The Juju team is proud to release Juju 3.6.23!

This is a point release to the stable 3.6 series of Juju.

Checkout the Juju 3.6.23 Release Notes

What's Changed

• chore: increment juju to 3.6.23 by @jujubot in #22415
• feat: add step to transition guide for storage pools by @jack-w-shaw in #22404
• feat: add agent md files by @wallyworld in #22431
• refactor: rename the storage update apis to be compatible with 4.0 by @wallyworld in #22434
• Revert "fix(ssh): disable PTY allocation when remote command is provided" by @SimonRichardson in #22035
• Revert "fix(ssh): disable PTY allocation when remote command is provided"" by @SimonRichardson in #22052
• docs: purge all html comments by @tmihoc in #22066
• feat(api/common/cloudcred): adds the api/common/cloudcred package that will be used by JIMM by @alesstimec in #21889
• refactor(cloudcred): removes the juju version from the generated file by @alesstimec in #22100
• chore: increment juju version to 3.6.21 by @wallyworld in #22098
• fix(upgrade-controller): improve error message for unsupported version upgrades by @iyiguncevik in #21986
• fix: correct operator status by @adisazhar123 in #22097
• feat: storage resize for k8s apps by @adisazhar123 in #21309
• feat: add support for root disk source in gce by @CodingCookieRookie in #22041
• chore: merge cve fix branch by @wallyworld in #22132
• feat: migration precheck to abort for unstabilized applications by @adisazhar123 in #22108
• fix(bundle): treat compare integral float values as ints by @raineszm in #22061
• test: fix cmr shell test failures by @wallyworld in #22177
• chore(deps): bump golang.org/x/net from 0.52.0 to 0.53.0 by @dependabot[bot] in #22204
• chore: merge private branch with CVE fixes by @wallyworld in #22205
• chore: merge private branch with CVE fixes by @wallyworld in #22206
• docs: fix typo in 2.9 release notes by @wallyworld in #22209
• 2.9 release notes typo by @wallyworld in #22210
• feat: handle proxy in retrieveCACert function by @kian99 in #22165
• chore(deps): security vulnerabilities by @iyiguncevik in #22211
• fix: add recent introduced azure fallback cloud regions by @CodingCookieRookie in #22216
• fix: migrate machine hostname by @adisazhar123 in #22207
• fix: k8s deployment issue with rootfs and tmpfs by @CodingCookieRookie in #22163
• chore: merge 2.9 into 3.6 + security vulnerabilities by @iyiguncevik in #22232
• feat: display and update application storage cmd interface by @CodingCookieRookie in #21241
• docs: update sphinx-llm to v0.4.0 with absolute URLs by @tmihoc in #22256
• feat: add support of '--file' for update-cloud by @Tony-WLB in #22191
• chore(deps): bump golang.org/x/mod from 0.34.0 to 0.35.0 by @dependabot[bot] in #22215
• fix: gracefully handle missing storage backing status by @adisazhar123 in #22159
• fix: exclude empty checksum from backup metadata json by @wallyworld in #22261
• fix: ensure create backup works after upgrade by @wallyworld in #22271
• fix(logsink,logsender): send proper WebSocket close codes and treat them as io.EOF by @xtrusia in #22065
• feat: inject default image repo during build by @jack-w-shaw in #22255
• fix: add a short model id to error messages by @jameinel in #22269
• fix: use stderr not tty in backup shell test by @wallyworld in #22286
• fix: grouping ports issue by @Deadinside101 in #22278
• test: backport test fixes for model metrics shell tests by @wallyworld in #22292
• feat(dqlite): update dqlite 1.18.6 by @SimonRichardson in #22289
• feat(dqlite): update dqlite 1.18.6 by @SimonRichardson in #22297
• 3.6 update release notes structure by @tmihoc in #22302
• Update 2.9 release notes support statement by @tmihoc in #22301
• docs: update landing pages by @tmihoc in #22173
• feat: mongo-client script by @nicolasbock in #22312
• fix: snap linker for JujudOCINamespace by @jack-w-shaw in #22320
• docs: set up multi-version sitemaps by @tmihoc in #22299
• fix: ensure controller app is exposed on upgrade by @wallyworld in #22313
• 2.9 into 3.6 by @jack-w-shaw in #22325
• docs: small fixes to hooks reference documentation by @astrojuanlu in #22318
• fix: disallow updating storage provider type by @adisazhar123 in #22287
• fix: add robust not found error handling in firewallers by @wallyworld in #22339
• Add script to change the juju-db snap channel by @nicolasbock in #21868
• fix: application-storage tabular output to use humanize size by @adisazhar123 in #22371
• test: make k8s secrets shell tests more robust by @wallyworld in #22378
• feat: k8s storage size update by @wallyworld in #22388
• feat: reuse secret access tokens if scope matches by @wallyworld in #22399

New Contributors

• @Tony-WLB made their first contribution in #22191
• @Deadinside101 made their first contribution in #22278
• @astrojuanlu made their first contribution in #22318

Full Changelog: v3.6.21...v3.6.23

The Juju team is proud to release Juju 2.9.59!

This is a point release to the stable 2.9 series of Juju.

Checkout the Juju 2.9.59 Release Notes

What's Changed

This issue is fixed in this release: #22356

There are no commits to the Juju code base - the issue was with the build pipeline and this release was done once the biuld pipeline itself was fixed.

Full Changelog: v2.9.58...v2.9.59

The Juju team is proud to release Juju 2.9.58!

This is a point release to the stable 2.9 series of Juju.

Checkout the Juju 2.9.58 Release Notes

What's Changed

• chore(deps): bump golang.org/x/net from 0.52.0 to 0.53.0 by @dependabot[bot] in #22204
• chore: merge private branch with CVE fixes by @wallyworld in #22205
• docs: fix typo in 2.9 release notes by @wallyworld in #22209
• chore(deps): security vulnerabilities by @iyiguncevik in #22211
• chore(deps): bump golang.org/x/mod from 0.34.0 to 0.35.0 by @dependabot[bot] in #22215
• fix: ensure create backup works after upgrade by @wallyworld in #22271
• feat: inject default image repo during build by @jack-w-shaw in #22255
• fix: use stderr not tty in backup shell test by @wallyworld in #22286
• test: backport test fixes for model metrics shell tests by @wallyworld in #22292
• Update 2.9 release notes support statement by @tmihoc in #22301
• fix: snap linker for JujudOCINamespace by @jack-w-shaw in #22320
• docs: set up multi-version sitemaps by @tmihoc in #22298

Full Changelog: v2.9.57...v2.9.58

The Juju team is proud to release Juju 3.6.21!

This is a point release to the stable 3.6 series of Juju.

Checkout the Juju 3.6.21 Release Notes

What's Changed

• chore: merge private branch with CVE fixes by @wallyworld in #22206

Full Changelog: v3.6.20...v3.6.21

The Juju team is proud to release Juju 2.9.57!

This is a point release to the stable 2.9 series of Juju.

Checkout the Juju 2.9.57 Release Notes

What's Changed

• chore: update deps as per dependabot by @wallyworld in #21980
• chore: merge juju private branch with cve fixes by @wallyworld in #22037
• chore: update juju/charm/v8 to v8.1.0 by @wallyworld in #22063
• chore(deps): bump golang.org/x/net from 0.52.0 to 0.53.0 by @dependabot[bot] in #22204
• chore: merge private branch with CVE fixes by @wallyworld in #22205

Full Changelog: v2.9.56...v2.9.57

The Juju team is proud to release Juju 4.0.5!

This is a point release to the stable 4.0 series of Juju.

Checkout the Juju 4.0.5 Release Notes

Full Changelog: v4.0.3...v4.0.5

The Juju team is proud to release Juju 3.6.20!

This is a point release to the stable 3.6 series of Juju.

Checkout the Juju 3.6.20 Release Notes

What's Changed

• chore: update deps as per dependabot by @wallyworld in #21980
• fix(k8s): filter invalid kubeconfig contexts from local clouds by @kooltuoehias in #21937
• docs: set up llms dot txt by @tmihoc in #22019
• chore: merge juju private branch with cve fixes by @wallyworld in #22037
• chore: merge private 3.6 branch by @wallyworld in #22040
• fix: panic when charm has no actions by @SimonRichardson in #22015
• feat: make context-tests trigger smoke tests by @jack-w-shaw in #22033
• docs: update llms implementation by @tmihoc in #22026

Full Changelog: v3.6.19...v3.6.20

The Juju team is proud to release Juju 3.6.19!

This is a point release to the stable 3.6 series of Juju containing security fixes.

Mongo Bleed

• fix: CVE-2025-14847
• fix: mongodb accepts unauthenticated connection GHSA-9j5v-49f8-cpp8

Other CVEs

• fix: CVE-2026-32691
• fix: CVE-2026-32692
• fix: CVE-2026-32694
• fix: CVE-2026-32693

Checkout the Juju 3.6.19 Release Notes

Other Changes

• fix(ssh): force PTY allocation for debug-hooks and debug-code by @marceloneppel in #21992

Full Changelog: v3.6.14...v3.6.19

The Juju team is proud to release Juju 2.9.56!

This is a point release to the stable 2.9 series of Juju.

Checkout the Juju 2.9.56 Release Notes

Mongo Bleed

• fix: CVE-2025-14847
• fix: mongodb accepts unauthenticated connection GHSA-9j5v-49f8-cpp8

Other CVEs

• fix: CVE-2025-68152
• fix: CVE-2025-68153

Full Changelog: v2.9.53...v2.9.56

The Juju team is proud to release Juju 4.0.3!

This is a point release to the stable 4.0 series of Juju.

Checkout the Juju 4.0.3 Release Notes

What's Changed

• fix(domain): enforce UTC for database timestamp fields by @gfouillet in #21773
• feat: add some domain knowledge for agents by @manadart in #21800
• chore: update SQLair dependency by @manadart in #21814
• fix: sort before compact by @tlm in #21817
• chore: increment juju to 4.0.3 by @jujubot in #21810
• fix(offers): show correct list of users in show-offer command by @iyiguncevik in #21806
• refactor: remove model export code by @SimonRichardson in #21826
• feat: merging duplicate remote applications by @SimonRichardson in #21785
• chore: merge 3.6 - 4.0 by @wallyworld in #21795
• refactor(operation): use static SQL for GetOperations query by @nvinuesa in #21827
• feat: drop PVC filtering by storage unique ID in favor of querying the database. by @adisazhar123 in #21726
• feat(storage): import filesystem attachments for IAAS during model migration by @jack-w-shaw in #21835
• feat: add transition information for storage and offers by @manadart in #21832
• fix: relation unit watcher for remote app with no units by @manadart in #21836
• feat: import storage volumes by @hmlanigan in #21787
• fix: nil pointer panics during caas migration by @hmlanigan in #21842
• fix: ensure we watch all relation units by @SimonRichardson in #21828
• chore(move): move internal/macaroon to api/macaroon by @SimoneDutto in #21854
• fix(removal): clean up FK references on app, unit, and relation delete by @nvinuesa in #21813
• fix: import offerers applications and relations by @SimonRichardson in #21840
• fix: prevent spin-lock in object store scoped context by @manadart in #21857
• feat: handle firewaller duplicate changes by @SimonRichardson in #21859
• fix: close all file object store readers by @manadart in #21861
• chore(move): move internal/cmd to cmd/cmd by @SimoneDutto in #21863
• feat: update storage directives during setcharm call useroverride and state by @CodingCookieRookie in #21742
• chore(move): move internal/rpcreflect to rpc/rpcreflect by @SimoneDutto in #21871
• fix(remoterelationconsumer): clean up orphaned offer_connection when local relation is removed during registration by @nvinuesa in #21802
• fix: only delete unreferenced objects from store by @manadart in #21870
• feat: import storage attachments alongside storage instances by @jack-w-shaw in #21846
• fix: prevent getting empty resources by @SimonRichardson in #21864
• feat: storage list client by @hpidcock in #21615
• fix: retries and not found errors in the remote objectstore by @SimonRichardson in #21874

Full Changelog: v4.0.2...v4.0.3