March 25, 2026
The 2.19.6 stable point release updates some dependencies to address reported CVEs in underlying components.
Buoyant Enterprise for Linkerd
The enterprise distribution of Linkerd brought to you by Buoyant, the creators of Linkerd.
March 25, 2026
The 2.18.9 stable point release updates some dependencies to address reported CVEs in underlying components.
March 25, 2026
The 2.17.9 stable point release updates some dependencies to address reported CVEs in underlying components.
March 9, 2026
The 2.19.5 stable point release updates some dependencies to address reported CVEs in underlying components.
March 9, 2026
The 2.18.8 stable point release updates some dependencies to address reported CVEs in underlying components.
March 9, 2026
The 2.17.8 stable point release updates some dependencies to address reported CVEs in underlying components.
December 19, 2025
The 2.19.4 point release fixes an issue with TLS algorithm negotiation that may affect connection establishment with other FIPS proxy versions. It also reduces memory consumption in the destination controller when running federated services with large-scale rollouts.
December 15, 2025
The 2.19.3 stable point release updates some dependencies to address reported CVEs in underlying components.
December 15, 2025
The 2.18.7 point release fixes an issue with TLS algorithm negotiation that may affect connection establishment with other FIPS proxy versions. It also reduces memory consumption in the destination controller when running federated services with large-scale rollouts.
December 15, 2025
The 2.17.7 point release fixes an issue with TLS algorithm negotiation that may affect connection establishment with other FIPS proxy versions.
December 4, 2025
The 2.19.2 stable point release updates some dependencies to address reported CVEs in underlying components.
enterprise-2.18.5-1
hotpatchDecember 4, 2025
- Update
golang.org/x/cryptodependency to remediate- GHSA-j5w8-q4qc-rx2x (maps to CVE-2025-58181)
- GHSA-f6x5-jh6r-wrfv (maps to CVE-2025-47914)
enterprise-2.17.5-1
hotpatchDecember 4, 2025
- Update
golang.org/x/cryptodependency to remediate- GHSA-j5w8-q4qc-rx2x (maps to CVE-2025-58181)
- GHSA-f6x5-jh6r-wrfv (maps to CVE-2025-47914)
November 14, 2025
The 2.19.1 stable point release updates some dependencies to address reported CVEs in underlying components.
November 14, 2025
The 2.18.5 stable point release updates some dependencies to address reported CVEs in underlying components.
November 14, 2025
The 2.17.5 stable point release updates some dependencies to address reported CVEs in underlying components.
November 6, 2025
The 2.18.4 stable point release updates some dependencies to address reported CVEs in underlying components.
November 6, 2025
The 2.17.4 stable point release updates some dependencies to address reported CVEs in underlying components.
October 31, 2025
Linkerd 2.19 is a new major release that adds support for Windows containers and post-quantum cryptography, improves Linkerd’s supply chain security, and optionally supports FIPS 140-3 validated encryption.
enterprise-2.18.3-3
hotpatchOctober 3, 2025
- Update
libcrypto3andlibssl3to remediate
enterprise-2.17.3-3
hotpatchOctober 3, 2025
- Update
libcrypto3andlibssl3to remediate
enterprise-2.18.3-2
hotpatchSeptember 15, 2025
- Update
libc6to remediate
enterprise-2.17.3-2
hotpatchSeptember 15, 2025
- Update
libc6to remediate
enterprise-2.16.5-4
hotpatchSeptember 15, 2025
- Update
libc6to remediate
enterprise-2.18.3-1
hotpatchAugust 20, 2025
- Update Go version from 1.24.5 to 1.25.0 to remediate
- Update Go Helm dependency to remediate
enterprise-2.17.3-1
hotpatchAugust 20, 2025
- Update Go version from 1.24.5 to 1.25.0 to remediate
- Update Go Helm dependency to remediate
enterprise-2.16.5-3
hotpatchAugust 11, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176 - Update
golang.org/x/oauth2to0.27.0to remediate CVE-2025-22868 - Update Helm dependency to
v3.17.4to remediate GHSA-557j-xg8c-q2mm
July 29, 2025
The 2.18.3 stable point release includes bugfixes and minor improvements.
July 23, 2025
The 2.17.3 stable point release includes bugfixes and minor improvements.
July 9, 2025
The 2.18.2 stable point release includes a proxy bugfix, adds a signed multiarch
SBOM index, and removes an incorrect deprecation warning in the
linkerd upgrade command.
enterprise-2.18.1-1
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate
enterprise-2.17.2-2
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate
enterprise-2.16.5-2
hotpatchJune 23, 2025
- Update
golangto 1.24.4 for both non-FIPS and FIPS to remediate
June 9, 2025
The 2.18.1 stable point release includes bugfixes and improvements to HAZL configuration.
enterprise-2.18.0-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.17.2-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.16.5-1
hotpatchJune 2, 2025
- Update
libssl3for both non-FIPS and FIPS to remediate CVE-2024-13176
May 5, 2025
The 2.17.2 stable point release addresses CVE-2025-43915 and includes additional dependency upgrades.
May 5, 2025
The 2.16.5 stable point release addresses CVE-2025-43915 and includes additional dependency upgrades.
enterprise-2.15.7-9
hotpatchMay 1, 2025
- Bump golang.org/x/net to
0.39.0to remediate - Bump helm.sh/helm/v3 to
v3.17.3remediate - Bump Go to
1.24.2to remediate
April 28, 2025
Linkerd 2.18 is a new major release that adds GitOps-compatible multicluster linking, improved support for the Gateway API, protocol declarations, and a host of other features and bugfixes.
enterprise-2.17.1-5
hotpatchMarch 24, 2025
- Update
jwtto remediate GHSA-mh63-6h87-95cp - Update
containerdto remediate GHSA-265r-hfxg-fhmg - Update
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Update
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.16.4-5
hotpatchMarch 24, 2025
- Updated
jwtto remediate GHSA-mh63-6h87-95cp - Updated
containerdto remediate GHSA-265r-hfxg-fhmg - Updated
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Updated
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.15.7-8
hotpatchMarch 24, 2025
- Updated
jwtto remediate GHSA-mh63-6h87-95cp - Updated
containerdto remediate GHSA-265r-hfxg-fhmg - Updated
libc6inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate CVE-2025-0395 - Updated
golang.org/xdeps for GHSA-qxp5-gwg8-xv66
enterprise-2.17.1-4
hotpatchMarch 7, 2025
- Update
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate - Update Go to 1.24.1
- Fixed
linkerd jaeger installCLI command outputting an invalid webhook image name
enterprise-2.16.4-4
hotpatchMarch 7, 2025
- Updated
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate - Updated Go to 1.24.1
- Fixed
linkerd jaeger installCLI command outputting an invalid webhook image name
enterprise-2.15.7-7
hotpatchMarch 7, 2025
- Updated
opensslto 3.1.8 inextension-initandpolicy-controllerFIPS images to remediate - Updated Go to 1.24.1
enterprise-2.17.1-3
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.16.4-3
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.15.7-6
hotpatchFebruary 25, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2025-26519
enterprise-2.17.1-2
hotpatchFebruary 12, 2025
- Update Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.16.4-2
hotpatchFebruary 12, 2025
- Updated Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.15.7-5
hotpatchFebruary 12, 2025
- Updated Go to 1.23.6 to remediate CVE-2025-22866
enterprise-2.17.1-1
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.16.4-1
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.15.7-4
hotpatchFebruary 9, 2025
- Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate CVE-2024-13176
enterprise-2.15.7-3
hotpatchFebruary 6, 2025
- Updated Go to 1.23.5 to remediate
February 4, 2025
The 2.17.1 stable point release includes bugfixes and minor improvements.
February 4, 2025
The 2.16.4 stable point release includes bugfixes and minor improvements.
enterprise-2.17.0-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.16.3-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.15.7-2
hotpatchDecember 23, 2024
- Update Go net dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-w32m-9786-jp63
enterprise-2.17.0-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
enterprise-2.16.3-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
enterprise-2.15.7-1
hotpatchDecember 13, 2024
- Update Go crypto dependency in
controllerfor both non-FIPS and FIPS to remediate GHSA-v778-237x-gjrc - Update Go from 1.23.2 to 1.23.4
December 11, 2024
The 2.16.3 stable point release includes bugfixes and minor improvements.
December 11, 2024
The 2.15.7 stable point release includes bugfixes and minor improvements.
December 5, 2024
Linkerd 2.17 is a new major release that adds rate limiting, federated services, and monitoring and control of egress traffic from the cluster. See our Linkerd 2.17 announcement blog post for more details.
enterprise-2.16.2-1
hotpatchNovember 13, 2024
- Update
libssl3inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate - Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate
enterprise-2.15.6-1
hotpatchNovember 13, 2024
- Update
libssl3inextension-initandpolicy-controllerfor FIPS, and inproxyfor both non-FIPS and FIPS to remediate - Update
libcrypto3andlibssl3inproxy-initfor both non-FIPS and FIPS to remediate
November 4, 2024
The 2.16.2 stable point release includes bugfixes and minor improvements.
October 14, 2024
The 2.16.1 stable point release includes bugfixes and minor improvements.
October 14, 2024
The 2.15.6 stable point release includes bugfixes and minor improvements.
August 13, 2024
Linkerd 2.16 is a new major release that adds new retry, timeout, and per-route metrics to HTTPRoute and GRPCRoute types, bringing Linkerd’s Gateway API implementation to feature parity with ServiceProfiles and addressing some long-standing wrinkles with these features. Linkerd 2.16 also adds support for IPv6 and introduces an audit mode for Linkerd’s zero trust network policies.
enterprise-2.15.5-2
hotpatchJuly 30, 2024
- Updated Go docker dependency to remediate CVE-2024-41110
enterprise-2.15.5-1
hotpatchJuly 24, 2024
- Updated Go Kubernetes dependencies to remediate CVE-2024-5321
- Updated Rust openssl dependency to remediate GHSA-q445-7m23-qrmw
- Updated proxy-init base image to remediate CVE-2024-5535
July 11, 2024
The 2.15.5 stable point release includes a variety of bug fixes and proxy configuration features, including a fix for CVE-2024-40632.
enterprise-2.15.4-1
hotpatchJuly 8, 2024
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2023-5678
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2023-6129
- Updated extension-init, policy-controller, and proxy base images to remediate CVE-2024-0727
June 12, 2024
The 2.15.4 stable point release includes a variety of bug fixes and some minor diagnostic and configuration features.
May 20, 2024
The 2.15.3 stable point release includes a variety of bug fixes, usability improvements, and new diagnostic and configuration features. It also adjusts the default configuration of the HAZL load balancer to be more aggressive in shifting load to other zones.
enterprise-2.15.2-3
hotpatchMay 3, 2024
- Updated proxy base image to remediate CVE-2024-2961
enterprise-2.15.2-2
hotpatchMay 2, 2024
- Updated proxy build base image to remediate CVE-2024-2961
enterprise-2.15.2-1
hotpatchApril 22, 2024
- Updated Rust rustls dependency to remediate CVE-2024-32650
April 5, 2024
The 2.15.2 stable point release includes bug fixes, CVE remediations, and some minor feature updates. It merges HAZL into the main proxy build (previous releases required a separate build), improves certain metrics, and fixes a memory leak in the policy controller.
enterprise-2.15.1-3
hotpatchMarch 20, 2024
- Updated Go docker dependency to remediate CVE-2024-24557
- Updated Go helm dependency to remediate CVE-2019-25210
enterprise-2.15.1-2
hotpatchMarch 7, 2024
- Updated google.golang.org/protobuf dependency to remediate CVE-2024-24786
- Updated Go to 1.22.1
enterprise-2.15.1-1
hotpatchMarch 4, 2024
- Updated Rust mio dependency to remediate CVE-2024-27308
February 23, 2024
This is a minor update that is primarily intended to assist Enterprise Plan users who are enabling HAZL.
February 21, 2024
Linkerd 2.15 is a new major release that adds support for workloads outside of Kubernetes. This new “mesh expansion” feature allows Linkerd users to bring applications running on VMs, physical machines, and other non-Kubernetes locations into the mesh.