v1.13.2 fixes some CVE alerts and contains backports for:
1. a CertificateRequest runaway situation in case two Certificate resources point to the same Secret target resource
2. a small bug in the Helm chart (featuregates options)
3. a Venafi issuer bug
⚠️ READ https://github.com/cert-manager/cert-manager/releases/tag/v1.13.0 before you upgrade from a < v1.13 version!
Changes since v1.13.1
Bug or Regression
- Bump golang.org/x/net v0.15.0 => v0.17.0 as part of addressing CVE-2023-44487 / CVE-2023-39325 (#6432, @SgtCoDFish)
Other (Cleanup or Flake)
- Bump go to 1.20.10 to address CVE-2023-39325. Also bumps base images. (#6411, @SgtCoDFish)
- BUGFIX[helm]: Fix issue where webhook feature gates were only set if controller feature gates are set. (#6381, @jetstack-bot)
- Fix runaway bug caused by multiple Certificate resources that point to the same Secret resource. (#6425, @jetstack-bot)
- The Venafi issuer now properly resets the certificate and should no longer get stuck with
WebSDK CertRequest Module Requested Certificateor
This certificate cannot be processed while it is in an error state. Fix any errors, and then click Retry.. (#6402, @jetstack-bot)
- 🔍View and search all cert-manager releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!