Overview All releases

Version History

v0.64.1 v0.64.0 v0.63.0

v0.62.1

v0.62.0 v0.61.0 v0.60.0 v0.59.0 v0.58.0 v0.57.1 v0.57.0 v0.56.0 v0.55.0 v0.54.0 v0.53.1 v0.53.0 v0.52.0 v0.51.0 v0.50.2 v0.50.1 v0.50.0 v0.49.2 v0.49.1 v0.49.0 v0.48.0 v0.47.4 v0.47.3 v0.47.2 v0.47.1 v0.47.0 v0.46.3 v0.46.2 v0.46.1 v0.45.0 v0.44.0 v0.43.1 v0.43.0 v0.42.2 v0.42.1 v0.42.0 v0.41.0 v0.40.0 v0.39.0 v0.38.1 v0.38.0 v0.37.2 v0.37.1 v0.37.0 v0.36.1 v0.36.0

v0.35.0

v0.34.2

v0.34.1

v0.34.0

v0.33.1

v0.33.0

v0.32.1

v0.32.0

v0.31.0

v0.30.2

v0.30.1

v0.30.0

v0.29.4

v0.29.3

v0.29.2

v0.29.1

v0.28.0

v0.27.1

v0.27.0

v0.26.0

v0.25.2

v0.25.1

v0.25.0

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.1

v0.21.0

v0.20.5

v0.20.4

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.2

v0.19.1

v0.19.0

v0.19.0-rc1

v0.18.0

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.2

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.2

v0.14.1

v0.14.0

v0.13.5

v0.13.4

v0.13.3

v0.13.2

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.0

v0.10.7

v0.10.6

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.2

v0.2.1

v0.2.0

v0.1.0

Open Policy Agent - v0.62.1

Security

This is a security fix release for the fixes published in Go 1.22.1.

OPA servers using --authentication=tls would be affected: crafted malicious client certificates could cause a panic in the server.

Also, crafted server certificates could panic OPA's HTTP clients, in bundle plugin, status and decision logs; and http.send calls that verify TLS.

This is CVE-2024-24783 (https://pkg.go.dev/vuln/GO-2024-2598).

Note that there are other security fixes in this Golang release, but whether or not OPA is affected is harder to assess. An update is advised.

Miscellaneous

Add Trino to OPA ecosystem (authored by @mosabua)
update: ADOPTERS.md (#6608) (authored by @fredmaggiowski)

Security

CVE-2024-24783

Details

date

March 6, 2024, 10:37 a.m.

name

v0.62.1

type

Patch

official page

https://github.com/open-policy-agent/opa/releases/tag/v0.62.1

👇

🔍View and search all Open Policy Agent releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity