Skip to content

v0.22.2

Compare
Choose a tag to compare
@desimone desimone released this 26 May 20:57
· 12 commits to 0-22-0 since this release
6efd1d6

Security

  • This release fixes a bug whereby specially crafted requests could result in incorrect authorization decisions made by Pomerium. CVE-2023-33189.

What's Changed

  • fix WillHaveCertificateForServerName check to be strict match for derived cert name by @backport-actions-token in #4169
  • improve certificate matching performance by @backport-actions-token in #4188
  • envoy: set re2 limits very high by @backport-actions-token in #4189
  • databroker: sort configs by @backport-actions-token in #4191
  • databroker: fix fast forward by @backport-actions-token in #4194

Full Changelog: v0.22.1...v0.22.2