Update Helm release cert-manager to v1.16.2 - autoclosed #121
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.15.3
->v1.16.2
Release Notes
cert-manager/cert-manager (cert-manager)
v1.16.2
Compare Source
v1.16.1
Compare Source
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
The cert-manager 1.16 release includes: new Helm chart features, more Prometheus metrics, memory optimizations, and various improvements and bug fixes for the ACME issuer and Venafi Issuer.
📖 Read the complete 1.16 release notes before upgrading.
📜Changes since
v1.16.0
Bug or Regression
@inteon
)podDisruptionBudget.minAvailable
andpodDisruptionBudget.maxAvailable
values. (#7345,@inteon
)enabled
to be set as a value to toggle cert-manager as a dependency. (#7356,@inteon
)v1.16.0
caused cert-manager's ACME ClusterIssuer to look in the wrong namespace for resources required for the issuance (e.g. credential Secrets). This is now fixed inv1.16.1
. (#7342,@inteon
)v1.16.0
Compare Source
v1.15.4
Compare Source
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
This patch release of cert-manager 1.15 makes several changes to how PEM input is validated, adding maximum sizes appropriate to the type of PEM data which is being parsed.
This is to prevent an unacceptable slow-down in parsing specially crafted PEM data. The issue was found by Google's OSS-Fuzz project.
The issue is low severity; to exploit the PEM issue would require privileged access which would likely allow Denial-of-Service through other methods.
Note also that since most PEM data parsed by cert-manager comes from
ConfigMap
orSecret
resources which have a max size limit of approximately 1MB, it's difficult to force cert-manager to parse large amounts of PEM data.Further information is available in GHSA-r4pg-vg54-wxx4
In addition, the version of Go used to build cert-manager 1.15 was updated along with the base images, and a Route53 bug fix was backported.
Changes by Kind
Bug or Regression
Other (Cleanup or Flake)
Configuration
📅 Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.