What’s the point: Go gets security fix, Consul hits 1.4.1, Spring Cloud Task, TeamCity

What's the point

The team behind Google’s Go has released v1.11.5 and 1.10.8 of the programming language to get rid of an DoS vulnerability in some crypto implementation. The update is recommended for all users, since the issue can let attackers deliver inputs that cause excessive CPU use and even lead to key recovery.

Spring Cloud

Spring Cloud Task is now available in v2.1. The offering for developing short-lived microservices with Spring Cloud and run them locally, in the cloud or on the Cloud Data Flow service, has been reworked for alignment with Spring Boot 2.1.0, sporting updated dependencies amongst other things. Infrastructure components of Cloud Task are now enabled through configuration and when a task is executing, the exitCode of a TaskExecution is null.


HashiCorp’s service mesh Consul has been updated to v1.4.1. The minor release now includes catalog operations for nodes, services, and checks in the transaction API, an interface enabling queries off the health catalog against the local agent, and new subcommand consul tls to facilitate bootstrapping TLS for Consul agents.

Other than that the team has introduced a rate limitation for Consul related certificate signing, and found a way to reduce the bootstrapping time for large scale gossip clusters.


Performance improvements are also part of the recent TeamCity 2018.2.2 release, which also includes a couple of security fixes and is therefore strongly recommended. Other than that JetBrains has gotten rid of some usability problems and added read-only modes to parts of the diagnostics tab.