Skip to content
CircleCI
View entire changelog

Server Release 4.9.3

Maintenance

Updates

  • Increased default RabbitMQ memory allocation to improve messaging reliability and prevent out-of-memory failures.
  • Updated Nomad server to version 1.11.3 for performance and stability improvements.
  • Enabled gRPC client-side load balancing.
  • Switched gRPC client paths to use headless Services.
  • Updated AWS AMIs with the latest security patches and updates.

Bug Fixes

  • Fixed presigned URL expiry issue in test results index to prevent premature link expiration when downloading previous test results.
  • Fixed nginx AWS ACM configuration.
  • Fixed soft-fail policy violation banners not displaying in Server UI by adding policy decision enrichment to pipeline handlers.
  • Fixed OIDC token minting panic.
  • Fixed Nomad client startup script failures.

CVE Fixes

  • CVE-2026-24051 in OpenTelemetry SDK was addressed.
  • CVE-2026-1229 in Cloudflare CIRCL library was addressed.
  • CVE-2025-64702 in quic-go library was addressed.
  • CVE-2025-47911 in golang.org/x/net was addressed.
  • CVE-2026-33186 in gRPC library was addressed
  • CVE-2026-39882 in OpenTelemetry OTLP HTTP exporter was addressed.
  • CVE-2026-39883 in OpenTelemetry SDK was addressed.
  • CVE-2026-27141 in golang.org/x/net was addressed.
  • CVE-2026-34986 in go-jose library was addressed.
  • CVE-2025-67721 in aircompressor library was addressed.

Configuration Changes

  • Added NOMAD_RPC_MAX_CONNS_PER_CLIENT configuration option to Helm values to control Nomad RPC connection limits and fix client rejection errors under load.
  • Exposed Nomad server CPU and memory resource limits and requests in Helm values for better resource control.

Component Updates

  • api-gateway
  • api-service
  • approval-job-provider-migrator
  • audit-log-service
  • authentication-svc
  • authentication-svc-migrator
  • branch-service
  • branch-service-migrator
  • builds-service
  • builds-service-migrator
  • ciam
  • ciam-gateway
  • circle-www-api
  • contexts-service
  • contexts-service-migrator
  • cron-service
  • cron-service-migrator
  • distributor
  • distributor-migrator
  • docker-provisioner
  • domain-service
  • domain-service-migrator
  • execution-gateway
  • insights-service
  • insights-service-migrator
  • lock-job-provider
  • machine-provisioner
  • machine-provisioner-migrator
  • no-op-job-provider
  • oidc-service
  • oidc-tasks-service
  • oidc-tasks-service-migrator
  • orb-service
  • orb-service-analytics-migrator
  • orb-service-migrator
  • output
  • permissions-service
  • permissions-service-migrator
  • picard
  • policy-service
  • public-api-service
  • runner-admin
  • runner-admin-migrator
  • server-postgres
  • server-rabbitmq
  • server-redis
  • step
  • web-ui
  • web-ui-server-admin
  • webhook-service
  • webhook-service-migrator
  • workflows-conductor
  • workflows-conductor-migrator

Known Issues

  • The Ubuntu images provided by CircleCI in AWS GovCloud have not been updated.
  • The Ubuntu images provided by CircleCI in GCP have not been updated.
Server

Previous changes

Slack integration is now in beta    

New feature

Ubuntu 22.04, 24.04, and 26.04 machine images updated    

New feature
Images