github projectcontour/contour-operator v1.14.1
Contour Operator v1.14.1
on GitHub

latest releases: v1.24.0, v1.23.0, v1.22.1...
pre-release3 years ago

We are delighted to present version 1.14.1 of Contour Operator, which provides a method for packaging, deploying, and managing Contour.

Fixes

Upgrades the default Contour version to v1.14.1 & the default Envoy version to 1.17.2 for security and bug fixes. See the Envoy 1.17.2 changelogs for more details.

CVE-2021-28682 (CVSS score 7.5, High): Envoy through 1.17.1, 1.16.2, 1.15.3, and 1.14.6 contains a remotely exploitable integer overflow via a very large grpc-timeout value causes undefined behavior.
CVE-2021-28683 (CVSS score 7.5, High): Envoy through 1.17.1 and 1.16.2 contains a remotely exploitable crash in TLS when an unknown TLS alert code is received.
CVE-2021-29258 (CVSS score 7.5, High): Envoy through 1.17.1, 1.16.2, 1.15.3, and 1.14.6 contains a remotely exploitable crash in Envoy's HTTP2 Metadata, when an empty METADATA map is sent.

Check out latest releases or
releases around projectcontour/contour-operator v1.14.1

Don't miss a new contour-operator release

NewReleases is sending notifications on new releases.

Get notifications