Skip to content

[DOC] [release-v2.8] Release notes for v2.8.3 and CHANGELOG #6247

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ie-pham merged 4 commits into from
Jan 20, 2026
Merged

[DOC] [release-v2.8] Release notes for v2.8.3 and CHANGELOG #6247

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2c7d5d8
Release notes and changelog for 2.8.3
knylander-grafana Jan 17, 2026
cd8dca5
Apply suggestions from code review
knylander-grafana Jan 20, 2026
bdc0aa6
Update CHANGELOG.md
knylander-grafana Jan 20, 2026
dc11ec3
Update CHANGELOG.md
knylander-grafana Jan 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,14 @@
## main / unreleased

# v2.8.3

* [CHANGE] Upgrade Tempo to Go 1.25.5 [#6096](https://github.com/grafana/tempo/pull/6096) [#6089](https://github.com/grafana/tempo/pull/6089) (@joe-elliott)
* [CHANGE] Upgrade github.com/expr-lang/expr to v1.17.7 to fix CVE-2025-68156 (denial-of-service via unbounded recursion). [#6092](https://github.com/grafana/tempo/pull/6092)
* [BUGFIX] Deadlock on invalid query to api/v2/search/tags (SearchTagsV2) [#5607](https://github.com/grafana/tempo/pull/5607) (@ruslan-mikhailov)
* [BUGFIX] Fix Tempo configuration options that were always overridden by runtime overrides. [#5202](https://github.com/grafana/tempo/pull/5202) (@KyriosGN0)
* [BUGFIX] Fix trace idle period in ingesters to be correctly applied. Add max live trace period to limit how long traces remain in memory. [#5346](https://github.com/grafana/tempo/pull/5346) (@joe-elliott)
* [BUGFIX] Return 400 Bad Request instead of 500 when an invalid tag name is provided to the SearchTagValuesV2 endpoint. [#5493](https://github.com/grafana/tempo/pull/5493) (@carles-grafana)
* [BUGFIX] Fix panic in query_range http handling that could be triggered by cancellations or other errors [#5667](https://github.com/grafana/tempo/pull/5667) (@mdisibio)

# v2.8.2

Expand Down
17 changes: 15 additions & 2 deletions docs/sources/tempo/release-notes/v2-8.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,12 @@ In addition, these Tempo serverless related metrics have been removed: `tempo_qu

## Security fixes

The following updates were made to address security issues:
The following updates were made to address security issues.

### 2.8.3

- Updated Go to version 1.25.5 to address [CVE-2025-61729](https://github.com/advisories/GHSA-7c64-f9jr-v9h2), [CVE-2025-47907](https://github.com/advisories/GHSA-j5pm-7495-qmr3), [CVE-2025-58183](https://github.com/advisories/GHSA-9gcr-gp5f-jw27), and [CVE-2025-61727](https://github.com/advisories/GHSA-5mh9-3jwc-rp59). [[PRs 6089](https://github.com/grafana/tempo/pull/6089), [6096](https://github.com/grafana/tempo/pull/6096), [6227](https://github.com/grafana/tempo/pull/6227)]
- Updated `github.com/expr-lang/expr` to v1.17.7 to address [CVE-2025-68156](https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6). [[PRs 6230](https://github.com/grafana/tempo/pull/6230), [6092](https://github.com/grafana/tempo/pull/6092)]

### 2.8.2

Expand All @@ -246,10 +251,18 @@ The following updates were made to address security issues:
- Used distroless base container images for improved security. ([PR 4556](https://github.com/grafana/tempo/pull/4556))
- Updated to go 1.24.3. ([PR 5110](https://github.com/grafana/tempo/pull/5110))

## Bugfixes
## Bug fixes

For a complete list, refer to the [Tempo CHANGELOG](https://github.com/grafana/tempo/releases).

### 2.8.3

- Fixed deadlock on invalid query to `api/v2/search/tags` (SearchTagsV2). [[PRs 5607](https://github.com/grafana/tempo/pull/5607), [6228](https://github.com/grafana/tempo/pull/6228)]
- Fixed panic in `query_range` HTTP handling that could be triggered by cancellations or other errors. [[PRs 5667](https://github.com/grafana/tempo/pull/5667), [6229](https://github.com/grafana/tempo/pull/6229)]
- Fixed configuration options that were always overridden by runtime overrides, preventing users from setting certain options without using the overrides configuration. [[PR 5202](https://github.com/grafana/tempo/pull/5202)]
- Fixed trace idle period in ingesters, which was not being correctly applied. Added a max live trace period (default 30s) to prevent very large traces from being held in memory indefinitely when spans are drip-fed over time. [[PR 5346](https://github.com/grafana/tempo/pull/5346)]
- Fixed the `SearchTagValuesV2` endpoint to return 400 Bad Request instead of 500 Internal Server Error when an invalid tag name is provided. [[PR 5493](https://github.com/grafana/tempo/pull/5493)]

### 2.8.2

- Added a nil check to `partitionAssignmentVar`. [[PR 5198](https://github.com/grafana/tempo/pull/5198)]
Expand Down
Loading