The Nomad team is pleased to announce the release of Nomad 1.9.6!
There is one breaking change to consider:
- Consul and Vault client fingerprints no longer reload periodically to detect config changes. They must be induced by restarting the client agent, or sending it a SIGHUP signal to reload online.
We also made some nice improvements:
-
auth: New
VerboseLoggingoption to auth-method config for debugging SSO -
cli: Added actions available to a job when running nomad job status command
-
event stream: Added ability to authenticate using workload identities
-
services: Nomad native service checks now support the
tls_skip_verifyparameter -
task schedule (Enterprise): The task being paused no longer impacts restart attempts
-
ui: Contextualizes the Start Job button on whether it is startable, revertable, or not
And some security and bug fixes, including:
-
api: sanitize the SignedIdentities in allocations of events to clean the identity token.
-
event stream: fixes vulnerability CVE-2025-0937, where using a wildcard namespace to subscribe to the events API grants a user access to read more events than intended.
-
agent: Fixed a couple bugs with syslog showing improper notice priority
-
csi: Fixed a bug where volume context from the plugin would be erased on volume updates
-
docker: Fixed a bug that prevented image_pull_timeout from being applied
-
docker: Fixed a bug where “error reading image pull progress” caused the allocation to get stuck
-
taskrunner: fix panic when a task with dynamic user is recovered
-
reporting (Enterprise): Updated the reporting metric to utilize node active heartbeat count.
Please refer to the changelog for the complete list of changes. We are also releasing backports of all bug fixes to Nomad Enterprise v1.8.10 and v1.7.18.
Thanks,
The Nomad Team
1.9.6 Binaries - https://releases.hashicorp.com/nomad/1.9.6/
1.9.6 Changelog - https://github.com/hashicorp/nomad/blob/v1.9.6/CHANGELOG.md