ALB OAuth Proxy add-on change log
View information for version updates to the ALB OAuth Proxy add-on.
- Patch updates: IBM Cloud keeps all your add-on components up-to-date by automatically rolling out patch updates to the most recent version of the ALB OAuth Proxy that is offered by IBM Cloud Kubernetes Service.
- Minor version updates: To update your add-on components to the most recent minor version of the ALB OAuth Proxy that is offered by IBM Cloud Kubernetes Service, follow the steps in Updating managed add-ons.
Version 2.0.0
Version 2.0.0_2156, released 03 April 2024
- Resolves CVE-2024-24786
Version 2.0.0_2063, released on 16 January 2024
- Resolves CVE-2023-48795.
Version 2.0.0_1901, released on 25 October 2023
- Resolves CVE-2023-39325.
Version 2.0.0_1889, released on 18 October 2023
Version 2.0.0_1843, released on 26 September 2023
- Updates
oauth2-proxy
from 7.4.0 to 7.5.0. - Updates
go
version to 1.21.1. - Dependency updates.
- Resolves CVE-2023-3978.
Version 2.0.0_1715, released on 9 August 2023
- Dependency updates.
Version 2.0.0_1669, released on 12 July 2023
- Updates
go
version to 1.20.5. - Resolves CVE-2023-32731.
Version 2.0.0_1528, released on 13 April 2023
- Adds support for the
cookie-refresh
configuration option foroauth2-proxy
. Using this feature might require additional configuration. For more information, see Adding App ID authentication to apps.
Version 2.0.0_1487, released on 1 March 2023
- Updates
go
version to 1.20.1. - Resolves CVE-2022-41723.
Version 2.0.0_1469, released on 22 February 2023
- Dependency updates.
- Base image changes.
Version 2.0.0_1420, released on 8 February 2023
- Updates
go
version to 1.19.5. - Adds support for multi-Ingress configurations.
Version 2.0.0_1354, released on 15 December 2022
- Updates
go
version to 1.19.4. - Resolves CVE-2022-41717.
Version 2.0.0_1315, released on 16 November 2022.
- Updates
oauth2-proxy
from version 7.3.0 to version 7.4.0. - Adds support for
cookie_csrf_expire
andcookie_csrf_per_request
configuration option foroauth2-proxy
.
Version 2.0.0_1297, released on 27 October 2022.
Resolves CVE-2022-32149.
Version 2.0.0_1265, released on 3 October 2022.
- Updates
oauth2-proxy
from version 7.2.0 to version 7.3.0. - Adds support for
oidc-extra-audience
configuration option foroauth2-proxy
. - Resolves CVE-2022-27664.
Version 2.0.0_1214, released on 12 September 2022.
Adds the whitelist-domains
configuration option to oauth2-proxy
.
Version 2.0.0_1187, released on 7 July 2022.
Version 2.0.0_1064, released on 4 May 2022.
Version 2.0.0_1023, released on 24 March 2022.
The add-on logic has changed. It does not add a configuration snippet annotation to the Ingress resources anymore. This change makes the add-on compatible with the default ALB configuration that disables the usage of snippet annotations.
Resolves CVE-2022-24921
Version 2.0.0_999, released on 28 February 2022.
Version 2.0.0_981, released on 10 February 2022.
This version addresses an issue that causes periodic restarts for the managed OAuth2 Proxy deployments.
Version 2.0.0_923, released on 26 January 2022.
Version 2.0.0_755, released on 19 November 2021.
Version 2.0.0_704, released on 15 September 2021.
Version 2.0.0 of the add-on supports IBM Cloud Kubernetes Service clusters 1.19 and later. Version 1.0.0 of the add-on supports IBM Cloud Kubernetes Service clusters 1.21 and earlier. If you want to upgrade your IBM Cloud Kubernetes Service cluster to 1.22 or later, you must upgrade the add-on from 1.0.0 to 2.0.0 before the cluster upgrade.
Version 1.0.0
As of 16 May 2022, version 1.0.0 of the add-on is no longer supported.
Version 1.0.0_1024, released on 24 March 2022.
Resolves CVE-2022-24921