cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
đ Read the release documentation to learn more more about the features introduced in 1.12.
đ Changes since v1.12.12
This patch release fixes the following vulnerabilities: CVE-2024-6104, CVE-2024-24791, CVE-2024-25620, CVE-2024-26147, and CVE-2024-41110.
âšī¸ This version contains an unusually large number of Go dependency changes for
a patch release. The cert-manager maintainers are confident that it is stable
because it has passed the same extensive suite of tests as previous1.12
releases. But if you are importing cert-manager1.12as a Go module you will
notice that the minimum Go version is1.21, and thek8s.iomodules are now
updated to0.29.This reason for the large number of Go dependency changes is that the Helm SDK
has been updated to fix security vulnerabilities incmctl. This required the
k8s.iomodules to be updated from0.27to0.29in all components. Those
newer minor versions of the Kubernetes modules pulled in new transitive
dependencies, and incremented the minimum Go version from1.20to1.21.
Bugfixes
- Bump the
go-retryablehttpdependency to fixCVE-2024-6104(#7128, @SgtCoDFish) - Updated Helm dependency to resolve
CVE-2024-25620andCVE-2024-26147and Docker dependency to resolveCVE-2024-41110(#7214, @ThatsMrTalbot) - Updates Go to
1.21.13to resolveCVE-2024-24791(#7216, @ThatsMrTalbot)
Dependencies
Added
github.com/antlr/antlr4/runtime/Go/antlr/v4:8188dc5github.com/google/gnostic-models:v0.6.8github.com/xhit/go-str2duration/v2:v2.1.0
Changed
github.com/BurntSushi/toml:v1.2.1 â v0.3.1github.com/alecthomas/kingpin/v2:v2.3.1 â v2.3.2github.com/asaskevich/govalidator:f61b66f â 21a406dgithub.com/coreos/go-oidc:v2.1.0+incompatible â v2.2.1+incompatiblegithub.com/coreos/go-semver:v0.3.0 â v0.3.1github.com/coreos/go-systemd/v22:v22.4.0 â v22.5.0github.com/cpuguy83/go-md2man/v2:v2.0.2 â v2.0.3github.com/davecgh/go-spew:v1.1.1 â d8f796agithub.com/dustin/go-humanize:v1.0.0 â v1.0.1github.com/emicklei/go-restful/v3:v3.9.0 â v3.11.0github.com/evanphx/json-patch:v5.6.0+incompatible â v5.7.0+incompatiblegithub.com/fatih/color:v1.15.0 â v1.16.0github.com/frankban/quicktest:v1.10.0 â v1.14.3github.com/fsnotify/fsnotify:v1.6.0 â v1.7.0github.com/go-openapi/jsonreference:v0.20.1 â v0.20.2github.com/golang-jwt/jwt/v4:v4.4.2 â v4.5.0github.com/golang/protobuf:v1.5.3 â v1.5.4github.com/google/cel-go:v0.12.6 â v0.17.7github.com/google/gnostic:v0.6.9 â v0.5.7-v3refsgithub.com/gorilla/websocket:v1.4.2 â v1.5.0github.com/hashicorp/go-hclog:v1.2.0 â v1.6.3github.com/hashicorp/go-retryablehttp:v0.7.2 â v0.7.7github.com/imdario/mergo:v0.3.12 â v0.3.13github.com/mattn/go-isatty:v0.0.17 â v0.0.20github.com/onsi/ginkgo/v2:v2.9.5 â v2.13.0github.com/onsi/gomega:v1.27.7 â v1.29.0github.com/prometheus/client_golang:v1.15.1 â v1.16.0github.com/prometheus/common:v0.42.0 â v0.44.0github.com/prometheus/procfs:v0.9.0 â v0.10.1github.com/sirupsen/logrus:v1.9.0 â v1.9.3github.com/spf13/cobra:v1.7.0 â v1.8.0go.etcd.io/bbolt:v1.3.6 â v1.3.8go.etcd.io/etcd/api/v3:v3.5.7 â v3.5.10go.etcd.io/etcd/client/pkg/v3:v3.5.7 â v3.5.10go.etcd.io/etcd/client/v2:v2.305.7 â v2.305.10go.etcd.io/etcd/client/v3:v3.5.7 â v3.5.10go.etcd.io/etcd/pkg/v3:v3.5.7 â v3.5.10go.etcd.io/etcd/raft/v3:v3.5.7 â v3.5.10go.etcd.io/etcd/server/v3:v3.5.7 â v3.5.10go.uber.org/atomic:v1.9.0 â v1.10.0go.uber.org/multierr:v1.6.0 â v1.11.0golang.org/x/exp:a1ab85d â a9213eegopkg.in/natefinch/lumberjack.v2:v2.0.0 â v2.2.1k8s.io/api:v0.27.2 â v0.29.7k8s.io/apiextensions-apiserver:v0.27.2 â v0.29.7k8s.io/apimachinery:v0.27.2 â v0.29.7k8s.io/apiserver:v0.27.2 â v0.29.7k8s.io/client-go:v0.27.2 â v0.29.7k8s.io/code-generator:v0.27.2 â v0.29.7k8s.io/component-base:v0.27.2 â v0.29.7k8s.io/gengo:c0856e2 â 9cce18dk8s.io/klog/v2:v2.100.1 â v2.110.1k8s.io/kms:v0.27.2 â v0.29.7k8s.io/kube-aggregator:v0.27.2 â v0.29.7k8s.io/kube-openapi:54b630e â 2dd684ak8s.io/utils:9f67429 â 3b25d92sigs.k8s.io/apiserver-network-proxy/konnectivity-client:v0.1.2 â v0.28.0sigs.k8s.io/structured-merge-diff/v4:v4.2.3 â v4.4.1