Releases: cyberark/secretless-broker
Releases · cyberark/secretless-broker
v1.7.15
[1.7.15] - 2022-09-22
Security
- Updated direct dependencies in bin/juxtaposer/go.mod and go.mod and add replace statements
for known vulnerable third-party versions.
cyberark/secretless-broker#1479] - Upgrade golang.org/x/text and golange.org/x/net to reolve CVE-2022-32149
and CVE-2022-27664
cyberark/secretless-broker#1478 - Upgrade website Dockerfiles to Ruby 3 to resolve CVE-2022-0778.
cyberark/secretless-broker#1475
v1.7.14
[1.7.14] - 2022-08-17
Security
- Added replace & exclude statements to go.mod to remove dependency on
github.com/emicklei/go-restful v2.8.5 to resolve CVE-2022-1996
cyberark/secretless-broker#1473
v1.7.13
[1.7.13] - 2022-07-07
Changed
- Updated direct dependencies in bin/juxtaposer/go.mod and in go.mod and add replace statements
for known vulnerable third-party versions.
cyberark/secretless-broker#1467
v1.7.12
Changed
- Update to automated release process
cyberark/secretless-broker#1462
v1.7.11
Added
- Support for building on Apple M1 hardware.
cyberark/secretless-broker#1456
Security
- Updated github.com/containerd/containerd to resolve CVE-2022-23648
cyberark/secretless-broker#1459 - Updated github.com/docker/docker to resolve CVE-2015-3627
cyberark/secretless-broker#1459 - Updated github.com/docker/distribution to resolve GHSA-qq97-vm5h-rrhg
cyberark/secretless-broker#1459
v1.7.10
v1.7.10
This tag was signed with the committer’s verified signature.
john-odonnell
John O'Donnell
Fixed
- Postgres connector has been updated to propagate client options through Secretless to target server.
cyberark/secretless-broker#1444
Security
- Updated github.com/containerd/containerd to resolve GHSA-5j5w-g665-5m35
cyberark/secretless-broker#1450
v1.7.9
Changelog
Changed
- Use latest version of conjur-authn-k8s-client which supports JWT loging and tracing.
cyberark/secretless-broker#1446
v1.7.8
1.7.8 - 2021-11-09
Fixed
- Version bump to resolve flakey test on tagged master.
cyberark/secretless-broker#1438
v1.7.7 - 2021-11-03
Fixed
- Request-signing on the AWS connector was updated to address a bug that was
causing failed integrity checks, where the request-signing by Secretless was
incorporating more headers than were used on the original request-signing. The
fix limits the headers used by Secretless to those used in the original
request. cyberark/secretless-broker#1432
Security
- Updated containerd to v1.4.11 to close CVE-2020-15257 (Not vulnerable)
cyberark/secretless-broker#1431
v1.7.6
v1.7.5
Changelog
Security
- Updated addressable to 2.8.0 in docs/Gemfile.lock to resolve GHSA-jxhc-q857-3j6g
cyberark/secretless-broker#1418 - Updated github.com/gogo/protobuf to 1.3.2 to resolve CVE-2021-3121
cyberark/secretless-broker#1418