Nomad 1.4.2 has been released with two security patches and a number of critical bug fixes and improvements.
- Internal testing identified a vulnerability Nomad and Nomad Enterprise where a template block can list non-sensitive metadata for Variables paths under the nomad/ prefix that belong to other jobs in the same namespace. No encrypted Variables data is exposed. See security bulletin HCSEC-2022-X for more information.
- Internal testing identified a vulnerability Nomad and Nomad Enterprise where an event stream subscriber using an ACL token with an expiry TTL set would continue to receive events until the token was garbage collected. See security bulletin HCSEC-2022-X for more information.
Additional bug fixes in Nomad 1.4.2 include:
- Fixed critical bugs in root keying replication that prevented scheduled plans from applying until all federated regions were upgraded, and prevented scheduled plans from applying under some circumstances when root keys were rotated.
- Fixed several bugs where feature version checking was incorrectly enforced across federated regions.
- Fixed validation bugs in service discovery.
- Fixed a bug where cpu cores were not detected on recent RHEL systems
New features and improvements include:
- The web UI’s topology page now supports search and filtering
- New nomad fmt command
Nomad 1.3.7 and Nomad 1.2.14 have also been released with backports of bug fixes that affect those versions. See the changelog links below for more information.
The Nomad Team
1.4.2 Binaries - Nomad v1.4.2 Binaries | HashiCorp Releases
1.4.2 Changelog - nomad/CHANGELOG.md at v1.4.2 · hashicorp/nomad · GitHub
1.3.7 Binaries - Nomad v1.3.7 Binaries | HashiCorp Releases
1.3.7 Changelog - nomad/CHANGELOG.md at v1.3.7 · hashicorp/nomad · GitHub
1.2.14 Binaries - Nomad v1.2.14 Binaries | HashiCorp Releases
1.2.14 Changelog - nomad/CHANGELOG.md at v1.2.14 · hashicorp/nomad · GitHub