enterprise-2.14.10-14
October 14, 2024
- Update Go containerd dependency in
controller
for both non-FIPS and FIPS to remediate GHSA-7ww5-4wqc-m92c - Update Go from 1.22.5 to 1.23.2 in
controller
,proxy
, andproxy-init
for both non-FIPS and FIPS to remediate CVE-2024-34155, CVE-2024-34156, and CVE-2024-34158 - Update
libssl3
inextension-init
andpolicy-controller
for FIPS and inproxy
for both non-FIPS and FIPS to remediate CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, and CVE-2024-6119 - Update
openssl
inextension-init
andpolicy-controller
for FIPS to remediate CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255, CVE-2023-2650, CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-4807, CVE-2023-5363, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727, CVE-2024-2511, CVE-2024-4603, CVE-2024-5535, and CVE-2024-6119 - Update
libcrypto3
andlibssl3
inproxy-init
for both non-FIPS and FIPS to remediate CVE-2024-6119
To upgrade with BEL’s lifecycle automation operator, you will need Buoyant Extension version v0.32.1 or later.