forked from pool/traefik
Alexandre Vicenzi
2f45f4d85c
Update to version 2.9.6 CVE-2022-41717 - bsc#1207208 OBS-URL: https://build.opensuse.org/request/show/1058863 OBS-URL: https://build.opensuse.org/package/show/devel:kubic/traefik?expand=0&rev=16
210 lines
10 KiB
Plaintext
210 lines
10 KiB
Plaintext
-------------------------------------------------------------------
|
|
Tue Jan 17 09:48:46 UTC 2023 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.9.6:
|
|
* CVEs
|
|
* CVE-2022-23469
|
|
* CVE-2022-46153
|
|
* CVE-2022-41717
|
|
* Bug fixes
|
|
* [acme] Update go-acme/lego to v4.9.1
|
|
* [k8s/crd] Support of allowEmptyServices in TraefikService
|
|
* [logs] Remove logs of the request
|
|
* [plugins] Increase the timeout on plugin download
|
|
* [server] Update golang.org/x/net (CVE-2022-41717, bsc#1207208)
|
|
* [tls] Handle broken TLS conf better
|
|
* [tracing] Update DataDog tracing dependency to v1.43.1
|
|
* [webui] Add missing serialNumber passTLSClientCert option to middleware panel
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Nov 28 12:10:58 UTC 2022 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.9.5:
|
|
* Enhancements
|
|
* [acme,tls] ACME Default Certificate
|
|
* [consul,etcd,zk,kv,redis] Update valkeyrie to v1.0.0
|
|
* [consulcatalog,nomad] Support Nomad canary deployment
|
|
* [consulcatalog] Move consulcatalog provider to only use health apis
|
|
* [docker] Add support for reaching containers using host networking on Podman
|
|
* [docker] Use IPv6 address
|
|
* [docker] Add allowEmptyServices for Docker provider
|
|
* [ecs] Add support for ECS Anywhere
|
|
* [healthcheck] Add a method option to the service Health Check
|
|
* [http3] Upgrade quic-go to v0.28.0
|
|
* [http] Start polling HTTP provider at the beginning
|
|
* [k8s/crd,plugins] Load plugin configuration field value from Kubernetes Secret
|
|
* [logs,tcp] Quiet down TCP RST packet error on read operation
|
|
* [metrics] Add traffic size metrics
|
|
* [middleware,pilot] Remove Pilot support
|
|
* [rules,tcp] Support ALPN for TCP + TLS routers
|
|
* [tcp,service,udp] Make the loadbalancers servers order random
|
|
* [tls] Change default TLS options for more security
|
|
* [tracing] Add Datadog GlobalTags support
|
|
* Bug fixes
|
|
* [logs,middleware] Create a new capture instance for each incoming request
|
|
* [acme] Update go-acme/lego to v4.9.0
|
|
* [kv,redis] Fix Redis configuration type
|
|
* [logs,middleware,metrics] Handle capture on redefined http.responseWriters
|
|
* [middleware,k8s] Remove raw cert escape in PassTLSClientCert middleware
|
|
* [plugins] Update Yaegi to v0.14.3
|
|
* Remove side effect on default transport tests
|
|
* [acme] Fix ACME panic
|
|
* [server] Update golang.org/x/net to latest version
|
|
* [consulcatalog] Fix UDP loadbalancer tags not being used with Consul Catalog
|
|
* [docker,rancher,ecs,provider] Simplify AddServer algorithm
|
|
* [plugins] Allow empty plugin configuration
|
|
* [rules] Fix query parameter matching with equal
|
|
* [server] Optimize websocket headers handling
|
|
* [plugins] Update Yaegi to v0.14.2
|
|
* [server] Fix IPv6 addr with square brackets
|
|
* [webui,api] Display default TLS options in the dashboard
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 07 10:11:41 UTC 2022 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.8.4:
|
|
* Enhancements
|
|
* [consul,consulcatalog] Support multiple namespaces for Consul and ConsulCatalog providers
|
|
* [logs] Add destination address to debug log
|
|
* [middleware,provider,tls] Deprecate caOptional option in client TLS configuration
|
|
* [middleware] Support URL replacement in errors middleware
|
|
* [middleware] Allow config of additional CircuitBreaker params
|
|
* [provider] Implement Traefik provider for Nomad orchestrator
|
|
* [server] Allow HTTP/2 max concurrent stream configuration
|
|
* [tls,k8s/crd] Support certificates configuration in TLSStore CRD
|
|
* [webui,pilot,hub] Add Traefik Hub button and deprecate Pilot
|
|
* [webui,plugins] Reach the catalog of plugins from the Traefik dashboard
|
|
* Bug fixes
|
|
* [docker,docker/swarm] Fix Docker provider mem leak on operation retries
|
|
* [middleware] Fix retry middleware on panic
|
|
* [plugins] Allow Traefik starting even if plugin service is unavailable
|
|
* [marathon] Add missing context in backoff for Marathon
|
|
* [k8s/ingress,k8s] Place namespace before name in router key for Ingress
|
|
* [logs,middleware,tracing] Remove request dump from IPWhitelist debug log and tracing message
|
|
* [metrics] Control allocation and copy of labelNamesValues type
|
|
* [metrics] Fix service up gauge for Prometheus metrics
|
|
* [yaml] Add missing inline tag for YAML serialization
|
|
* [middleware,metrics] Improve performances when Prometheus metrics are enabled
|
|
* [middleware] Support forwarded websocket protocol in RedirectScheme
|
|
* [nomad] Use configured token in the Nomad client
|
|
* [metrics] Ensure Datadog client is cleanly stopped
|
|
* [healthcheck,service] Do not make multiple requests to the same URL for balancer healthcheck
|
|
* [healthcheck,service] Add log when missing path in health check
|
|
* [k8s/gatewayapi] Allow multiple listeners on same port in Gateway API provider
|
|
* [middleware] RedirectScheme redirects based on X-Forwarded-Proto header
|
|
* [rules] Fix HostRegexp and Query muxers
|
|
* [logs] Fix invalid placeholder in log message
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 07 08:27:42 UTC 2022 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.7.0:
|
|
* Enhancements
|
|
* [consulcatalog] Watch for Consul events to rebuild the dynamic configuration
|
|
* [healthcheck] Add Failover service
|
|
* [http3] Configure advertised port using h3 server option
|
|
* [hub] Add Traefik Hub Integration
|
|
* [k8s/crd,k8s] Allow empty services in Kubernetes CRD
|
|
* [metrics] Support InfluxDB v2 metrics backend
|
|
* [plugins] Remove Pilot token setup constraint to use plugins
|
|
* [provider] Refactor configuration reload/throttling
|
|
* [rules,tcp] Add HostSNIRegexp rule matcher for TCP
|
|
* [tcp] Add muxer for TCP Routers
|
|
* [webui,pilot] Add Traefik Hub access and remove Pilot access
|
|
* [webui] Add a link to service on router detail view
|
|
* Bug fixes
|
|
* [hub] Skip Provide when TLS is nil
|
|
* [tcp] Fix TCP-TLS/HTTPS routing precedence
|
|
* [webui,hub] Use dedicated entrypoint for the tunnels
|
|
* [logs,k8s/crd] Fix log statement for ExternalName misconfig
|
|
* [tcp,service] Fix initial tcp lookup when address is not available
|
|
* [tls] Fix panic when getting certificates with non-existing store
|
|
* [acme] Fix RenewInterval computation in ACME provider
|
|
* [ecs,logs] Remove duplicate error logs
|
|
* [ecs] Filter out ECS anywhere instance IDs
|
|
* [middleware] Re-add missing writeheader call in flush
|
|
* [middleware] Fix bug for when custom page is large enough
|
|
* [middleware] Fix regexp handling in redirect middleware
|
|
* [plugins] Fix slice parsing for plugins
|
|
* [tls] Return TLS unrecognized_name error when no certificate is available
|
|
* [acme] Add domain to HTTP challenge errors
|
|
* [metrics] Fix metrics bucket key high cardinality
|
|
* [middleware,tls] Use CNAME for SNI check on host header
|
|
* [middleware,tracing] Rename Datadog span tags
|
|
* [tls] Apply the same approach as the rules system on the TLS configuration choice
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 04 13:37:58 UTC 2022 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.6.0:
|
|
* Updated Kubernetes Gateway API provider
|
|
* Consul Enterprise support
|
|
* Consul Connect support
|
|
* Inflight request middleware for TCP routers
|
|
* HTTP/3 support (experimental)
|
|
* Added support for loading plugins directly from the filesystem (Local Plugins)
|
|
* Added ability to create Provider Plugins
|
|
* Added TCP Middleware
|
|
* Kubernetes 1.22 API changes
|
|
* Dropped support for Ingress API versions extensions/v1beta1
|
|
* Updated Traefik Proxy CRDs to use API apiextensions.k8s.io/v1
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 28 15:46:39 UTC 2021 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.4.12:
|
|
* Get Kubernetes server version early
|
|
* Don't remove ingress config on API call failure
|
|
* Ratelimiter: use correct ttlSeconds value, and always call Set
|
|
* Check if defaultcertificate is defined in store
|
|
* Disable ExternalName Services by default on Kubernetes providers
|
|
* Fix: malformed Kubernetes resource names and references in tests
|
|
* Disable Cross-Namespace by default for IngressRoute provider
|
|
* Accesslog: support multiple values for a given header
|
|
* Ignore http 1.0 request host missing errors
|
|
* Headers Middleware: support http.CloseNotifier interface
|
|
* Detect certificates content modifications
|
|
* Update go-acme/lego to v4.4.0
|
|
* Fix: ACME preferred chain.
|
|
* Remove error when HTTProutes is empty
|
|
* Fix incorrect behaviour with multi-port endpoint subsets
|
|
* Kubernetes ingress provider to search via all endpoints
|
|
* Fix plugin unzip call on windows
|
|
* Update Yaegi to v0.9.17
|
|
* Bump paerser to v0.1.4
|
|
* Create buffered signals channel
|
|
* Fix: use defaultEntryPoints when no entryPoint is defined in a TCPRouter
|
|
* Use a dynamic buffer to handle client Hello SNI detection
|
|
* Error span on 5xx only
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 19 09:06:54 UTC 2021 - Bernhard Wiedemann <bwiedemann@suse.com>
|
|
|
|
- Allow to override build date with SOURCE_DATE_EPOCH
|
|
in order to make builds reproducible (boo#1047218)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 29 10:07:36 UTC 2021 - alexandre.vicenzi@suse.com
|
|
|
|
- Update to version 2.4.8:
|
|
* Prepare release v2.4.8
|
|
* Raise errors for non-ASCII domain names in a router's rules
|
|
* Adding an option to (de)activate Pilot integration into the Traefik dashboard
|
|
* Doc: improve basic auth middleware httpasswd example
|
|
* Add missing `traefik.` prefix across sample config
|
|
* Fix travis docker image pulling for docs
|
|
* updating docs to remove a no longer needed note
|
|
* Update to gateway-api v0.2.0
|
|
* server: updating go-proxyproto with security bugfix from upstream
|
|
* Update go-acme/lego to v4.3.1
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 10 14:50:22 UTC 2019 - pgeorgiadis@suse.com
|
|
|
|
- Initial package release to version 1.7.7:
|
|
* Check for watched namespace before getting kubernetes objects
|
|
* Allow empty path with App-root annotation
|
|
* kubernetes: sort and uniq TLS secrets
|
|
* Skip TLS section with no secret in Kubernetes ingress
|