Linkerd - edge-23.9.2
Security
edge-29.9.2
This edge release updates the proxy's dependency on the webpki
library to
patch security vulnerability RUSTSEC-2023-0052 (GHSA-8qv2-5vq6-g2g7), a
potential CPU usage denial-of-service attack when accepting a TLS handshake from
an untrusted peer with a maliciously-crafted certificate.
- Addressed security vulnerability RUSTSEC-2023-0052 in the proxy (#11361)
- Fixed
linkerd check --proxy
incorrectly checking the proxy version of pods
in thecompleted
state (thanks @mikutas!) (#11295; fixes #11280) - Removed unnecessary
linkerd.io/helm-release-version
annotation from the
linkerd-control-plane
Helm chart (thanks @mikutas!) (#11329; fixes
#10778)
Security
Security wording was detected, but no CVEs were found.
Details
date
Sept. 13, 2023, 9:24 p.m.
name
edge-23.9.2
type
Patch
👇
Register or login to:
- 🔍View and search all Linkerd releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!