Log Message:
Update sysutils/consul to 1.0.0

SECURITY:

- Fixed an XSS issue with Consul's built-in web UI where node names
  were not being properly escaped.

BREAKING CHANGES:

- Raft Protocol Now Defaults to 3
- Config Files Require an Extension
- Deprecated Options Have Been Removed
- `statsite_prefix` Renamed to `metrics_prefix`
- `advertise_addrs` Removed
- Escaping Behavior Changed for go-discover Configs
- HTTP Verbs are Enforced in Many HTTP APIs
- Unauthorized KV Requests Return 403
- Config Section of Agent Self Endpoint has Changed
- Deprecated `configtest` Command Removed
- Undocumented Flags in `validate` Command Removed
- Metric Names Updated
- Checks Validated On Agent Startup

FEATURES:

- Support for HCL Config Files
- Support for Binding to Multiple Addresses
- Support for RFC1434 DNS TXT records
- Support for Running Subproccesses Directly Without a Shell
- Sentinel Integration

IMPROVEMENTS:

- agent: Added support to detect public IPv4 and IPv6 addresses on
  AWS.
- agent: Improved /v1/operator/raft/configuration endpoint which
  allows Consul to avoid an extra agent RPC call for the `consul
  operator raft list-peers` command.
- agent: Improved ACL system for the KV store to support list
  permissions. This behavior can be opted in. For more information,
  see the ACL Guide].
- agent: Updates miekg/dns library to later version to pick up bug
  fixes and improvements.
- agent: Added automatic retries to the RPC path, and a brief RPC
  drain time when servers leave. These changes make Consul more robust
  during graceful leaves of Consul servers, such as during upgrades, and
  help shield applications from "no leader" errors. These are configured
  with new `performance` options.
- agent: Added a new `discard_check_output` agent-level configuration
  option that can be used to trade off write load to the Consul
  servers vs. visibility of health check output. This is reloadable so
  it can be toggled without fully restarting the agent.
- api: Updated the API client to ride out network errors when
  monitoring locks and semaphores.
- build: Updated Go toolchain to version 1.9.1.
- cli: `consul lock` and `consul watch` commands will forward `TERM`
  and `KILL` signals to their child subprocess.
- cli: Added support for autocompletion].
- server: Updated BoltDB to final version 1.3.1.
- server: Improved dead member reap algorithm to fix edge cases where
  servers could get left behind.

BUG FIXES:

- agent: Fixed an issue where disabling both the http and https
  interfaces would cause a watch-related error on agent startup, even
  when no watches were defined.
- agent: Added an additional step to kill health check scripts that
  timeout on all platforms except Windows, and added a wait so that
  it's not possible to run multiple instances of the same health check
  script at the same time.
- cli: If the `consul operator raft list-peers` command encounters an
  error it will now exit with a non-zero exit code.
- cli: CLI commands will now show help for all of their arguments.
- server: Fixed an issue where the leader server could get into a
  state where it was no longer performing the periodic leader loop
  duties and unable to serve consistent reads after a barrier timeout
  error.

Full (unabridged) changelog:

  https://github.com/hashicorp/consul/blob/v1.0.0/CHANGELOG.md