Maintenance

📋 Recommended Actions ⚠️ Action Required Immediate patching is highly recommended to address CVE-2024-29018, a high-severity vulnerability in the gRPC dependency. Review updated E2E testing procedures if you maintain custom CI workflows. 📝 Summary cert-manager v1.19.5 delivers essential security and maintenance updates, crucial for maintaining a robust certificate management infrastructure. This release directly addresses CVE-2024-29018, a high-severity vulnerability in the gRPC dependency that could lead to CPU exhaustion. Upgrading promptly is vital to protect your systems. Beyond security, we’ve bumped the core Go runtime to version 1.25.9 and updated numerous transitive dependencies like golang.org/x/crypto and cel.dev/expr to ensure improved stability and performance. Internal CI/CD workflows also see significant enhancements, including support for Kubernetes 1.35 and a migration of upgrade E2E tests to leverage Helm OCI registries. Minor textual cleanups in CRD descriptions also enhance clarity. These updates balance critical security fixes with ongoing platform compatibility and foundational improvements. Upgrade to secure your deployments and benefit from these stability enhancements. ...

📋 Recommended Actions ⚠️ Action Required Immediate review and upgrade recommended to incorporate the latest proxy stability and potential security enhancements. 📝 Summary Istio 1.26.6 delivers a crucial stability and performance update. This patch primarily refreshes the underlying Envoy proxy, incorporating the latest fixes and improvements from the Envoy ‘release-1.26’ branch. While this is a focused update with no new features, it’s vital for ensuring your service mesh benefits from enhanced proxy robustness and potential upstream security patches. Operations engineers should review this release promptly and plan for a timely upgrade to maintain optimal performance and security posture. This release reinforces Istio’s foundation, ensuring your applications run on the most stable and secure proxy available in the 1.26 series. ...