trust-manager is the easiest way to manage security-critical trust bundles in Kubernetes and OpenShift clusters.
v0.6.1 is intended to fix CVE-2023-44487 and CVE-2023-39325, which relate to HTTP/2 servers in Go.
We have no particular reason to think that trust-manager was specifically vulnerable to (or even impacted by) these CVEs, but given their prominence we thought it best to patch them.
What's Changed
- [release-0.6] Bump deps to fix CVEs by @SgtCoDFish in #208
Full Changelog: v0.6.0...v0.6.1