github pomerium/pomerium v0.19.2
on GitHub

latest releases: v0.25.2, v0.25.1, v0.25.0...
11 months ago

Security

  • This release fixes a bug whereby specially crafted requests could result in incorrect authorization decisions made by Pomerium. CVE-2023-33189.

What's Changed

  • postgres: return an empty list of addresses on dns errors by @backport-actions-token in #3638
  • ppl: support special characters in claim keys by @backport-actions-token in #3640
  • authorize: enforce service account expiration by @backport-actions-token in #3662
  • config: disable envoy admin by default, expose stats via envoy route by @backport-actions-token in #3684
  • fileutil: update watcher to use fsnotify and polling (#3663) by @calebdoxsey in #3685
  • httputil: remove error details by @backport-actions-token in #3705

Full Changelog: v0.19.1...v0.19.2

Check out latest releases or
releases around pomerium/pomerium v0.19.2

Don't miss a new pomerium release

NewReleases is sending notifications on new releases.

Get notifications