Linkerd - edge-23.9.2

Security

edge-29.9.2

This edge release updates the proxy's dependency on the webpki library to
patch security vulnerability RUSTSEC-2023-0052 (GHSA-8qv2-5vq6-g2g7), a
potential CPU usage denial-of-service attack when accepting a TLS handshake from
an untrusted peer with a maliciously-crafted certificate.

  • Addressed security vulnerability RUSTSEC-2023-0052 in the proxy (#11361)
  • Fixed linkerd check --proxy incorrectly checking the proxy version of pods
    in the completed state (thanks @mikutas!) (#11295; fixes #11280)
  • Removed unnecessary linkerd.io/helm-release-version annotation from the
    linkerd-control-plane Helm chart (thanks @mikutas!) (#11329; fixes
    #10778)

Security

Security wording was detected, but no CVEs were found.

Details

date
Sept. 13, 2023, 9:24 p.m.
name
edge-23.9.2
type
Patch
official page
https://github.com/linkerd/linkerd2/releases/tag/edge-23.9.2
👇
Register or login to:
  • 🔍View and search all Linkerd releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or