winget install --id Hashicorp.Consul
About HashiCorp Consul
Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. Consul provides several key features: - Multi-Datacenter - Consul is built to be datacenter aware, and can support any number of regions without complex configuration. - Service Mesh - Consul Service Mesh enables secure service-to-service communication with automatic TLS encryption and identity-based authorization. Applications can use sidecar proxies in a servi...
What's new in 2.0.1
SECURITY: - Upgrade go version to 1.26.4 to address GO-2026-5039, GO-2026-5038,GO-2026-5037 [GH-23637] - connect: Upgrade envoy version to 1.37.4, 1.36.8, 1.35.12; Add new version of Envoy 1.38.2 and remove 1.34.14 [GH-23664] IMPROVEMENTS: - dockerfile: layer reduction by merging RUN commands and minor changes following best practices. [GH-23650] - product-telemetry: product usage reporting now preserves export cadence across restarts and leader re-elections by resuming from the last successful export time, preventing delays - server: Auth method TokenNameFormat field accepts OIDC and JWT claim mapping values [GH-23616] - ui: Removed block-slot addon dependency [GH-23481] BUG FIXES: - connect: Strip the x-forwarded-client-cert header from inbound HTTP requests before forwarding them to local service instances. [GH-23544] - server: Fixed a bug where renaming a server (or wiping and rejoining it with the same IP and Raft node ID) could cause an out-of-order serf event to evict the live leader from the internal server lookup, resulting in Raft leader not found in server lookup mapping (HTTP 500) errors on follower RPCs until the next member event resynced the mapping. [GH-23533] 2.0.0 (May 22, 2026) SECURITY: - connect: Upgrade envoy version to 1.37.2 and newer versions [GH-23469] - go: Upgrade go version to 1.26 [GH-23493] - agent: Increased default HTTP server timeouts to prevent breaking long-polling blocking queries. read_timeout and write_timeout are now set to 15 minutes (up from 30 seconds), while read_header_timeout (10s) and idle_timeout (120s) still provide protectio...
Version history
| Version | Updated | Notes |
|---|---|---|
| 2.0.1 | Unknown | SECURITY: - Upgrade go version to 1.26.4 to address GO-2026-5039, GO-2026-5038,GO-2026-5037 [GH-23637] - connect: Upgrade envoy version to 1.37.4, 1.36.8, 1.35.12; Add new version of Envoy 1.38.2 and remove 1.34.14 [GH-2... |
| 2.0.0 | Unknown | SECURITY: - connect: Upgrade envoy version to 1.37.2 and newer versions [GH-23469] - go: Upgrade go version to 1.26 [GH-23493] - agent: Increased default HTTP server timeouts to prevent breaking long-polling blocking que... |
| 1.22.7 | Unknown | SECURITY: - security: update google.golang.org/grpc to fix CVE-2026-33186 [GH-23379] - security: upgrade go.opentelemetry.io/otel to 1.42.0 to remediate CVE-2026-24051 (Path Hijacking / Untrusted Search Paths on macOS).... |
| 1.22.6 | Unknown | SECURITY: - security: upgrade envoy version to 1.35.9 and 1.34.13 [GH-23372] - security: update google.golang.org/grpc to fix CVE-2026-33186 [GH-23379] - security: upgrade go version to 1.25.8 [GH-23322] - security: bump... |
| 1.22.5 | Unknown | SECURITY: - security: upgrade go version to 1.25.7 [GH-23204] - dockerfile: the Consul build Go base image to alpine3.23 [GH-23194] - connect: Migrate to aws-sdk-go-v2 from aws-sdk-go (v1). Also updated consul-awsauth an... |
| 1.22.4 | Unknown | SECURITY: - security: upgrade go version to 1.25.7 [GH-23204] - dockerfile: the Consul build Go base image to alpine3.23 [GH-23194] - connect: Migrate to aws-sdk-go-v2 from aws-sdk-go (v1). Also updated consul-awsauth an... |
| 1.22.3 | Unknown | SECURITY: - Update the Consul Build Go base image to alpine3.23.2 [GH-23138] IMPROVEMENTS: - api: Add consul services imported-services and new api(/v1/exported-services) command to list services imported by partitions w... |
| 1.22.2 | Unknown | SECURITY: - security: Upgrade golang to 1.25.4. [GH-23029] - security: upgrade internal packages of RHEL builds to include security fixes [GH-23078] IMPROVEMENTS: - ui: upgraded Ember framework from v3.28 to v4.12, impro... |
| 1.22.1 | Unknown | SECURITY: - connect: Upgrade envoy version to 1.35.6 [GH-23056] - security: Updated golang.org/x/crypto from v0.42.0 to v0.44.0. This resolves GO-2025-4116 IMPROVEMENTS: - ui: Removed ember-route-action-helper and migrat... |
| 1.22.0 | Unknown | SECURITY: - connect: Upgrade Consul's bundled Envoy version to 1.35.3 and remove support for 1.31.10. This update also includes a fix to prevent Envoy (v1.35+) startup failures by only configuring the TLS transport socke... |
| 1.21.5 | Unknown | SECURITY: - Migrate transitive dependency from archived mitchellh/mapstructure to go-viper/mapstructure to v2 to address CVE-2025-52893. [GH-22581] - agent: Add the KV Validations to block path traversal allowing access... |
| 1.21.4 | Unknown | SECURITY: - security: Update Go to 1.23.12 to address CVE-2025-47906 [GH-22547] IMPROVEMENTS: - ui: Replaced internal code editor with HDS (HashiCorp Design System) code editor and code block components for improved acce... |
| 1.21.3 | Unknown | IMPROVEMENTS: - ui: Improved display and handling of IPv6 addresses for better readability and usability in the Consul web interface. [GH-22468] BUG FIXES: - cli: validate IP address in service registration to prevent in... |
| 1.21.2 | Unknown | SECURITY: - security: Upgrade UBI base image version to address CVE CVE-2025-4802 CVE-2024-40896 CVE-2024-12243 CVE-2025-24528 CVE-2025-3277 CVE-2024-12133 CVE-2024-57970 CVE-2025-31115 [GH-22409] - cli: update tls ca an... |
| 1.21.1 | Unknown | FEATURES: - xds: Extend LUA Script support for API Gateway [GH-22321] - xds: Added a configurable option to disable XDS session load balancing, intended for scenarios where an external load balancer is used in front of C... |
| 1.21.0 | Unknown | FEATURES: - config: add UseSNI flag in remote JSONWebKeySet agent: send TLS SNI in remote JSONWebKeySet [GH-22177] - v2: remove HCP Link integration [GH-21883] IMPROVEMENTS: - raft: add a configuration raft_prevote_disab... |
| 1.20.6 | Unknown | SECURITY: - Update golang.org/x/net to v0.38.0 to address GHSA-vvgc-356p-c3xw and GO-2025-3595. Update github.com/golang-jwt/jwt/v4 to v4.5.2 to address GO-2025-3553 and GHSA-mh63-6h87-95cp. Update Go to v1.23.8 to addre... |
| 1.20.5 | Unknown | No notes |
| 1.19.0 | Unknown | No notes |
| 1.18.0 | Unknown | No notes |