Releases: cyberark/secretless-broker
Releases · cyberark/secretless-broker
v1.7.13
[1.7.13] - 2022-07-07
Changed
- Updated direct dependencies in bin/juxtaposer/go.mod and in go.mod and add replace statements
for known vulnerable third-party versions.
cyberark/secretless-broker#1467
v1.7.12
Changed
- Update to automated release process
cyberark/secretless-broker#1462
v1.7.11
Added
- Support for building on Apple M1 hardware.
cyberark/secretless-broker#1456
Security
- Updated github.com/containerd/containerd to resolve CVE-2022-23648
cyberark/secretless-broker#1459 - Updated github.com/docker/docker to resolve CVE-2015-3627
cyberark/secretless-broker#1459 - Updated github.com/docker/distribution to resolve GHSA-qq97-vm5h-rrhg
cyberark/secretless-broker#1459
v1.7.10
v1.7.10
This tag was signed with the committer’s verified signature.
john-odonnell
John O'Donnell
Fixed
- Postgres connector has been updated to propagate client options through Secretless to target server.
cyberark/secretless-broker#1444
Security
- Updated github.com/containerd/containerd to resolve GHSA-5j5w-g665-5m35
cyberark/secretless-broker#1450
v1.7.9
Changelog
Changed
- Use latest version of conjur-authn-k8s-client which supports JWT loging and tracing.
cyberark/secretless-broker#1446
v1.7.8
1.7.8 - 2021-11-09
Fixed
- Version bump to resolve flakey test on tagged master.
cyberark/secretless-broker#1438
v1.7.7 - 2021-11-03
Fixed
- Request-signing on the AWS connector was updated to address a bug that was
causing failed integrity checks, where the request-signing by Secretless was
incorporating more headers than were used on the original request-signing. The
fix limits the headers used by Secretless to those used in the original
request. cyberark/secretless-broker#1432
Security
- Updated containerd to v1.4.11 to close CVE-2020-15257 (Not vulnerable)
cyberark/secretless-broker#1431
v1.7.6
v1.7.5
Changelog
Security
- Updated addressable to 2.8.0 in docs/Gemfile.lock to resolve GHSA-jxhc-q857-3j6g
cyberark/secretless-broker#1418 - Updated github.com/gogo/protobuf to 1.3.2 to resolve CVE-2021-3121
cyberark/secretless-broker#1418
v1.7.4
Changed
- Update RH base image to
ubi8/ubiinstead ofrhel7/rhel.
PR cyberark/secretless-broker#1411
v1.7.3
Changelog
Changed
- Update k8s authenticator client version to 0.19.1, which streamlines the parsing of authentication responses, updates the project Golang version to v1.15, and improves error messaging.
Fixed
- Secretless now sends a valid "SSL is not supported" response per the PostgreSQL protocol standard when a client attempts to open an SSL connection (i.e. when configured with SSL mode
requireorprefer) via the PostgreSQL connector. When the client is configured with SSL modeprefer, the updated response enables the client to downgrade to an insecure connection and continue. Previously, clients sending requests using eitherrequireorpreferSSL mode would receive a generic error from Secretless, which made it harder to determine the root cause of the problem and broke howpreferis expected to work.
cyberark/secretless-broker#1377