github kubernetes/ingress-nginx controller-v1.11.5
on GitHub

latest releases: controller-v1.12.1, helm-chart-4.12.1
8 days ago

Changelog

controller-v1.11.5

This release fixes the following CVEs:

Unfortunately, to fix CVE-2025-1974 it was necessary to disable the validation of the generated NGINX configuration during the validation of Ingress resources.

The resulting NGINX configuration is still checked before the actual loading, so that there are no failures of the underlying NGINX. However, invalid Ingress resources can lead to the NGINX configuration no longer being able to be updated.

To reduce such situations as far as possible, we therefore recommend enabling annotation validation and disabling snippet annotations. In case of doubt, such states can be determined from the logs of the Ingress NGINX Controller. Watch out for a line of dashes followed by "Error:" telling you what went wrong.

Images:

  • registry.k8s.io/ingress-nginx/controller:v1.11.5@sha256:a1cbad75b0a7098bf9325132794dddf9eef917e8a7fe246749a4cea7ff6f01eb
  • registry.k8s.io/ingress-nginx/controller-chroot:v1.11.5@sha256:ec9df3eb6b06563a079ee46045da94cbf750f7dbb16fdbcb9e3265b551ed72ad

All changes:

  • Images: Trigger controller build. (#13072)
  • Controller: Several security fixes. (#13070)
  • Chart: Bump Kube Webhook CertGen. (#13067)
  • Tests & Docs: Bump images. (#13065)
  • Images: Trigger other builds (2/2). (#13060)
  • Images: Trigger other builds (1/2). (#13058)
  • Tests: Bump Test Runner to v1.3.1. (#13049)
  • Images: Trigger Test Runner build. (#13046)
  • Images: Bump NGINX_BASE to v0.3.1. (#13041)
  • Images: Trigger NGINX build. (#13040)
  • Go: Update dependencies. (#13037)
  • CI: Update KIND to v1.32.3. (#13030)
  • CI: Update Kubernetes to v1.32.3. (#13026)
  • Images: Rework. (3/3) (#13017)
  • Images: Rework. (2/3) (#13012)
  • Images: Rework. (1/3) (#13015)
  • Custom Error Pages: Accept first of many MIME types. (#13007)
  • Docs: Use enable-global-auth annotation instead of non-existing ConfigMap option. (#12977)
  • Go: Update dependencies. (#12964)
  • Docs: Update link to values.yaml. (#12961)
  • fix DNS issues with unresolvable backends with ExternalName (#12952)
  • Go: Bump to v1.24.1. (#12943)
  • CI: Update KIND images. (#12932)
  • Test: Remove gRPC Fortune Teller. (#12930)
  • NGINX: Update ModSecurity. (#12916)
  • Development: Update KIND images. (#12910)
  • Config: Remove notes about future defaults. (#12899)
  • Images: Update kubectl to v1.32.2. (#12855)
  • Development: Update Kubernetes to v1.32.0. (#12854)
  • CI: Update kubectl to v1.32.2. (#12852)
  • Images: Migrate to AR. (2/2) (#12850)
  • Images: Migrate to AR. (1/2) (#12847)
  • Docs: Migrate to AR. (#12808)
  • Docs: Enable code copy button. (#12806)
  • Go: Bump to v1.23.6. (#12800)
  • CI: Update Artifact Hub to v1.20.0. (#12794)
  • Images: Update kubectl to v1.31.5. (#12792)
  • CI: Update kubectl to v1.31.5. (#12790)
  • Development: Bump Kubernetes to v1.31.4. (#12783)
  • Go: Replace golang.org/x/exp/slices with slices. (#12780)
  • Docs: Fix character format. (#12774)
  • Docs: Improve bare-metal setup. (#12745)
  • Build: Always use local tmp dir on macOS. (#12742)
  • Development: Bump Kubernetes to v1.31.4. (#12740)
  • Images: Bump gcb-docker-gcloud to v20250116-2a05ea7e3d. (#12737)
  • Go: Bump to v1.23.5. (#12735)
  • Docs: Clarify rate limits are per ingress controller replica. (#12716)
  • Go: Stop using workspace. (#12713)
  • Chart: Bump Kube Webhook CertGen. (#12697)
  • Tests & Docs: Bump images. (#12695)
  • Images: Trigger other builds (2/2). (#12691)
  • Images: Trigger other builds (1/2). (#12687)
  • Tests: Bump Test Runner to v20250112-01b7af21. (#12685)
  • Images: Trigger Test Runner build. (#12682)
  • Images: Bump NGINX_BASE to v0.3.0. (#12679)
  • Images: Trigger NGINX build. (#12675)
  • NGINX: Align quotes. (#12670)
  • Annotations: Deny newlines. (#12666)
  • Annotations: Reload on custom header changes. (#12653)
  • NGINX: Bump ModSecurity. (#12650)
  • NGINX: Bump OpenTelemetry. (#12632)

Dependency updates:

  • Bump github.com/opencontainers/runc from 1.2.5 to 1.2.6 in the go group across 1 directory (#13034)
  • Bump github.com/onsi/ginkgo/v2 from 2.23.0 to 2.23.3 (#13028)
  • Bump the actions group with 5 updates (#13024)
  • Bump dorny/test-reporter from 1.9.1 to 2.0.0 (#12990)
  • Bump github.com/prometheus/common from 0.62.0 to 0.63.0 (#12988)
  • Bump the go group across 3 directories with 9 updates (#12986)
  • Bump the actions group with 3 updates (#12983)
  • Bump github/codeql-action from 3.28.10 to 3.28.11 in the actions group (#12969)
  • Bump github.com/onsi/ginkgo/v2 from 2.22.2 to 2.23.0 (#12959)
  • Bump golang.org/x/crypto from 0.35.0 to 0.36.0 (#12956)
  • Bump the go group across 2 directories with 1 update (#12939)
  • Bump google.golang.org/grpc from 1.70.0 to 1.71.0 (#12936)
  • Bump golang.org/x/crypto from 0.34.0 to 0.35.0 (#12924)
  • Bump the actions group with 3 updates (#12922)
  • Bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#12901)
  • Bump golang.org/x/crypto from 0.33.0 to 0.34.0 (#12894)
  • Bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 in /images/custom-error-pages/rootfs (#12891)
  • Bump the actions group with 4 updates (#12890)
  • Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#12868)
  • Bump the go group across 3 directories with 11 updates (#12866)
  • Bump the actions group with 2 updates (#12864)
  • Bump github.com/spf13/cobra from 1.8.1 to 1.9.1 in /images/kube-webhook-certgen/rootfs (#12862)
  • Bump the actions group with 4 updates (#12815)
  • Bump golang.org/x/crypto from 0.32.0 to 0.33.0 (#12813)
  • Bump the actions group with 2 updates (#12778)
  • Bump the go group across 2 directories with 1 update (#12776)
  • Bump google.golang.org/grpc from 1.69.4 to 1.70.0 (#12761)
  • Bump sigs.k8s.io/controller-runtime from 0.20.0 to 0.20.1 in the go group across 1 directory (#12759)
  • Bump the actions group with 5 updates (#12757)
  • Bump sigs.k8s.io/controller-runtime from 0.19.4 to 0.20.0 (#12731)
  • Bump github.com/prometheus/common from 0.61.0 to 0.62.0 (#12729)
  • Bump the go group across 3 directories with 9 updates (#12727)
  • Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 in the actions group (#12724)
  • Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the go group across 1 directory (#12700)
  • Bump the actions group with 3 updates (#12665)
  • Bump the go group across 1 directory with 3 updates (#12663)
  • Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (#12660)
  • Bump github.com/onsi/ginkgo/v2 from 2.22.1 to 2.22.2 (#12629)

Full Changelog: controller-v1.11.4...controller-v1.11.5

Check out latest releases or
releases around kubernetes/ingress-nginx controller-v1.11.5

Don't miss a new ingress-nginx release

NewReleases is sending notifications on new releases.

Get notifications