enterprise-2.18.3-3
hotpatchOctober 3, 2025
- Update
libcrypto3andlibssl3to remediate CVE-2025-9230, CVE-2025-9231, and CVE-2025-9232
Buoyant Enterprise for Linkerd
The enterprise distribution of Linkerd brought to you by Buoyant, the creators of Linkerd.
enterprise-2.17.3-3
hotpatchOctober 3, 2025
- Update
libcrypto3andlibssl3to remediate CVE-2025-9230, CVE-2025-9231, and CVE-2025-9232
enterprise-2.18.3-2
hotpatchSeptember 15, 2025
- Update
libc6to remediate CVE-2025-4802 and CVE-2025-8058
enterprise-2.17.3-2
hotpatchSeptember 15, 2025
- Update
libc6to remediate CVE-2025-4802 and CVE-2025-8058
enterprise-2.16.5-4
hotpatchSeptember 15, 2025
- Update
libc6to remediate CVE-2025-4802 and CVE-2025-8058
enterprise-2.18.3-1
hotpatchAugust 20, 2025
- Update Go version from 1.24.5 to 1.25.0 to remediate CVE-2025-47907
- Update Go Helm dependency to remediate GHSA-9h84-qmv7-982p and GHSA-f9f8-9pmf-xv68
enterprise-2.17.3-1
hotpatchAugust 20, 2025
- Update Go version from 1.24.5 to 1.25.0 to remediate CVE-2025-47907
- Update Go Helm dependency to remediate GHSA-9h84-qmv7-982p and GHSA-f9f8-9pmf-xv68
enterprise-2.16.5-3
hotpatchAugust 11, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176 - Update
golang.org/x/oauth2to0.27.0to remediate CVE-2025-22868 - Update Helm dependency to
v3.17.4to remediate GHSA-557j-xg8c-q2mm
July 29, 2025
The 2.18.3 stable point release includes bugfixes and minor improvements.
July 23, 2025
The 2.17.3 stable point release includes bugfixes and minor improvements.
July 9, 2025
The 2.18.2 stable point release includes a proxy bugfix, adds a signed multiarch
SBOM index, and removes an incorrect deprecation warning in the
linkerd upgrade command.
enterprise-2.18.1-1
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate CVE-2025-22874, CVE-2025-0913, and CVE-2025-4673.
enterprise-2.17.2-2
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate CVE-2025-22874, CVE-2025-0913, and CVE-2025-4673.
enterprise-2.16.5-2
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate CVE-2025-22874, CVE-2025-0913, and CVE-2025-4673.
June 9, 2025
The 2.18.1 stable point release includes bugfixes and improvements to HAZL configuration.
enterprise-2.18.0-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.17.2-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.16.5-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
May 5, 2025
The 2.17.2 stable point release addresses CVE-2025-43915 and includes additional dependency upgrades.
May 5, 2025
The 2.16.5 stable point release addresses CVE-2025-43915 and includes additional dependency upgrades.
enterprise-2.15.7-9
hotpatchMay 1, 2025
- Bump golang.org/x/net to
0.39.0to remediate GHSA-vvgc-356p-c3xw and GHSA-qxp5-gwg8-xv66 - Bump helm.sh/helm/v3 to
v3.17.3remediate GHSA-4hfp-h4cw-hj8p and GHSA-5xqw-8hwv-wg92 - Bump Go to
1.24.2to remediate CVE-2025-22871 CVE-2025-22871
April 28, 2025
Linkerd 2.18 is a new major release that adds GitOps-compatible multicluster linking, improved support for the Gateway API, protocol declarations, and a host of other features and bugfixes.
April 22, 2025
- Release candidate for the
enterprise-2.18.0release
April 17, 2025
- Release candidate for the
enterprise-2.18.0release
April 11, 2025
- Release candidate for the
enterprise-2.18.0release
April 7, 2025
- Release candidate for the
enterprise-2.18.0release
March 26, 2025
- Release candidate for the
enterprise-2.18.0release
enterprise-2.17.1-5
hotpatchMarch 24, 2025
- Update
jwtto remediate GHSA-mh63-6h87-95cp - Update
containerdto remediate GHSA-265r-hfxg-fhmg - Update
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Update
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.16.4-5
hotpatchMarch 24, 2025
- Updated
jwtto remediate GHSA-mh63-6h87-95cp - Updated
containerdto remediate GHSA-265r-hfxg-fhmg - Updated
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Updated
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.15.7-8
hotpatchMarch 24, 2025
- Updated
jwtto remediate GHSA-mh63-6h87-95cp - Updated
containerdto remediate GHSA-265r-hfxg-fhmg - Updated
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Updated
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.17.1-4
hotpatchMarch 7, 2025
- Update
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate CVE-2024-9143 and CVE-2024-13176 - Update Go to 1.24.1
- Fixed
linkerd jaeger installCLI command outputting an invalid webhook image name
enterprise-2.16.4-4
hotpatchMarch 7, 2025
- Updated
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate CVE-2024-9143 and CVE-2024-13176 - Updated Go to 1.24.1
- Fixed
linkerd jaeger installCLI command outputting an invalid webhook image name
enterprise-2.15.7-7
hotpatchMarch 7, 2025
- Updated
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate CVE-2024-9143 and CVE-2024-13176 - Updated Go to 1.24.1
enterprise-2.17.1-3
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.16.4-3
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.15.7-6
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.17.1-2
hotpatchFebruary 12, 2025
- Update Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.16.4-2
hotpatchFebruary 12, 2025
- Updated Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.15.7-5
hotpatchFebruary 12, 2025
- Updated Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.17.1-1
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.16.4-1
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.15.7-4
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.15.7-3
hotpatchFebruary 6, 2025
- Updated Go to 1.23.5 to remediate CVE-2024-45336 and CVE-2024-45341
February 4, 2025
The 2.17.1 stable point release includes bugfixes and minor improvements.
February 4, 2025
The 2.16.4 stable point release includes bugfixes and minor improvements.
January 30, 2025
- Release candidate for the
enterprise-2.17.1release
January 30, 2025
- Release candidate for the
enterprise-2.16.4release
enterprise-2.17.0-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.16.3-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.15.7-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.17.0-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
enterprise-2.16.3-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
enterprise-2.15.7-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
December 11, 2024
The 2.16.3 stable point release includes bugfixes and minor improvements.
December 11, 2024
The 2.15.7 stable point release includes bugfixes and minor improvements.
December 5, 2024
Linkerd 2.17 is a new major release that adds rate limiting, federated services, and monitoring and control of egress traffic from the cluster. See our Linkerd 2.17 announcement blog post for more details.
December 3, 2024
- Release candidate for the
enterprise-2.17.0release
November 25, 2024
- Release candidate for the
enterprise-2.17.0release
November 23, 2024
- Release candidate for the
enterprise-2.17.0release
enterprise-2.16.2-1
hotpatchNovember 13, 2024
- Update
libssl3inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2024-5535, and CVE-2024-9143 - Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-9143
enterprise-2.15.6-1
hotpatchNovember 13, 2024
- Update
libssl3inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2024-5535, and CVE-2024-9143 - Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-9143
November 4, 2024
The 2.16.2 stable point release includes bugfixes and minor improvements.
October 14, 2024
The 2.16.1 stable point release includes bugfixes and minor improvements.
October 14, 2024
The 2.15.6 stable point release includes bugfixes and minor improvements.
October 11, 2024
- Release candidate for the
enterprise-2.16.1release
October 11, 2024
- Release candidate for the
enterprise-2.15.6release
October 4, 2024
- Release candidate for the
enterprise-2.16.1release
October 4, 2024
- Release candidate for the
enterprise-2.16.1release
October 3, 2024
- Release candidate for the
enterprise-2.15.6release
August 13, 2024
Linkerd 2.16 is a new major release that adds new retry, timeout, and per-route metrics to HTTPRoute and GRPCRoute types, bringing Linkerd’s Gateway API implementation to feature parity with ServiceProfiles and addressing some long-standing wrinkles with these features. Linkerd 2.16 also adds support for IPv6 and introduces an audit mode for Linkerd’s zero trust network policies.
enterprise-2.15.5-2
hotpatchJuly 30, 2024
- Updated Go docker dependency to remediate CVE-2024-41110
enterprise-2.15.5-1
hotpatchJuly 24, 2024
- Updated Go Kubernetes dependencies to remediate CVE-2024-5321
- Updated Rust openssl dependency to remediate GHSA-q445-7m23-qrmw
- Updated proxy-init base image to remediate CVE-2024-5535
July 11, 2024
The 2.15.5 stable point release includes a variety of bug fixes and proxy configuration features, including a fix for CVE-2024-40632.
July 10, 2024
- Release candidate for the
enterprise-2.15.5release
enterprise-2.15.4-1
hotpatchJuly 8, 2024
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2023-5678
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2023-6129
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2024-0727
June 12, 2024
The 2.15.4 stable point release includes a variety of bug fixes and some minor diagnostic and configuration features.
June 10, 2024
- Release candidate for the
enterprise-2.15.4release
June 9, 2024
- Release candidate for the
enterprise-2.15.4release
May 31, 2024
- Test build of the of the autoregistration harness
May 20, 2024
The 2.15.3 stable point release includes a variety of bug fixes, usability improvements, and new diagnostic and configuration features. It also adjusts the default configuration of the HAZL load balancer to be more aggressive in shifting load to other zones.
May 17, 2024
- Release candidate for the
enterprise-2.15.3release
May 16, 2024
- Test build that removes the stream concurrency limit for control plane gRPC servers
May 15, 2024
- First release of the autoregistration harness
May 14, 2024
- Release candidate for the
enterprise-2.15.3release
May 13, 2024
- Release candidate for the
enterprise-2.15.3release
enterprise-2.15.2-3
hotpatchMay 3, 2024
- Updated proxy base image to remediate CVE-2024-2961
enterprise-2.15.2-2
hotpatchMay 2, 2024
- Updated proxy build base image to remediate CVE-2024-2961
enterprise-2.15.2-1
hotpatchApril 22, 2024
- Updated Rust rustls dependency to remediate CVE-2024-32650
April 5, 2024
The 2.15.2 stable point release includes bug fixes, CVE remediations, and some minor feature updates. It merges HAZL into the main proxy build (previous releases required a separate build), improves certain metrics, and fixes a memory leak in the policy controller.
April 3, 2024
- Release candidate for the
enterprise-2.15.2release
enterprise-2.15.1-3
hotpatchMarch 20, 2024
- Updated Go docker dependency to remediate CVE-2024-24557
- Updated Go helm dependency to remediate CVE-2019-25210
March 19, 2024
- Updated
linkerd checkto validate Linkerd version strings that include build and and patch info, e.g.enterprise-2.15.1-1-fips - Updated Go helm dependency to remediate CVE-2019-25210
March 13, 2024
- Introduced a
linkerd licenseCLI command, to output client and server license information.
March 7, 2024
- Introduced a
licenseSecretHelm value to allow storing the Buoyant license in a Kubernetes secret. - Updated google.golang.org/protobuf dependency to remediate CVE-2024-24786
enterprise-2.15.1-2
hotpatchMarch 7, 2024
- Updated google.golang.org/protobuf dependency to remediate CVE-2024-24786
- Updated Go to 1.22.1
enterprise-2.15.1-1
hotpatchMarch 4, 2024
- Updated Rust mio dependency to remediate CVE-2024-27308
February 23, 2024
This is a minor update that is primarily intended to assist Enterprise Plan users who are enabling HAZL.
February 21, 2024
Linkerd 2.15 is a new major release that adds support for workloads outside of Kubernetes. This new “mesh expansion” feature allows Linkerd users to bring applications running on VMs, physical machines, and other non-Kubernetes locations into the mesh.
February 16, 2024
- Updated Go helm dependency to remediate CVE-2024-25620
February 7, 2024
- Updated to Go 1.22
February 3, 2024
- Updated
extension-initandpolicy-controllerimages to remediate CVE-2023-6246
January 31, 2024
- Added Argo Rollouts support to
linkerd policy generateCLI command - Modified
linkerd policy generateCLI command to only generate policy forenterpriseandpreviewproxies
January 24, 2024
- Updated
proxy-initimage to remediate CVE-2023-6129 - Updated Rust shlex dependency to remediate GHSA-r7qv-8r2h-pg27
- Updated Rust h2 dependency to remediate GHSA-8r5v-vm4m-4g25
January 15, 2024
- Fix
linkerd check --prefailure - Multiplatform support for High Availability Zonal Load Balancing proxy
January 14, 2024
- Introduce support for High Availability Zonal Load Balancing
January 13, 2024
- Initial release of Buoyant Enterprise for Linkerd
previewchannel - Introduce a new
linkerd fips auditCLI command, to audit FIPS compliance on Linkerd-enabled clusters - Introduce Buoyant license requirement, please obtain a license from https://enterprise.buoyant.io