Releases: cyberark/conjur
Releases · cyberark/conjur
v1.17.7
[1.17.7] - 2022-06-29
Changed
- Made simplecov a dev/test dependency
cyberark/conjur#2564 - Added configuration for token TTL
cyberark/conjur#2510 - Added configuration for default value for maximum number of results return to
/resourcesrequest
cyberark/conjur#2510
Fixed
- Previously, the temporary schemas used to modify Conjur policy
caused the Postgres database catalog cache to leak memory over time,
leading to an eventual crash. Now, we recycle the database
connection after modifying policy to free this cache and prevent
the memory leak from occurring.
cyberark/conjur#2584
Security
- Update rack to 2.2.3.1 to resolve CVE-2022-3023
cyberark/conjur#2564 - Update nokogiri to 1.13.6 to resolve un-numbered libxml CVEs (both in main
Gemfile.lock and in docs/Gemfile.lock)
cyberark/conjur#2558
v1.17.6
[1.17.6] - 2022-04-07
Changed
- Adds
CONJUR_USERS_IN_ROOT_POLICY_ONLYenvironment variable to prevent users from being created outside the root policy.
Security
- Upgrade Rails to 6.12.5.1 to close CVE-2022-22577 and CVE-2022-27777
cyberark/conjur#2553
v1.17.5
[1.17.5] - 2022-04-07
Changed
- Fixed promotion behavior
Security
- Updated nokogiri to 1.13.4 to resolve CVE-2022-24836
cyberark/conjur#2534
v1.17.4
[1.17.4] - 2022-04-07
Changed
- Fixed promotion behavior
v1.17.3
[1.17.3] - 2022-04-04
Changed
- Fixed issue where an invalid content type sent by our .NET SDK was causing
Conjur to error - but this wasn't the case before the Ruby 3 upgrade
#2525 - Verify non user or host resources do not have credentials.
Security
- Updated KubeClient to 4.9.3 to resolve CVE-2022-0759
cyberark/conjur#2527
v1.17.2
[1.17.2] - 2022-03-09
Added
- Added the ability to fetch signing keys from JWKS endpoints that use a self-signed
certificate or a certificate signed by a third-party CA for JWT generic vendor
configuration
(#2462
#2461
#2456
#2455
#2457
#2452
#2437) - Added the ability for JWT generic vendor configuration to receive signing keys
for JWT token verification from a variable. Variable name ispublic-keys
(#2463
#2461
#2456
#2455
#2454
#2450
#2447
#2437) - Added support for SNI certificates when talking to the Kubernetes API
server through the web socket client.
#2482 - Added support for http(s)_proxy for Kubernetes client in Kubernetes
authenticator
#2432
Changed
- Update to automated release process
- Proper error message appears when JWT Authenticator gets HTTP code error
while trying to fetch JWKS data fromjwks-uri#2474 - Upgrade to Ruby 3. #2444
Fixed
- IAM Authn bug fix - Take rexml gem to production configuration #2493
- Previously, a stale puma pid file would prevent the Conjur server from starting
successfully. Conjur now removes a stale pid file at startup, if it exists.
#2498 - Use entirety of configured Kubernetes endpoint URL in Kubernetes authenticator's
web socket client, instead of only host and port
#2479
Security
- Updated rails to 6.1.4.7 to resolve CVE-2022-21831 (not vulnerable)
cyberark/conjur#2513 - Updated nokogiri to 1.13.3 to resolve CVE-2022-23308 and CVE-2021-30560
cyberark/conjur#2504 - Updated Rails to 6.1.4.4 to resolve CVE-2021-44528 (Medium, Not Vulnerable)
cyberark/conjur#2486 - Updated Rails to 6.1.4.6 to resolve CVE-2022-23633
- Updated Puma to 5.6.2 to resolve CVE-2022-23634
cyberark/conjur#2492 - Updated Puma to 5.6.4 to resolve CVE-2022-24790
cyberark/conjur#2534
v1.17.1
[1.17.1] - 2022-02-09
Added
- Added support for SNI certificates when talking to the Kubernetes API
server through the web socket client.
ONYX-14386 - Added support for http(s)_proxy for Kubernetes client in Kubernetes
authenticator
ONYX-16433
v1.17.0
v1.16.0
[1.16.0] - 2022-01-25
Added
- Added the ability to fetch signing keys from JWKS endpoints that use a self-signed
certificate or a certificate signed by a third-party CA for JWT generic vendor
configuration
(#2462
#2461
#2456
#2455
#2457
#2452
#2437) - Added the ability for JWT generic vendor configuration to receive signing keys
for JWT token verification from a variable. Variable name ispublic-keys
(#2463
#2461
#2456
#2455
#2454
#2450
#2447
#2437)
Changed
- Proper error message appears when JWT Authenticator gets HTTP code error
while trying to fetch JWKS data fromjwks-uri#2474
v0.0.1
ee63865
This commit was signed with the committer’s verified signature.
semyon-estrin
Semyon Estrin