Consul 1.6.4 Released (security)

Hello everyone,

We just released Consul 1.6.4 which ships an updated version of miekg/dns that includes a fix for a CVE.


The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6.6 and other products, improperly generates random numbers because math/rand is used. The TXID becomes predictable, leading to response forgeries.

Please see the complete changelog for details on the releases:

The release binaries can be downloaded here:

– The Consul Team

1 Like