Overview All releases

Version History

edge-24.4.5 edge-24.4.4 edge-24.4.3 edge-24.4.2 edge-24.4.1 edge-24.3.5 edge-24.3.4 edge-24.3.3 edge-24.3.2 edge-24.3.1 edge-24.2.5 edge-24.2.4 edge-24.2.3 edge-24.2.2 edge-24.2.1 edge-24.1.3 edge-24.1.2 edge-24.1.1

edge-23.12.4 edge-23.12.3 edge-23.12.2 edge-23.12.1 edge-23.11.4 edge-23.11.3 edge-23.11.2 edge-23.11.1 edge-23.10.4 edge-23.10.3 edge-23.10.2 edge-23.10.1 edge-23.9.4 edge-23.9.3 edge-23.9.2 edge-23.9.1 edge-23.8.3 edge-23.8.2 edge-23.8.1 edge-23.7.3 edge-23.7.2 edge-23.7.1 edge-23.6.3 edge-23.6.2 edge-23.6.1 edge-23.5.3 edge-23.5.2 edge-23.5.1 edge-23.4.3 edge-23.4.2 edge-23.4.1 edge-23.3.4 edge-23.3.3 edge-23.3.2 edge-23.3.1 edge-23.2.3 edge-23.2.2 edge-23.2.1 edge-23.1.2 edge-23.1.1

edge-22.12.1 edge-22.11.3 edge-22.11.2 edge-22.11.1 edge-22.10.3 edge-22.10.2 edge-22.10.1 edge-22.9.2 edge-22.9.1 edge-22.8.3 edge-22.8.2 edge-22.8.1 edge-22.7.3 edge-22.7.2 edge-22.7.1 edge-22.6.2 edge-22.6.1 edge-22.5.3 edge-22.5.2 edge-22.5.1 edge-22.4.1 edge-22.3.5 edge-22.3.4 edge-22.3.3 edge-22.3.2 edge-22.3.1 edge-22.2.4 edge-22.2.3 edge-22.2.2 edge-22.2.1 edge-22.1.5 edge-22.1.4 edge-22.1.3 edge-22.1.2 edge-22.1.1

edge-21.12.4

edge-21.12.3

edge-21.12.2

edge-21.12.1

edge-21.11.4

edge-21.11.3

edge-21.11.2

edge-21.11.1

edge-21.10.3

edge-21.10.2

edge-21.10.1

edge-21.9.5

edge-21.9.4

edge-21.9.3

edge-21.9.2

edge-21.9.1

edge-21.8.4

edge-21.8.3

edge-21.8.2

edge-21.8.1

edge-21.7.5

edge-21.7.4

edge-21.7.3

edge-21.7.2

edge-21.7.1

edge-21.6.5

edge-21.6.3

edge-21.6.2

edge-21.6.1

edge-21.5.3

edge-21.5.2

edge-21.5.1

edge-21.4.5

edge-21.4.4

edge-21.4.3

edge-21.4.2

edge-21.4.1

edge-21.3.4

edge-21.3.3

edge-21.3.2

edge-21.3.1

edge-21.2.4

edge-21.2.3

edge-21.2.2

edge-21.2.1

edge-21.1.4

edge-21.1.3

edge-21.1.2

edge-21.1.1

edge-20.12.4

edge-20.12.3

edge-20.12.1

edge-20.11.5

edge-20.11.4

edge-20.11.3

edge-20.11.2

edge-20.11.1

edge-20.10.6

edge-20.10.5

edge-20.10.4

edge-20.10.3

edge-20.10.2

edge-20.10.1

edge-20.9.4

edge-20.9.3

edge-20.9.2

edge-20.9.1

edge-20.8.4

edge-20.8.3

edge-20.8.2

edge-20.8.1

edge-20.7.5

edge-20.7.4

edge-20.7.3

edge-20.7.2

edge-20.7.1

edge-20.6.4

edge-20.6.3

edge-20.6.2

edge-20.6.1

edge-20.5.5

edge-20.5.4

edge-20.5.3

edge-20.5.2

edge-20.5.1

edge-20.4.5

edge-20.4.4

edge-20.4.3

edge-20.4.2

edge-20.4.1

edge-20.3.4

edge-20.3.3

edge-20.3.2

edge-20.3.1

edge-20.2.3

edge-20.2.2

edge-20.2.1

edge-20.1.4

edge-20.1.3

edge-20.1.2

edge-20.1.1

edge-19.12.3

edge-19.12.2

edge-19.12.1

edge-19.11.3

edge-19.11.2

edge-19.11.1

edge-19.10.5

edge-19.10.4

edge-19.10.3

edge-19.10.2

edge-19.10.1

edge-19.9.5

edge-19.9.4

edge-19.9.3

edge-19.9.2

edge-19.9.1

edge-19.8.7

edge-19.8.6

edge-19.8.5

edge-19.8.4

edge-19.8.3

edge-19.8.2

edge-19.8.1

edge-19.7.5

edge-19.7.4

edge-19.7.3

edge-19.7.2

edge-19.7.1

edge-19.6.4

edge-19.6.3

edge-19.6.2

edge-19.6.1

edge-19.5.4

edge-19.5.3

edge-19.5.2

edge-19.5.1

edge-19.4.5

edge-19.4.4

edge-19.4.3

edge-19.4.2

edge-19.4.1

edge-19.3.3

edge-19.3.2

edge-19.3.1

edge-19.2.5

edge-19.2.4

edge-19.2.3

edge-19.2.2

edge-19.2.1

edge-19.1.4

edge-19.1.3

edge-19.1.2

edge-19.1.1

edge-18.12.4

edge-18.12.3

edge-18.12.2

edge-18.12.1

edge-18.11.3

edge-18.11.2

edge-18.11.1

edge-18.10.4

edge-18.10.3

edge-18.10.2

edge-18.10.1

edge-18.9.3

edge-18.9.2

v18.9.1

v18.8.4

v18.8.3

v18.8.2

v18.8.1

v18.7.3

v18.7.2

v18.7.1

stable-2.14.10 stable-2.14.9 stable-2.14.8 stable-2.14.7 stable-2.14.6 stable-2.14.5 stable-2.14.4 stable-2.14.3 stable-2.14.2

stable-2.14.1

stable-2.14.0 stable-2.13.7 stable-2.13.6 stable-2.13.5 stable-2.13.4 stable-2.13.3 stable-2.13.2 stable-2.13.1 stable-2.13.0 stable-2.12.6 stable-2.12.5 stable-2.12.4 stable-2.12.3 stable-2.12.2 stable-2.12.1 stable-2.12.0

stable-2.12.0-rc2

stable-2.11.5 stable-2.11.4 stable-2.11.3 stable-2.11.2

stable-2.11.1

stable-2.11.0

stable-2.10.2

stable-2.10.1

stable-2.10.0

stable-2.9.5

stable-2.9.4

stable-2.9.3

stable-2.9.2

stable-2.9.1

stable-2.9.0

stable-2.8.1

stable-2.8.0

stable-2.7.1

stable-2.7.0

stable-2.6.1

stable-2.6.0

stable-2.5.0

stable-2.4.0

stable-2.3.2

stable-2.3.1

stable-2.3.0

stable-2.2.1

stable-2.2.0

stable-2.1.0

h2-alpha-2

stable-2.0.0

h2-alpha-3

h2-alpha-1

1.7.5

1.7.5-rc1

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.4

1.6.3

1.6.2

1.6.2.2

1.6.2.1

1.6.1

1.6.0

1.5.2

1.5.1

1.5.0

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.4.0-rc1

1.3.7

1.3.7-rc1

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.1-rc1

1.3.0

1.2.1

1.2.0

1.2.0-rc2

1.2.0-rc1

1.1.3

1.1.2

1.1.1

1.1.0

1.0.2

1.0.1

1.0.0

1.0.0-rc2

1.0.0-rc1

0.9.1

0.9.0

0.8.6

0.8.5

0.8.4

0.8.3

0.8.2

0.8.1

0.8.0

0.7.5

0.7.4

0.7.3

0.7.2

0.7.1

0.7.0

0.6.0

0.5.0

v0.5.0

v0.4.4

v0.4.3

v0.4.2

v0.4.1

0.4.0

v0.4.0

v0.3.1

0.3.1

v0.3.0

0.3.0

0.2.1

0.2.0

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

0.1.0

release-0.0.11

release-0.0.10

release-0.0.9

release-0.0.8

release-0.0.7

Linkerd - stable-2.14.1

Security

stable-2.14.1

This stable release introduces a fix for service discovery on endpoints that
use hostPorts. Previously, the destination service would return the pod IP
associated with the endpoint which could break connectivity on pod restarts.
Discovery responses have been changed to instead return the host IP. This
release also fixes an issue in the multicluster extension where an empty
remoteDiscoverySelector field in the Link resource would cause all services
to be exported. Finally, this release includes numerous other fixes and
enhancements and addresses two security vulnerabilities,
CVE-2023-2603 detected in the proxy-init runtime
image's libcap library and RUSTSEC-2023-0052, a
potential CPU usage denial-of-service attack in the proxy's webpki library
dependency.

CLI
Fixed linkerd check --proxy incorrectly checking the proxy version of
pods in the completed state (thanks @mikutas!) ([#11295]; fixes [#11280])
Fixed erroneous skipped messages when injecting namespaces with linkerd inject (thanks @mikutas!) ([#10231])
CNI
Addressed security vulnerability CVE-2023-2603 in
proxy-init and CNI plugin ([#11296])
Control Plane
Changed how hostPort lookups are handled in the destination service.
Previously, when doing service discovery for an endpoint bound on a
hostPort, the destination service would return the corresponding pod IP. On
pod restart, this could lead to loss of connectivity on the client's side.
The destination service now always returns host IPs for service discovery
on an endpoint that uses hostPorts ([#11328])
Updated HTTPRoute webhook rule to validate all apiVersions of the resource
(thanks @mikutas!) ([#11149])
Helm
Removed unnecessary linkerd.io/helm-release-version annotation from the
linkerd-control-plane Helm chart (thanks @mikutas!) ([#11329]; fixes
[#10778])
Introduced resource requests/limits for the policy controller resource in
the control plane helm chart ([#11301])
Multicluster
Fixed an issue where an empty remoteDiscoverySelector field in a
multicluster link would cause all services to be mirrored ([#11309])
Removed time out from linkerd multicluster gateways command; when no
metrics exist the command will return instantly ([#11265])
Improved help messaging for linkerd multicluster link ([#11265])
Proxy
Addressed security vulnerability
RUSTSEC-2023-0052 in the proxy ([#11361])

Security

CVE-2023-2603

Details

date

Sept. 25, 2023, 6:45 p.m.

name

stable-2.14.1

type

Patch

official page

https://github.com/linkerd/linkerd2/releases/tag/stable-2.14.1

👇

🔍View and search all Linkerd releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity