v3.6.20
- Add
Headers.collapseMultiValuedHeaders()by @gavinbunney in https://github.com/Netflix/zuul/pull/2172
Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.19...v3.6.20
Fluent Bit 5.0.9
https://fluentbit.io/announcements/v5.0.9/
- workflows: bump azure/setup-helm from 5.0.0 to 5.0.1 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11997
- workflows: bump actions/setup-python from 6.2.0 to 6.3.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11996
- workflows: bump actions/cache from 5.0.5 to 6.0.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11995
- github: workflows: Use semver and timestamp suffixes to distinguish branches by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12016
- workflows: bump actions/cache/restore from 6.0.0 to 6.1.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12011
- workflows: bump crazy-max/ghaction-chocolatey from 4.0.0 to 4.1.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12012
- workflows: bump actions/cache/save from 6.0.0 to 6.1.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12013
- release: update to 5.0.9 by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12018
- in_windows_exporter_metrics: Implement user-defined performance counters w/ PDH by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12006
- tests: runtime: Try to address test hang by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12000
- workflows: bump docker/build-push-action from 7.2.0 to 7.3.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12031
- workflows: bump docker/setup-qemu-action from 4.1.0 to 4.2.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12030
- in_forward: validate PING is a msgpack array in check_ping by @saddamr3e in https://github.com/fluent/fluent-bit/pull/12034
- filter_kubernetes: Attach k8s metadata for internal logs by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11998
- in_ebpf: Implement openssl trace by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11793
- tests: runtime: Use more concrete matchers for assertions by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12014
- in_tail: Another attempt to plug segv on in tail by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12010
- filter_write_tag: in_emitter: Mitigate data loss on multiline by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12029
- workflows: bump docker/setup-buildx-action from 4.1.0 to 4.2.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12041
- workflows: bump docker/login-action from 4.2.0 to 4.3.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12040
- workflows: bump docker/metadata-action from 6.1.0 to 6.2.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12039
- workflows: bump github/codeql-action/upload-sarif from 4.36.2 to 4.36.3 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/12038
- out_cloudwatch_logs: Plug SEGV on not found error by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11983
- lib: librdkafka: Upgrade to v2.15.0 by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12028
- in_ebpf: Generate mostly monotonic event id for increasing traceability by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/12002
- in_splunk: return Splunk HEC auth status codes by @lecaros in https://github.com/fluent/fluent-bit/pull/12043
- out_forward: align secure forward handshake and chunk ack with protocol spec by @edsiper in https://github.com/fluent/fluent-bit/pull/12037
- out_stackdriver: fix multi-worker resource-metadata data race (SIGSEGV) by @erain in https://github.com/fluent/fluent-bit/pull/12023
- out_stackdriver: fix payload parsing over-reads and null safety by @erain in https://github.com/fluent/fluent-bit/pull/12022
- codeowners: update @jeffluoo to @JeffLuoo by @JeffLuoo in https://github.com/fluent/fluent-bit/pull/11941
- gzip: skip FCOMMENT terminator in streaming decompressor by @saddamr3e in https://github.com/fluent/fluent-bit/pull/11969
- in_forward: fix 100% CPU hang and connection teardown use-after-free by @edsiper in https://github.com/fluent/fluent-bit/pull/12044
- build fixes: out_stackdriver int64_t line var, gzip endian-safe magic check by @edsiper in https://github.com/fluent/fluent-bit/pull/12045
Full Changelog: https://github.com/fluent/fluent-bit/compare/v5.0.8...v5.0.9
v3.6.19
- Make http2 graceful shutdown timeouts configurable by @jguerra in https://github.com/Netflix/zuul/pull/2162
- Fix server shutdown hook logic by @jguerra in https://github.com/Netflix/zuul/pull/2163
- Skip filters with a no-op processContentChunk during chunk processing by @gavinbunney in https://github.com/Netflix/zuul/pull/2168
- Avoid allocating an iterator per filter in
FilterConstraints.isConstrainedby @gavinbunney in https://github.com/Netflix/zuul/pull/2169
Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.18...v3.6.19
superset-helm-chart-0.19.0
Apache Superset is a modern, enterprise-ready business intelligence web application
v3.6.13
Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).
For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.
ETCD_VER=v3.6.13
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
# start a local etcd server
/tmp/etcd-download-test/etcd
# write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo
ETCD_VER=v3.6.13
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
etcd uses gcr.io/etcd-development/etcd as a primary container registry, and quay.io/coreos/etcd as secondary.
ETCD_VER=v3.6.13
rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \
docker rmi gcr.io/etcd-development/etcd:${ETCD_VER} || true && \
docker run \
-p 2379:2379 \
-p 2380:2380 \
--mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \
--name etcd-gcr-${ETCD_VER} \
gcr.io/etcd-development/etcd:${ETCD_VER} \
/usr/local/bin/etcd \
--name s1 \
--data-dir /etcd-data \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://0.0.0.0:2379 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-advertise-peer-urls http://0.0.0.0:2380 \
--initial-cluster s1=http://0.0.0.0:2380 \
--initial-cluster-token tkn \
--initial-cluster-state new \
--log-level info \
--logger zap \
--log-outputs stderr
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcd --version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdutl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl endpoint health
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl put foo bar
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl get foo
v3.5.32
Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).
For installation guides, please check out operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.
ETCD_VER=v3.5.32
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
# start a local etcd server
/tmp/etcd-download-test/etcd
# write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo
ETCD_VER=v3.5.32
# choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
etcd uses gcr.io/etcd-development/etcd as a primary container registry, and quay.io/coreos/etcd as secondary.
ETCD_VER=v3.5.32
rm -rf /tmp/etcd-data.tmp && mkdir -p /tmp/etcd-data.tmp && \
docker rmi gcr.io/etcd-development/etcd:${ETCD_VER} || true && \
docker run \
-p 2379:2379 \
-p 2380:2380 \
--mount type=bind,source=/tmp/etcd-data.tmp,destination=/etcd-data \
--name etcd-gcr-${ETCD_VER} \
gcr.io/etcd-development/etcd:${ETCD_VER} \
/usr/local/bin/etcd \
--name s1 \
--data-dir /etcd-data \
--listen-client-urls http://0.0.0.0:2379 \
--advertise-client-urls http://0.0.0.0:2379 \
--listen-peer-urls http://0.0.0.0:2380 \
--initial-advertise-peer-urls http://0.0.0.0:2380 \
--initial-cluster s1=http://0.0.0.0:2380 \
--initial-cluster-token tkn \
--initial-cluster-state new \
--log-level info \
--logger zap \
--log-outputs stderr
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcd --version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdutl version
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl endpoint health
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl put foo bar
docker exec etcd-gcr-${ETCD_VER} /usr/local/bin/etcdctl get foo
3.13.0 / 2026-07-01
This is a Long Term Support LTS release.
- [SECURITY] UI: Bump
sanitize-htmlto fix a cross-site scripting vulnerability (CVE-2026-44990). #18697 - [CHANGE] UI: Third-party npm dependency licenses are now embedded in the Prometheus binary and served at
/assets/third-party-licenses.txt, replacing thenpm_licenses.tar.bz2archive previously shipped in release tarballs and container images. #18997 - [CHANGE] API: Use SHA-256 instead of SHA-1 to generate rule group pagination tokens. #18927
- [CHANGE] HTTP clients: Credentials (Authorization header, basic auth, bearer token, OAuth2, configured headers) are no longer forwarded when following a redirect to a different host; affects scraping, remote read/write, alerting, and service discovery. Via prometheus/common v0.69.0 (CVE-2025-4673 CVE-2023-45289). #18949
- [CHANGE] promtool: Relative file paths in the file passed to
--http.config.fileare now resolved relative to that config file's directory instead of its parent directory. Via prometheus/common v0.69.0. #18949 - [CHANGE] PromQL: Rename the
min()andmax()duration-expression functions (experimental feature flagexperimental-duration-expr) tomin_of()andmax_of()to avoid confusion with theminandmaxaggregate operators. #18687 - [FEATURE] API: Add experimental search endpoints to search metric names, label names, and label values. #18573
- [FEATURE] Discovery/AWS: Add ability to filter RDS instances. #18859
- [FEATURE] PromQL: Add
min_of(a, b)andmax_of(a, b)scalar experimental functions, returning the smaller or larger of two scalar values. #18687 - [FEATURE] PromQL: Add support for smoothed/anchored rate with native histograms. #18564
- [FEATURE] PromQL: Expose per-query
samplesRead(andsamplesReadPerStepwithstats=alland thepromql-per-step-statsfeature flag) in the query stats response, and add theprometheus_engine_query_samples_read_totalengine counter.samplesReadreflects storage I/O distinct fromtotalQueryableSamples, which counts samples loaded into the evaluator (and so over-counts when a sample is reused across multiple range-vector windows). #18081 - [FEATURE] Scrape: Add
__convert_classic_histograms_to_nhcb__internal label to allow per-target override ofconvert_classic_histograms_to_nhcbscrape configuration via relabeling. #18840 - [FEATURE] TSDB: Add
storage.tsdb.chunk_encoding.floatsconfiguration field to select float chunk encoding (xororxor2) at runtime, independently of the--enable-feature=xor2-encodingflag. #18769 - [FEATURE] remote_write: Add Certificate support for ingesting data into an Azure Monitor Workspace. #18217
- [FEATURE] Scrape: Add
__always_scrape_classic_histograms__and__scrape_native_histograms__internal labels to allow per-target override of thealways_scrape_classic_histogramsandscrape_native_histogramsscrape configuration via relabeling. #18929 - [ENHANCEMENT] Release: Container images are now also published to the GitHub Container Registry (ghcr.io). #18791
- [ENHANCEMENT] PromQL: Prettify
fill_left(x) fill_right(x)asfill(x)when both fill values are equal. #18851 - [ENHANCEMENT] UI: Improve autocompletion after closing a function bracket. #18894
- [PERF] Labels: Add case-insensitive prefix matching to speed up evaluation of long case-insensitive regular expressions (up to ~2x faster). #18540
- [PERF] TSDB: Reduce per-sample overhead in chunk population, speeding up affected queries by ~12-15% in benchmarks. #18699
- [PERF] TSDB: Eliminate unnecessary heap allocations in the V2 histogram WAL decoder, reducing allocations by up to 50% and memory by up to 10% for deployments using native histograms with created-timestamp storage enabled (
--enable-feature=created-timestamp-zero-ingestion). #18813 - [BUGFIX] Discovery/AWS: Fix failure when processing an AWS RDS cluster without instances. #18845
- [BUGFIX] Fix race condition in initTime that could cause ErrOutOfBounds. #18629
- [BUGFIX] PromQL: A range query whose
endwas not aligned tostepcaused subqueries inside it to evaluate past the parent's last actual step, inflatingpeakSamplesin the query stats and against thequery.max-sampleslimit, and wasting storage I/O reading samples that were never used in the result. #18081 - [BUGFIX] PromQL: A range query containing an at-modifier-unsafe function over a range-vector with an
@modifier (e.g.predict_linear(metric[60s] @ T, X)) silently under-countedtotalQueryableSamplesfor steps after step 0. #18081 - [BUGFIX] PromQL: Fix
fill_left/fill_rightproducing missing samples in range queries when usinggroup_left/group_right. #18850 - [BUGFIX] PromQL: Fix for resets() and changes() in anchored range extenders with histograms. #18906
- [BUGFIX] PromQL: Fix panic on
1[5m] smoothedand similar expressions when extended range selectors are enabled. #18764 - [BUGFIX] PromQL: Fix panic when a
smoothedinstant vector selector produces no samples for a series. #18943 - [BUGFIX] PromQL: Fix panic when using a parenthesised plain number as an offset (e.g.
foo offset -(5)). #18768 - [BUGFIX] promtool: Fix panic when parsing exposition text containing empty braces
{}. Via prometheus/common v0.69.0. #18949 - [BUGFIX] Promtool: Fix
check healthyandcheck readywhen--urlends with a trailing slash. #18854 - [BUGFIX] Rules: Close PromQL query after each rule evaluation to ensure resources are released. #18733
- [BUGFIX] Scaleway SD: Resolve VPC/IPAM-only instances that have no legacy
private_iporpublic_ipfield, but do have private NICs attached. #18772 - [BUGFIX] TSDB: Do not leak head series when an integer histogram append is rejected (e.g. out-of-order). #18838
- [BUGFIX] UI: Escape label values offered by PromQL autocomplete. #18658
- [BUGFIX] TSDB: Fix chunk snapshot encoding for EncXOR2 chunks, preventing corruption on TSDB restart when EncXOR2-encoded series were present. #18739
- [BUGFIX] TSDB: Store a millisecond timestamp (not a WAL segment number) in walExpiries when a series is evicted via CompactStaleHead/CompactSelectedSeries, so the series's label record is correctly retained in the next WAL checkpoint and replays cleanly. #18847
- [BUGFIX] TSDB: Prevent loss of samples at the chunk-range boundary when CompactSelectedSeries (and CompactStaleHead) evict the series — the per-slice compaction loop now runs one more iteration so the boundary timestamp is captured in a block before the in-memory copy is removed. #18849