Merge pull request #96 from SUSE/release_4.2.10

Release v4.2.10
SUSE · Oct 26, 2023 · 3a6ffb2 · 3a6ffb2
2 parents 896ca76 + a0faab1
commit 3a6ffb2
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 1 deletion.
diff --git a/adoc/MAIN.release-notes.adoc b/adoc/MAIN.release-notes.adoc
@@ -22,6 +22,8 @@ To make such entries easier to identify, they contain a note to that effect.
 
 // Release specific files, latest on top!
 //include::release-5.0.0.adoc[Release 5.0.0]
+include::release-4.2.10.adoc[Release 4.2.10]
+
 include::release-4.2.9.adoc[Release 4.2.9]
 
 include::release-4.2.8.adoc[Release 4.2.8]

diff --git a/adoc/attributes.adoc b/adoc/attributes.adoc
@@ -27,7 +27,7 @@
 :cilium_docs_version: v{cilium_release}
 :envoy_version: 1.12.2
 :etcd_version: 3.4.13
-:skuba_version: 1.4.16
+:skuba_version: 1.4.17
 :dex_version: 2.16.0
 :gangway_version: 3.1.0
 :metrics-server_version: 0.3.6

diff --git a/adoc/release-4.2.10.adoc b/adoc/release-4.2.10.adoc
@@ -0,0 +1,13 @@
+== Changes in 4.2.10
+
+=== Cilium Update
+
+4.2.10 brings in a Cilium addon rebuild to include fixes for bsc#1215713. More specific, the build of Cilium and Envoy now includes a patched version of nghttp2 codec.
+
+=== Required Actions
+
+* Run `skuba addons upgrade apply` to update Cilium images to rev6 which has the bug fixes to be installed.
+
+=== Bugs Fixed in 4.2.10 since 4.2.9
+
+* link:https://bugzilla.suse.com/show_bug.cgi?id=1215713[bsc#1215713] [cilium] VUL-0: CVE-2023-35945: nghttp2: HTTP/2 memory leak in nghttp2 codec