The Nomad team is excited to announce the release of Nomad v1.10.2! The release contains improvements, bug fixes and security patches, such as:
- Bump the consul-template version to resolve CVE-2025-27144, CVE-2025-22869, CVE-2025-22870 and CVE-2025-22872
- Fixed a bug where workflow identity policies are matched by job ID prefix (CVE-2025-4922)
- Workload-associated ACL policies can now be applied to all jobs in a namespace
- Added an API endpoint for listing workload-attached ACL policies
- Added job start command for starting stopped jobs
- Added a force flag to volume delete command
- Fixed a bug where system jobs with constraints would sometimes return a failed allocation
- Fixed excess CPU consumption from alloc status collection
- Fixed incorrect calculation of permissions when ACLs are disabled which meant actions such as client drains were incorrectly blocked
- Fixed an issue where reconcile strategy was sometimes ignored
- Fixed -secret values not being sent with the
nomad volume snapshot deletecommand - (Enterprise): Added support for offline utilization reporting
Nomad v1.10.2 also contains one breaking change, and one that may require extra consideration if you are using IPv6 networking:
- Support for some of the non-hermetic sprig functions in template blocks has been removed
- IPv6 bind and advertise addresses are now made to adhere to RFC-5942 §4
- This is not expected to break anything, but external systems could possibly parse the address(es) in unexpected ways.
Please refer to the changelog for the complete list of improvements and bug fixes. We are also releasing backports of bug fixes to Nomad Enterprise v1.9.10 and v1.8.14.
Please read the upgrade guide for notes around upgrading and remember that downgrading is not supported. Please do not hesitate to file an issue on GitHub if you encounter any issues.
Thanks,
The Nomad Team
1.10.2 Binaries - Nomad v1.10.2 Binaries | HashiCorp Releases
1.10.2 Changelog - nomad/CHANGELOG.md at release/1.10.2 · hashicorp/nomad · GitHub