strimzi/strimzi-kafka-operator 0.49.1

on GitHub

⚠️ SECURITY: Strimzi 0.49.1 addresses CVE-2025-66623. If you use Strimzi 0.47.0 or newer, we recommend upgrading to 0.49.1.

⚠️ IMPORTANT: Strimzi 0.49 introduces new API version v1 to all Strimzi custom resources.

• Make sure to Upgrade the CRDs as part of the Strimzi upgrade as well (especially when using Helm).
• The old API versions (v1alpha1, v1beta1, and v1beta2) will continue to be supported until Strimzi 1.0.0 / 0.52.0.
• Before upgrading to Strimzi 0.49.0 or newer, make sure that you update your KafkaUser resources to use the .spec.authorization.acls[]operations field instead of the deprecated .spec.authorization.acls[]operation.
• For more details about the migration to the v1 API and CRD upgrades, see the documentation.

Main changes since 0.49.0

This release contains the following bug fixes and improvements:

• Fixes CVE-2025-66623
• Fixed TLS configuration in MirrorMaker 2 examples
• v1 API Conversion Tool bug fixes
• Fixed incorrect default names for Strimzi Metrics Provider metrics
• Fixed Push secret handling when UseConnectBuildWithBuildah feature gate is enabled
• Documentation improvements

All changes can be found under the 0.49.1 milestone.

Upgrading from Strimzi 0.49.0

See the documentation for upgrade instructions.

Container images

The following container images are part of this release: