Emissary-Ingress - v2.3.1

Security

:tada: Emissary Ingress 2.3.1 :tada:

Emissary Ingress is an open source, Kubernetes-native microservices API gateway built on the Envoy Proxy.

Upgrade Emissary - https://www.getambassador.io/reference/upgrading.html
View changelog - https://github.com/emissary-ingress/emissary/blob/v2.3.1/CHANGELOG.md
Get started with Emissary on Kubernetes - https://www.getambassador.io/user-guide/getting-started

  • Bugfix: A regression was introduced in 2.3.0 that leaked zipkin default config fields into the
    configuration for the other drivers (lightstep, etc...). This caused Emissary-ingress to crash on
    startup. This issue has been resolved to ensure that the defaults are only applied when driver is
    zipkin (#4267)

  • Security: We have backported patches from the Envoy 1.19.5 security update to Emissary-ingress's
    1.17-based Envoy, addressing CVE-2022-29224 and CVE-2022-29225. Emissary-ingress is not affected
    by CVE-2022-29226, CVE-2022-29227, or CVE-2022-29228; as it does not support internal
    redirects
    , and does not use Envoy's built-in OAuth2 filter.


Details

date
June 10, 2022, 5:23 p.m.
name
Emissary Ingress 2.3.1
type
Patch
👇
Register or login to:
  • 🔍View and search all Emissary-Ingress releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or