All Versions
56
Latest Version
Avg Release Cycle
38 days
Latest Release
542 days ago
Changelog History
Page 2
Changelog History
Page 2
-
v1.2.5 Changes
July 13, 2022๐ Security
- โก๏ธ Updated to Go 1.17.12 to address CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, CVE-2022-30633, CVE-2022-28131, CVE-2022-30635, CVE-2022-30632, CVE-2022-30630, and CVE-2022-1962.
-
v1.2.4 Changes
May 12, 2022โ Added
- โช Ability to revert SPIFFE cert validation to standard X.509 validation in Envoy (#3009,#3014,#3020,#3034)
-
v1.2.3 Changes
April 12, 2022๐ Security
- โก๏ธ Updated to Go 1.17.9 to address CVE-2022-24675, CVE-2022-28327, CVE-2022-27536
-
v1.2.2 Changes
April 07, 2022โ Added
- ๐ฆ SPIRE Server and Agent log files can be rotated by sending the
SIGUSR2
signal to the process (#2703) - ๐ K8s Workload Registrar CRD mode now supports registering "downstream" workloads (#2885)
- ๐ SPIRE can now be compiled on macOS machines with an Apple Silicon CPU (#2876)
- ๐ Small documentation improvements (#2851)
๐ Changed
- SPIRE Server no longer sets the
DigitalSignature
KeyUsage bit in its CA certificate (#2896)
๐ Fixed
- ๐ The
k8sbundle
Notifier plugin in SPIRE Server no longer consumes excessive CPU cycles (#2857)
- ๐ฆ SPIRE Server and Agent log files can be rotated by sending the
-
v1.2.1 Changes
March 16, 2022โ Added
- ๐ The SPIRE Agent
fetch jwt
CLI command now supports JSON output (#2650)
๐ Changed
- OIDC Discovery Provider now includes the
alg
parameter in JWKs to increase compatibility (#2771) - ๐ SPIRE Server now gracefully stops plugin servers, allowing outstanding RPCs a chance to complete (#2722)
- ๐ SPIRE Server logs additional authorization information with RPC requests (#2776)
- ๐ Small documentation improvements (#2746, #2792)
๐ Fixed
- SPIRE Server now properly rotates signing keys when prepared or activated keys are lost from the database (#2770)
- โ The AWS IID node attestor now works with instance profiles which have paths (#2825)
- ๐ Fixed a crash in SPIRE Agent caused by a race on the agent cache (#2699)
- ๐ The SPIRE Agent
-
v1.2.0 Changes
January 28, 2022โ Added
- ๐ง SPIRE Server can now be configured to mint agent SVIDs with a specific TTL (#2667)
- ๐ง A set of fixed admin SPIFFE IDs can now be configured in SPIRE Server (#2677)
๐ Changed
- Upstream signed CA chain is now validated to prevent misconfigurations (#2644)
- ๐ Improved SVID signing logs to include more context (#2678)
- ๐ The deprecated agent key file (
svid.key
) is no longer proactively removed by the agent (#2671) - ๐ Improved errors when agent path template execution fails due to missing key (#2683)
- ๐ SPIRE now consumes the SVIDStore V1 interface published in the SPIRE Plugin SDK (#2688)
๐ Deprecated
- ๐ API support for paths without leading slashes in
spire.api.types.SPIFFEID
messages has been deprecated (#2686, #2692) - ๐ The SVIDStore V1 interface published in SPIRE repository has been renamed to
svidstore.V1Unofficial
and is now deprecated in favor of the interface published in the SPIRE Plugin SDK (#2688)
โ Removed
- ๐ง The deprecated
domain
configurable has been removed from the SPIRE OIDC Discovery Provider (#2672) - The deprecated
allow_unsafe_ids
configurable has been removed from SPIRE Server (#2685)
-
v1.1.5 Changes
May 12, 2022โ Added
- โช Ability to revert SPIFFE cert validation to standard X.509 validation in Envoy (#3009,#3014,#3020,#3034)
-
v1.1.4 Changes
April 13, 2022๐ Security
- โก๏ธ Updated to Go 1.17.9 to address CVE-2022-24675, CVE-2022-28327, CVE-2022-27536
-
v1.1.3 Changes
January 07, 2022๐ Security
- ๐ Fixed CVE-2021-44716
-
v1.1.2 Changes
December 15, 2021โ Added
- ๐ SPIRE Agent now supports the Delegated Identity API for delegating SVID management to trusted platform components (#2481)
- ๐ง The K8s Workload Registrar now supports configuring DNS name templates (#2643)
- ๐ SPIRE Server now logs a message when expired registration entries are pruned (#2637)
- ๐ OIDC Discovery Provider now supports setting the
use
property on the JWKs it serves (#2634)
๐ Fixed
- โ SPIRE Agent now provides reason for failure during certain kinds of attestation errors (#2628)