cert-manager(v1.18.6): Crucial Go Toolchain Security Update and Base Image Refresh
📋 Recommended Actions ⚠️ Action Required Immediate upgrade is highly recommended to address CVE-2024-24791 and benefit from the latest security patches in underlying dependencies. 📝 Summary cert-manager v1.18.6 delivers critical security enhancements, primarily addressing the CVE-2024-24791 vulnerability found in the Go standard library’s HTTP/2 implementation. This high-severity fix mitigates a potential denial-of-service risk, making an immediate upgrade essential for operational security. Beyond the Go toolchain bump to 1.24.13, this release also incorporates refreshed distroless base images (Debian 12). These updates bring the latest security patches from the Debian ecosystem, ensuring a more robust and secure runtime environment for your cert-manager deployments. No new features or breaking changes are introduced; this is a focused stability and security release. Operations engineers should prioritize this update to safeguard their Kubernetes clusters and maintain certificate issuance integrity. Review the release notes for full details. ...