Refreshed GovCloud AMIs to use the latest base images for improved security and stability. These AMIs address the Copy Fail Vulnerability.
CVE Fixes
CVE-2026-33814 in golang.org/x/net was addressed in distributor, output services.
CVE-2026-39882 in OpenTelemetry OTLP HTTP exporters was addressed in docker-provisioner service.
May 2026 CVEs in nginx unprivileged container were addressed by updating the default nginx image to 1.30.1.
Configuration Changes
Added new Helm value for configuring builds-service JVM heap size. Operators can now tune memory allocation for the builds-service to match their infrastructure requirements.