Release notes

Itential Automation Gateway changelog

Subscribe to our RSS Feed or by email to receive automatic notifications when new releases are published. Get notified when we ship new features and improvements.
April 3, 2026

Gateway Manager 1.0.8

Gateway Manager 1.0.8 is a maintenance release containing quality improvements to Gateway Manager’s functionality and security updates.

FeatureDescription
Cluster ID dropdown for Automation Studio tasks (ENG-21261)The clusterId field in the sendConfig and sendCommand tasks in Studio has been changed from a freeform text field to a dropdown selector.
Version-based inventory population (ENG-20228)Implemented version-based inventory population.
IssueDescription
Updated axios to resolve Snyk vulnerability (ENG-22097)Bumped axios from version 1.13.4 to 1.13.5 to resolve a Snyk-reported vulnerability.
March 24, 2026

IAG 5.3.2

IAG 5.3.2 is a maintenance release containing bug fixes and security updates.

IssueDescription
Proxy settings not applied to Gateway Manager connectivity check (ENG-21908)Fixed an issue where the websocket connection to Gateway Manager was not being established through the proxy server because the initial connectivity check was not using the configured proxy settings.
Command quoting issues on send command task (ENG-21778)Fixed an issue that was causing quoting errors with certain commands executed via the sendCommand task.
IssueDescription
Updated golang gRPC package (ENG-21910)Resolved a high-severity security vulnerability (CVE-2026-33186) in the google.golang.org/grpc package.
March 6, 2026

Gateway Manager 1.0.7

Gateway Manager 1.0.7 is a maintenance release that includes security hardening and access control improvements for Gateway Manager. Key updates include resolution of multiple security vulnerabilities including ReDoS, prototype pollution, XSS, and algorithmic complexity issues. This release also enhances user access filtering for groups and tags, and fixes certificate management functionality in the UI.

FeatureDescription
Access control filtering (ENG-18514)Enhanced filtering to ensure viewable groups and tags are filtered by user access permissions.
Inventory table layout (ENG-19144)Fixed extra width issue on the Inventories table during layout updates.
FeatureDescription
Cross-site scripting (XSS) vulnerabilities (ENG-18232, ENG-18235)Resolved cross-site scripting (XSS) vulnerabilities.
Prototype pollution vulnerabilities (ENG-19178, ENG-19181, ENG-19182)Addressed prototype pollution vulnerabilities in dependencies.
Regular expression denial of service (ReDoS) vulnerabilities (ENG-19396, ENG-19401, ENG-19550, ENG-19551, ENG-19628)Fixed regular expression denial of service (ReDoS) vulnerabilities in multiple dependencies.
Inefficient algorithmic complexity (ENG-20186, ENG-20189, ENG-20190)Resolved inefficient algorithmic complexity issues in dependencies.
FeatureDescription
Certificate management buttons (ENG-14972)Fixed Certificate View/Delete buttons on the Gateway details view to function properly.
March 6, 2026

IAG 5.3.1

IAG 5.3.1 is a maintenance release containing enhancements, bug fixes, and security updates.

FeatureDescription
mTLS support via explicit web proxy (ENG-18944)Added support for routing connections to Gateway Manager through HTTP/HTTPS proxy server. For more information, see Configure proxy for Gateway Manager connections.
FeatureDescription
Secret description field (ENG-19078)Fixed an issue where the --description flag when creating a secret in torero was silently ignored, ensuring descriptions are now properly saved and displayed.
iagctl flag parsing with equals signs (ENG-19249)Fixed iagctl parsing issue where --set flag values containing equals signs (=) were incorrectly parsed, preventing users from passing key-value pairs with = in the value.
FeatureDescription
High-severity CVE resolutions (ENG-18049)Resolved three high-severity security vulnerabilities (CVE-2025-8959, CVE-2025-22868, CVE-2023-46402) affecting the tofu and iagctl binaries, addressing symlink attack, memory exhaustion, and ReDoS risks.
Go-Git security vulnerability (ENG-19325)Resolved go-git security vulnerability.
January 23, 2026

Gateway Manager 1.0.5

Gateway Manager 1.0.5 is a maintenance release that includes performance improvements and enhanced reliability for Gateway Manager. Key updates include optimized Inventory Manager query performance, improved error handling for Redis operations, and validation checks to prevent duplicate gateway connections. This release also includes UI improvements for better usability in development and production environments.

FeatureDescription
Gateway connection validation (ENG-13928)Added validation checks to prevent gateway connections with duplicate cluster_ids, ensuring only one gateway per cluster_id can be connected.
Redis error handling (ENG-14473)Improved error handling for Redis nodes being swapped in READONLY mode.
Local development mode warning (ENG-17308)Added a warning notification when the UI has been built for local development mode.
Broker service icons (ENG-18168)Added icon support for broker services.
Inventory Manager query performance (ENG-18985)Implemented performance improvements for Inventory Manager queries.
FeatureDescription
Service groups dropdown scrolling (ENG-15578)Fixed dropdown menu scrolling issue for service groups when the menu contains overflowed elements.
January 23, 2026

IAG 5.3.0

IAG 5.3.0 is a minor release that introduces support for Inventory Manager integration and HTTP basic authentication for Git repositories.

FeatureDescription
Inventory data ingestion via stdin (ENG-17017)Added capability for IAG to ingest inventory data via standard input (stdin), providing a new method for importing and managing device inventory information. This enhancement supports the Inventory Manager core functionality and enables more flexible inventory data workflows. For more information, see Inventory Manager.
HTTP basic authentication for Git clone and service execution (ENG-15494)Added HTTP basic authentication support for Git clone operations and service execution. This feature enables IAG to clone repositories from Git over HTTP using credentials, expanding options for secure Git integration and automated playbook deployment. Fore more information, see Configure access to private repositories.
November 6, 2025

IAG 5.2.1

IAG 5.2.1 is a maintenance release containing security updates.

FeatureDescription
go-git go-crypto dependency vulnerability (ENG-16161)Resolved a high-severity vulnerability in go-git by updating the go-crypto dependency version.
spf13/viper log handling vulnerability (ENG-16162)Updated the spf13/viper dependency to address a medium-severity improper output neutralization vulnerability in log handling.
openssl/libcrypto3 vulnerabilities (ENG-16163)Fixed three low-severity vulnerabilities in openssl/libcrypto3.
expat/libexpat vulnerability (ENG-16164)Fixed a low-severity vulnerability in expat/libexpat.
curl/libcurl vulnerabilities (ENG-16165)Fixed two low-severity vulnerabilities in curl/libcurl.
October 6, 2025

IAG 5.2.0

IAG 5.2.0 is a minor release that includes support to securely inject sensitive information into services and security updates. /

FeatureDescription
Inject secrets into services (ENG-13737)Added support for injecting secrets into services. For more information, see Inject secrets into services.
FeatureDescription
Path traversal security vulnerability (ENG-13805)Resolved a potential path traversal security vulnerability detected by Snyk’s code analysis.
September 5, 2025

Gateway Manager 1.0.3

Gateway Manager 1.0.3 is a maintenance release containing quality improvements to Gateway Manager’s functionality and bug fixes.

FeatureDescription
Duplicate gateway connection prevention on cluster ID collision (ENG-13928)Added validation to prevent duplicate gateway connections when cluster IDs collide due to misconfiguration.
FeatureDescription
RPM deployment Nexus repository path URL encoding (ENG-14393)Fixed RPM deployment targeting an incorrect Nexus repository path due to URL encoding issues.
September 5, 2025

Gateway Manager 1.0.4

Gateway Manager 1.0.4 is a maintenance release containing quality improvements to Gateway Manager’s functionality.

FeatureDescription
Redis node swap error handling (ENG-14473)Gateway Manager now cleanly handles errors related to Redis nodes being swapped.