This is a patch release that every user should upgrade to.
Addresses: CVE-2023-44487 see: GHSA-9wmc-rg4h-28wv for details
Changelog
- chore(deps): bump envoy from 1.24.10 to 1.24.11 #8028 @lahabana
- chore(deps): bump go from 1.18 to 1.21.1 #7533 #7828 @kumahq,@michaelbeaumont
- chore(deps): bump go version to 1.21.3 (backport of #8001) #8014 @kumahq
- chore(deps): bump golang.org/x/net to v0.17.0, google.golang.org/grpc to v1.57.1 #8029 @michaelbeaumont
- chore(deps): bump golangci-lint from v1.53.3 to v1.53.3 #7841 #7847 @kumahq
- chore(deps): security update #7406 #7453 #7717 @kumahq
- chore(deps): update CoreDNS to v1.11.1 (backport of #7523) #7528 @kumahq
- fix(containerd): only build cgroups on linux (backport of #7408) #7423 @kumahq
- fix(kuma-cp): set error when KDS clients fails in goroutine (backport of #7725) #7831 @kumahq
- fix(kuma-cp): specifying IPv6 Envoy Admin address breaks readiness/liveness probes (backport of #7909) #7930 @kumahq
- fix(metrics): hijacker should not pass accept-encoding (backport of #7572) #7580 @kumahq
- fix(sec): get rid of dependency on containerd (backport of #7387) #7389 @kumahq