Security2.10.6
v2.10.6
Security release with multiple upstream dependency patches for Thrift, Go crypto, and networking libraries, plus Go 1.26.3 build upgrade. Breaking change: OpenCensus receiver support dropped. Prometheus and OpenTelemetry Collector dependencies updated.
🔒 Security 🔒
deps: Update github.com/apache/thrift to v0.23.0 to pick up upstream security fixes. (#7120) (@renovate)deps: Update golang.org/x/crypto to v0.52.0 to pick up upstream security fixes. (#7262) (@renovate)deps: Update golang.org/x/net to v0.55.0 to pick up upstream security fixes. (#7129, #7263) (@renovate)deps: Build Tempo with Go 1.26.3, which includes upstream security and bug fixes. (#7422) (@ie-pham)
🛑 Breaking changes 🛑
🔧 Changes 🔧
securitydependenciesbreakingopentelemetry
Source: original entry ↗