Releases: cyberark/conjur
Releases · cyberark/conjur
v1.17.6
[1.17.6] - 2022-04-07
Changed
- Adds
CONJUR_USERS_IN_ROOT_POLICY_ONLYenvironment variable to prevent users from being created outside the root policy.
Security
- Upgrade Rails to 6.12.5.1 to close CVE-2022-22577 and CVE-2022-27777
cyberark/conjur#2553
v1.17.5
[1.17.5] - 2022-04-07
Changed
- Fixed promotion behavior
Security
- Updated nokogiri to 1.13.4 to resolve CVE-2022-24836
cyberark/conjur#2534
v1.17.4
[1.17.4] - 2022-04-07
Changed
- Fixed promotion behavior
v1.17.3
[1.17.3] - 2022-04-04
Changed
- Fixed issue where an invalid content type sent by our .NET SDK was causing
Conjur to error - but this wasn't the case before the Ruby 3 upgrade
#2525 - Verify non user or host resources do not have credentials.
Security
- Updated KubeClient to 4.9.3 to resolve CVE-2022-0759
cyberark/conjur#2527
v1.17.2
[1.17.2] - 2022-03-09
Added
- Added the ability to fetch signing keys from JWKS endpoints that use a self-signed
certificate or a certificate signed by a third-party CA for JWT generic vendor
configuration
(#2462
#2461
#2456
#2455
#2457
#2452
#2437) - Added the ability for JWT generic vendor configuration to receive signing keys
for JWT token verification from a variable. Variable name ispublic-keys
(#2463
#2461
#2456
#2455
#2454
#2450
#2447
#2437) - Added support for SNI certificates when talking to the Kubernetes API
server through the web socket client.
#2482 - Added support for http(s)_proxy for Kubernetes client in Kubernetes
authenticator
#2432
Changed
- Update to automated release process
- Proper error message appears when JWT Authenticator gets HTTP code error
while trying to fetch JWKS data fromjwks-uri#2474 - Upgrade to Ruby 3. #2444
Fixed
- IAM Authn bug fix - Take rexml gem to production configuration #2493
- Previously, a stale puma pid file would prevent the Conjur server from starting
successfully. Conjur now removes a stale pid file at startup, if it exists.
#2498 - Use entirety of configured Kubernetes endpoint URL in Kubernetes authenticator's
web socket client, instead of only host and port
#2479
Security
- Updated rails to 6.1.4.7 to resolve CVE-2022-21831 (not vulnerable)
cyberark/conjur#2513 - Updated nokogiri to 1.13.3 to resolve CVE-2022-23308 and CVE-2021-30560
cyberark/conjur#2504 - Updated Rails to 6.1.4.4 to resolve CVE-2021-44528 (Medium, Not Vulnerable)
cyberark/conjur#2486 - Updated Rails to 6.1.4.6 to resolve CVE-2022-23633
- Updated Puma to 5.6.2 to resolve CVE-2022-23634
cyberark/conjur#2492 - Updated Puma to 5.6.4 to resolve CVE-2022-24790
cyberark/conjur#2534
v1.17.1
[1.17.1] - 2022-02-09
Added
- Added support for SNI certificates when talking to the Kubernetes API
server through the web socket client.
ONYX-14386 - Added support for http(s)_proxy for Kubernetes client in Kubernetes
authenticator
ONYX-16433
v1.17.0
v1.16.0
[1.16.0] - 2022-01-25
Added
- Added the ability to fetch signing keys from JWKS endpoints that use a self-signed
certificate or a certificate signed by a third-party CA for JWT generic vendor
configuration
(#2462
#2461
#2456
#2455
#2457
#2452
#2437) - Added the ability for JWT generic vendor configuration to receive signing keys
for JWT token verification from a variable. Variable name ispublic-keys
(#2463
#2461
#2456
#2455
#2454
#2450
#2447
#2437)
Changed
- Proper error message appears when JWT Authenticator gets HTTP code error
while trying to fetch JWKS data fromjwks-uri#2474
v0.0.1
ee63865
This commit was signed with the committer’s verified signature.
semyon-estrin
Semyon Estrin
