.13.0.

  • breakingPagination token algorithm changed from SHA-1 to SHA-256

    Rule group pagination tokens now use SHA-256 instead of SHA-1. Any client or tooling that stores or compares pagination tokens across versions will see different token values after upgrade.

  • breaking--http.config.file relative path resolution changed

    Relative file paths inside the file passed to --http.config.file are now resolved relative to that config file's own directory, not its parent directory. If you use relative paths in that config, verify they still resolve correctly after upgrading.

  • breakingDuration-expression functions min()/max() renamed to min_of()/max_of()

    If you use the experimental-duration-expr feature flag, the PromQL duration functions min() and max() have been renamed to min_of() and max_of(). Update any queries or rules that use the old names.

  • breakingnpm_licenses.tar.bz2 removed; licenses now at /assets/third-party-licenses.txt

    npm_licenses.tar.bz2 is no longer shipped in release tarballs or container images. Third-party npm license text is now embedded in the binary and served at /assets/third-party-licenses.txt. Any automation that extracted that archive needs updating.

Key changes (8)
  • HIGH security fix: credentials (auth headers, bearer token, OAuth2, basic auth) dropped on cross-host redirects, fixing CVE-2025-4673 and CVE-2023-45289 via prometheus/common v0.69.0
  • MEDIUM security fix: sanitize-html bumped to patch XSS vulnerability CVE-2026-44990 in the UI
  • Breaking: rule group pagination tokens now SHA-256; stored tokens from older versions will differ
  • Breaking: --http.config.file relative paths now resolved relative to the config file's directory, not its parent
  • Breaking: duration-expression functions min()/max() renamed to min_of()/max_of() (experimental-duration-expr flag only)
  • Breaking: npm_licenses.tar.bz2 removed from tarballs/images; licenses served from /assets/third-party-licenses.txt in the binary
  • New experimental API search endpoints for metric names, label names, and label values; AWS RDS filtering; Scaleway VPC/IPAM-only instance support; native histogram smoothed/anchored rate; per-query samplesRead stats; Azure Monitor Workspace certificate support; container images on ghcr.io
  • Performance: case-insensitive prefix matching up to ~2x faster; per-sample chunk overhead down ~12-15%; V2 histogram WAL decoder allocations cut up to 50% (up to 10% memory reduction for native-histogram deployments with created-timestamp storage); plus multiple PromQL panic and TSDB corruption fixes
Source
Browse by month