Skip to content

v1.11.2
Compare
Choose a tag to compare
@micahlee micahlee released this 02 Feb 21:07
· 1275 commits to master since this release
v1.11.2
This tag was signed with the committer’s verified signature.
micahlee Micah Lee
GPG key ID: 86DC546BB7F526B6
Learn about vigilant mode.
e24f2e2
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Added

  • New edge-tagged images are published to DockerHub on every master branch
    build.
    cyberark/conjur#1617

Changed

  • Conjur images are updated to use pinned versions of the public base images.
    Users can now determine exactly which dependencies in the
    Conjur Base Image project
    are included in their Conjur image.
    cyberark/conjur#1974
  • Messages for password change now have the field role instead of user under subject
    cyberark/conjur#2014
  • When batch secret requests are sent with an Accept: base64 header, the secret
    values in the response will all be Base64-encoded. Sending requests with this
    header allows users to retrieve binary secrets encoded in Base64.
    cyberark/conjur#1962
  • Conjur now verifies that the offset parameter is a valid integer value.
    The GET /resources request will fail if offset is not an integer greater
    than or equal to 0.
    cyberark/conjur#1997

Fixed

  • Requests with empty body and application/json Content-Type Header will now
    return 400 error instead of 500 error.
    cyberark/conjur#1968
  • Policy loading no longer fails when attempting to update the annotation
    search index for a resource that no longer exists.
    cyberark/conjur#1948
  • Audit engine routing now correctly matches URLs that include a period (.)
    in the resource ID.
    cyberark/conjur#2001
  • Attempts to retrieve binary secret data in a batch request without using
    the Accept: base64 header now returns a message explaining that improper
    secret encoding is the cause of the 500 response.
    cyberark/conjur#1962
  • GET /resources request with non-numeric delimiter (limit or offset) now
    returns Error 422 Unprocessable Entity instead of Error 500.
    cyberark/conjur#1997
  • POST /host_factory_tokens request with invalid ip address or CIDR range of
    cidr parameter now returns Error 422 Unprocessable Entity instead of Error 500.
    cyberark/conjur#2011

Security

  • Kubernetes authenticator certificate injection process now performs certificate
    verification to prevent MitM attacks.
    Security Bulletin
Assets 2
Loading