Skip to content

Commit

Permalink
edge-23.9.2 (#11367)
Browse files Browse the repository at this point in the history
This edge release updates the proxy's dependency on the `webpki` library
to patch security vulnerability [RUSTSEC-2023-0052]
(GHSA-8qv2-5vq6-g2g7), a potential CPU usage denial-of-service attack
when accepting a TLS handshake from an untrusted peer with a
maliciously-crafted certificate.

* Addressed security vulnerability [RUSTSEC-2023-0052] in the proxy
  (#11361)
* Fixed `linkerd check --proxy` incorrectly checking the proxy version
  of pods in the `completed` state (thanks @mikutas!) (#11295; fixes
  #11280)
* Removed unnecessary `linkerd.io/helm-release-version` annotation from
  the `linkerd-control-plane` Helm chart (thanks @mikutas!) (#11329;
  fixes #10778)

[RUSTSEC-2023-0052]:
    https://rustsec.org/advisories/RUSTSEC-2023-0052.html
  • Loading branch information
hawkw authored Sep 13, 2023
1 parent d1a2068 commit f5e490c
Show file tree
Hide file tree
Showing 9 changed files with 29 additions and 8 deletions.
21 changes: 21 additions & 0 deletions CHANGES.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,26 @@
# Changes

## edge-29.9.2

This edge release updates the proxy's dependency on the `webpki` library to
patch security vulnerability [RUSTSEC-2023-0052] (GHSA-8qv2-5vq6-g2g7), a
potential CPU usage denial-of-service attack when accepting a TLS handshake from
an untrusted peer with a maliciously-crafted certificate.

* Addressed security vulnerability [RUSTSEC-2023-0052] in the proxy ([#11361])
* Fixed `linkerd check --proxy` incorrectly checking the proxy version of pods
in the `completed` state (thanks @mikutas!) ([#11295]; fixes [#11280])
* Removed unnecessary `linkerd.io/helm-release-version` annotation from the
`linkerd-control-plane` Helm chart (thanks @mikutas!) ([#11329]; fixes
[#10778])

[RUSTSEC-2023-0052]: https://rustsec.org/advisories/RUSTSEC-2023-0052.html
[#11295]: https://github.com/linkerd/linkerd2/pull/11295
[#11280]: https://github.com/linkerd/linkerd2/issues/11280
[#11361]: https://github.com/linkerd/linkerd2/pull/11361
[#11329]: https://github.com/linkerd/linkerd2/pull/11329
[#10778]: https://github.com/linkerd/linkerd2/issues/10778

## edge-23.9.1

This edge release introduces a fix for service discovery on endpoints that use
Expand Down
2 changes: 1 addition & 1 deletion charts/linkerd-control-plane/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ dependencies:
- name: partials
version: 0.1.0
repository: file://../partials
version: 1.16.0-edge
version: 1.16.1-edge
icon: https://linkerd.io/images/logo-only-200h.png
maintainers:
- name: Linkerd authors
Expand Down
2 changes: 1 addition & 1 deletion charts/linkerd-control-plane/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
Linkerd gives you observability, reliability, and security
for your microservices — with no code change required.

![Version: 1.16.0-edge](https://img.shields.io/badge/Version-1.16.0--edge-informational?style=flat-square)
![Version: 1.16.1-edge](https://img.shields.io/badge/Version-1.16.1--edge-informational?style=flat-square)
![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)

Expand Down
2 changes: 1 addition & 1 deletion jaeger/charts/linkerd-jaeger/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0"
name: linkerd-jaeger
sources:
- https://github.com/linkerd/linkerd2/
version: 30.12.0-edge
version: 30.12.1-edge
icon: https://linkerd.io/images/logo-only-200h.png
maintainers:
- name: Linkerd authors
Expand Down
2 changes: 1 addition & 1 deletion jaeger/charts/linkerd-jaeger/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
The Linkerd-Jaeger extension adds distributed tracing to Linkerd using
OpenCensus and Jaeger.

![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square)
![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square)

![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)

Expand Down
2 changes: 1 addition & 1 deletion multicluster/charts/linkerd-multicluster/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0"
name: "linkerd-multicluster"
sources:
- https://github.com/linkerd/linkerd2/
version: 30.11.0-edge
version: 30.11.1-edge
icon: https://linkerd.io/images/logo-only-200h.png
maintainers:
- name: Linkerd authors
Expand Down
2 changes: 1 addition & 1 deletion multicluster/charts/linkerd-multicluster/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
The Linkerd-Multicluster extension contains resources to support multicluster
linking to remote clusters

![Version: 30.11.0-edge](https://img.shields.io/badge/Version-30.11.0--edge-informational?style=flat-square)
![Version: 30.11.1-edge](https://img.shields.io/badge/Version-30.11.1--edge-informational?style=flat-square)

![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)

Expand Down
2 changes: 1 addition & 1 deletion viz/charts/linkerd-viz/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0"
name: "linkerd-viz"
sources:
- https://github.com/linkerd/linkerd2/
version: 30.12.0-edge
version: 30.12.1-edge
icon: https://linkerd.io/images/logo-only-200h.png
maintainers:
- name: Linkerd authors
Expand Down
2 changes: 1 addition & 1 deletion viz/charts/linkerd-viz/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
The Linkerd-Viz extension contains observability and visualization
components for Linkerd.

![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square)
![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square)

![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)

Expand Down

0 comments on commit f5e490c

Please sign in to comment.