Skip to content

Releases: cyberark/conjur

v1.7.2

08 Jun 18:39
e336a1d
Compare
Choose a tag to compare
v1.7.2 Pre-release
Pre-release

Changelog

Fixed

  • The Conjur version is now printed on server startup, after running conjurctl server (#1590)
  • Raise proper error of an authn request with a non-existing user to the authn authenticator (#1591)

v1.7.1

03 Jun 20:23
898b921
Compare
Choose a tag to compare
v1.7.1 Pre-release
Pre-release

Change log

Added

Fixed

v1.7.0

29 May 20:42
fadf83c
Compare
Choose a tag to compare
v1.7.0 Pre-release
Pre-release

Change log

Fixed

Changed

  • Updated the title of status page to Conjur Status from Conjur (conjurinc/dap-support) - PR.
  • Policy load API endpoints now default to the application/x-yaml content-type if no content type is provided in the request (conjurinc/dap-support#74) - PR.
  • ActiveSupport uses SHA1 instead of MD5 (cyberark/conjur#1418).
  • Authentication audit events now use separate operations for authenticate,
    login, and validate-status workflows
    (cyberark/conjur#1054).
  • Authentication workflow checks origin before credentials to insure a request can authenticate before authenticating (cyberark/conjur#1568).

Added

  • The Kubernetes authentication /inject-client-cert endpoint now generates
    an authentication audit event with the k8s-inject-client-cert operation
    (cyberark/conjur#1538).
  • Adds a CertMissingCNEntry error to improve visibility of Kubernetes authenticator failures (cyberark/conjur#1278).
  • Logs the authenticator used when the authentication-container-name annotation is missing (conjurinc/dap-support#69) - PR.

Removed

  • Images are no longer published to Quay.io.

Security

v1.6.0

16 Apr 22:17
5246c22
Compare
Choose a tag to compare
v1.6.0 Pre-release
Pre-release

Changelog

Changed

  • Use Ubuntu 18.04 LTS as the base image for Conjur to continue using Ruby 2.5
    (cyberark/conjur#1456).
  • Conjur image now performs a dist-upgrade as the first image build step to
    ensure the image includes all available vulnerability fixes in the base OS.
  • Upgrade from Rails 4 to Rails 5

v1.5.1

26 Mar 17:07
Compare
Choose a tag to compare
v1.5.1 Pre-release
Pre-release

Change log

Fixed

  • Status page details section now displays the Conjur version number #1438.

v1.5.0

24 Mar 22:01
Compare
Choose a tag to compare

Change log

Added

Changed

  • Lock rotators to prevent multiple rotations from incurring simultaneously.

Fixed

  • Fix support for using deployment as K8s authentication resource type for Kubernetes >= 1.16
    (#1440)

v1.4.7

18 Mar 16:27
Compare
Choose a tag to compare

Change log

Changed

  • Improved flows and rules around user creation (#1272)
  • Kubernetes authenticator now returns 403 on unpermitted hosts instead of a 401 (#1283)
  • Conjur hosts can authenticate with authn-k8s from anywhere in the policy branch (#1189)

Fixed

  • Updated broken links on server status page (#1341)

v1.4.6

21 Jan 20:02
Compare
Choose a tag to compare

Changed

  • K8s hosts' application identity is extracted from annotations or id. If it is
    defined in annotations it will taken from there and if not, it will be taken
    from the id.

v1.4.4

23 Dec 15:34
Compare
Choose a tag to compare

v1.4.4

v1.4.3 -> v1.4.4

Added

  • Early validation of account existence during OIDC authentication
  • Code coverage reporting and collection

Changed

  • Bumped puma from 3.12.0 to 3.12.2
  • Bumped rack from 1.6.11 to 1.6.12
  • Bumped excon from 0.62.0 to 0.71.0

Fixed

  • Fixed password rotation of blank password
  • Fixed bug with multi-cert CA chains in Kubernetes service accounts
  • Fixed build issues with creating namespaces with multiple values

Removed

  • Removed follower env configuration

v1.3.6

19 Feb 17:22
6a3e00c
Compare
Choose a tag to compare

Changed

  • Reduced IAM authentication logging
  • Refactored authentication strategies

Removed

  • Removed OIDC APIs public access