From 82e6e87a21264bc2c810097661a6f8a4690cb13f Mon Sep 17 00:00:00 2001 From: Eliza Weisman Date: Wed, 13 Sep 2023 09:27:06 -0700 Subject: [PATCH 1/3] update Helm charts for edge-23.9.2 --- charts/linkerd-control-plane/Chart.yaml | 2 +- charts/linkerd-control-plane/README.md | 2 +- charts/linkerd2-cni/Chart.yaml | 2 +- charts/linkerd2-cni/README.md | 2 +- jaeger/charts/linkerd-jaeger/Chart.yaml | 2 +- jaeger/charts/linkerd-jaeger/README.md | 2 +- multicluster/charts/linkerd-multicluster/Chart.yaml | 2 +- multicluster/charts/linkerd-multicluster/README.md | 2 +- viz/charts/linkerd-viz/Chart.yaml | 2 +- viz/charts/linkerd-viz/README.md | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/charts/linkerd-control-plane/Chart.yaml b/charts/linkerd-control-plane/Chart.yaml index 30aa281151581..73eab13e2b354 100644 --- a/charts/linkerd-control-plane/Chart.yaml +++ b/charts/linkerd-control-plane/Chart.yaml @@ -16,7 +16,7 @@ dependencies: - name: partials version: 0.1.0 repository: file://../partials -version: 1.16.0-edge +version: 1.16.1-edge icon: https://linkerd.io/images/logo-only-200h.png maintainers: - name: Linkerd authors diff --git a/charts/linkerd-control-plane/README.md b/charts/linkerd-control-plane/README.md index 7da2d796d303f..632df0e74b6b2 100644 --- a/charts/linkerd-control-plane/README.md +++ b/charts/linkerd-control-plane/README.md @@ -3,7 +3,7 @@ Linkerd gives you observability, reliability, and security for your microservices — with no code change required. -![Version: 1.16.0-edge](https://img.shields.io/badge/Version-1.16.0--edge-informational?style=flat-square) +![Version: 1.16.1-edge](https://img.shields.io/badge/Version-1.16.1--edge-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) diff --git a/charts/linkerd2-cni/Chart.yaml b/charts/linkerd2-cni/Chart.yaml index 9ff1fba6daa3b..8f05343b6daff 100644 --- a/charts/linkerd2-cni/Chart.yaml +++ b/charts/linkerd2-cni/Chart.yaml @@ -9,4 +9,4 @@ description: | kubeVersion: ">=1.21.0-0" icon: https://linkerd.io/images/logo-only-200h.png name: "linkerd2-cni" -version: 30.12.0-edge +version: 30.12.1-edge diff --git a/charts/linkerd2-cni/README.md b/charts/linkerd2-cni/README.md index e6dcf057af401..4ed172dcbc488 100644 --- a/charts/linkerd2-cni/README.md +++ b/charts/linkerd2-cni/README.md @@ -6,7 +6,7 @@ Linkerd [CNI plugin](https://linkerd.io/2/features/cni/) takes care of setting up your pod's network so incoming and outgoing traffic is proxied through the data plane. -![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square) +![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) diff --git a/jaeger/charts/linkerd-jaeger/Chart.yaml b/jaeger/charts/linkerd-jaeger/Chart.yaml index 937067acc045e..dcd8584ed0460 100644 --- a/jaeger/charts/linkerd-jaeger/Chart.yaml +++ b/jaeger/charts/linkerd-jaeger/Chart.yaml @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0" name: linkerd-jaeger sources: - https://github.com/linkerd/linkerd2/ -version: 30.12.0-edge +version: 30.12.1-edge icon: https://linkerd.io/images/logo-only-200h.png maintainers: - name: Linkerd authors diff --git a/jaeger/charts/linkerd-jaeger/README.md b/jaeger/charts/linkerd-jaeger/README.md index ff6dde501d377..b3bff592bd2a8 100644 --- a/jaeger/charts/linkerd-jaeger/README.md +++ b/jaeger/charts/linkerd-jaeger/README.md @@ -3,7 +3,7 @@ The Linkerd-Jaeger extension adds distributed tracing to Linkerd using OpenCensus and Jaeger. -![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square) +![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) diff --git a/multicluster/charts/linkerd-multicluster/Chart.yaml b/multicluster/charts/linkerd-multicluster/Chart.yaml index b7d56c74f9ce4..738e9276ae156 100644 --- a/multicluster/charts/linkerd-multicluster/Chart.yaml +++ b/multicluster/charts/linkerd-multicluster/Chart.yaml @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0" name: "linkerd-multicluster" sources: - https://github.com/linkerd/linkerd2/ -version: 30.11.0-edge +version: 30.11.1-edge icon: https://linkerd.io/images/logo-only-200h.png maintainers: - name: Linkerd authors diff --git a/multicluster/charts/linkerd-multicluster/README.md b/multicluster/charts/linkerd-multicluster/README.md index eafedab747556..16ddc40dcc3e0 100644 --- a/multicluster/charts/linkerd-multicluster/README.md +++ b/multicluster/charts/linkerd-multicluster/README.md @@ -3,7 +3,7 @@ The Linkerd-Multicluster extension contains resources to support multicluster linking to remote clusters -![Version: 30.11.0-edge](https://img.shields.io/badge/Version-30.11.0--edge-informational?style=flat-square) +![Version: 30.11.1-edge](https://img.shields.io/badge/Version-30.11.1--edge-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) diff --git a/viz/charts/linkerd-viz/Chart.yaml b/viz/charts/linkerd-viz/Chart.yaml index 8211b7a556544..7c8e3e9765856 100644 --- a/viz/charts/linkerd-viz/Chart.yaml +++ b/viz/charts/linkerd-viz/Chart.yaml @@ -11,7 +11,7 @@ kubeVersion: ">=1.21.0-0" name: "linkerd-viz" sources: - https://github.com/linkerd/linkerd2/ -version: 30.12.0-edge +version: 30.12.1-edge icon: https://linkerd.io/images/logo-only-200h.png maintainers: - name: Linkerd authors diff --git a/viz/charts/linkerd-viz/README.md b/viz/charts/linkerd-viz/README.md index e8383c2853adb..8c96c172e864f 100644 --- a/viz/charts/linkerd-viz/README.md +++ b/viz/charts/linkerd-viz/README.md @@ -3,7 +3,7 @@ The Linkerd-Viz extension contains observability and visualization components for Linkerd. -![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square) +![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square) From 7cf86111fa7ff03aa748b7d2228e7730282f00bd Mon Sep 17 00:00:00 2001 From: Eliza Weisman Date: Wed, 13 Sep 2023 12:01:43 -0700 Subject: [PATCH 2/3] edge-23.9.2 This edge release updates the proxy's dependency on the `webpki` library to patch security vulnerability [RUSTSEC-2023-0052] (GHSA-8qv2-5vq6-g2g7), a potential CPU usage denial-of-service attack when accepting a TLS handshake from an untrusted peer with a maliciously-crafted certificate. * Addressed security vulnerability [RUSTSEC-2023-0052] in the proxy ([#11361]) * Fixed `linkerd check --proxy` incorrectly checking the proxy version of pods in the `completed` state (thanks @mikutas!) ([#11295]; fixes [#11280]) * Removed unnecessary `linkerd.io/helm-release-version` annotation from the `linkerd-control-plane` Helm chart (thanks @mikutas!) ([#11329]; fixes [#10778]) [RUSTSEC-2023-0052]: https://rustsec.org/advisories/RUSTSEC-2023-0052.html [#11295]: https://github.com/linkerd/linkerd2/pull/11295 [#11280]: https://github.com/linkerd/linkerd2/issues/11280 [#11361]: https://github.com/linkerd/linkerd2/pull/11361 [#11329]: https://github.com/linkerd/linkerd2/pull/11329 [#10778]: https://github.com/linkerd/linkerd2/issues/10778 --- CHANGES.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 4fe2eef1557fc..a4b735f2c2405 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,26 @@ # Changes +## edge-29.9.2 + +This edge release updates the proxy's dependency on the `webpki` library to +patch security vulnerability [RUSTSEC-2023-0052] (GHSA-8qv2-5vq6-g2g7), a +potential CPU usage denial-of-service attack when accepting a TLS handshake from +an untrusted peer with a maliciously-crafted certificate. + +* Addressed security vulnerability [RUSTSEC-2023-0052] in the proxy ([#11361]) +* Fixed `linkerd check --proxy` incorrectly checking the proxy version of pods + in the `completed` state (thanks @mikutas!) ([#11295]; fixes [#11280]) +* Removed unnecessary `linkerd.io/helm-release-version` annotation from the + `linkerd-control-plane` Helm chart (thanks @mikutas!) ([#11329]; fixes + [#10778]) + +[RUSTSEC-2023-0052]: https://rustsec.org/advisories/RUSTSEC-2023-0052.html +[#11295]: https://github.com/linkerd/linkerd2/pull/11295 +[#11280]: https://github.com/linkerd/linkerd2/issues/11280 +[#11361]: https://github.com/linkerd/linkerd2/pull/11361 +[#11329]: https://github.com/linkerd/linkerd2/pull/11329 +[#10778]: https://github.com/linkerd/linkerd2/issues/10778 + ## edge-23.9.1 This edge release introduces a fix for service discovery on endpoints that use From 97bf7be88d6f1381a0fb751a04b53873ceabcaf1 Mon Sep 17 00:00:00 2001 From: Eliza Weisman Date: Wed, 13 Sep 2023 12:16:58 -0700 Subject: [PATCH 3/3] un-bump CNI chart version (thanks @alpeb!) --- charts/linkerd2-cni/Chart.yaml | 2 +- charts/linkerd2-cni/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/linkerd2-cni/Chart.yaml b/charts/linkerd2-cni/Chart.yaml index 8f05343b6daff..9ff1fba6daa3b 100644 --- a/charts/linkerd2-cni/Chart.yaml +++ b/charts/linkerd2-cni/Chart.yaml @@ -9,4 +9,4 @@ description: | kubeVersion: ">=1.21.0-0" icon: https://linkerd.io/images/logo-only-200h.png name: "linkerd2-cni" -version: 30.12.1-edge +version: 30.12.0-edge diff --git a/charts/linkerd2-cni/README.md b/charts/linkerd2-cni/README.md index 4ed172dcbc488..e6dcf057af401 100644 --- a/charts/linkerd2-cni/README.md +++ b/charts/linkerd2-cni/README.md @@ -6,7 +6,7 @@ Linkerd [CNI plugin](https://linkerd.io/2/features/cni/) takes care of setting up your pod's network so incoming and outgoing traffic is proxied through the data plane. -![Version: 30.12.1-edge](https://img.shields.io/badge/Version-30.12.1--edge-informational?style=flat-square) +![Version: 30.12.0-edge](https://img.shields.io/badge/Version-30.12.0--edge-informational?style=flat-square) ![AppVersion: edge-XX.X.X](https://img.shields.io/badge/AppVersion-edge--XX.X.X-informational?style=flat-square)