github-actions[bot]
commented
1 year ago @renovate[bot] Image is available for testing. docker pull stakater/forecastle:SNAPSHOT-PR-348-e9411ed9
Closed renovate[bot] closed 1 year ago
github-actions[bot]
commented
1 year ago @renovate[bot] Image is available for testing. docker pull stakater/forecastle:SNAPSHOT-PR-348-e9411ed9
This PR contains the following updates:
v2.9.6->v2.9.10GitHub Vulnerability Alerts
CVE-2023-29013
Impact
There is a vulnerability in Go when parsing the HTTP headers, which impacts Traefik. HTTP header parsing could allocate substantially more memory than required to hold the parsed headers. This behavior could be exploited to cause a denial of service.
References
Patches
Workarounds
No workaround.
For more information
If you have any questions or comments about this advisory, please open an issue.
Release Notes
traefik/traefik (github.com/traefik/traefik/v2)
### [`v2.9.10`](https://togithub.com/traefik/traefik/blob/HEAD/CHANGELOG.md#v2910-2023-04-06) [Compare Source](https://togithub.com/traefik/traefik/compare/v2.9.9...v2.9.10) [All Commits](https://togithub.com/traefik/traefik/compare/v2.9.9...v2.9.10) ### [`v2.9.9`](https://togithub.com/traefik/traefik/blob/HEAD/CHANGELOG.md#v299-2023-03-21) [Compare Source](https://togithub.com/traefik/traefik/compare/v2.9.8...v2.9.9) [All Commits](https://togithub.com/traefik/traefik/compare/v2.9.8...v2.9.9) **Bug fixes:** - **\[acme]** Update go-acme/lego to v4.10.2 ([#9749](https://togithub.com/traefik/traefik/pull/9749) by [ldez](https://togithub.com/ldez)) - **\[http3]** Update quic-go to v0.33.0 ([#9737](https://togithub.com/traefik/traefik/pull/9737) by [ldez](https://togithub.com/ldez)) - **\[metrics]** Include user-defined default cert for traefik_tls_certs_not_after metric ([#9742](https://togithub.com/traefik/traefik/pull/9742) by [rtribotte](https://togithub.com/rtribotte)) - **\[middleware]** Update vulcand/oxy to [`a0e9f7f`](https://togithub.com/traefik/traefik/commit/a0e9f7ff1040) ([#9750](https://togithub.com/traefik/traefik/pull/9750) by [ldez](https://togithub.com/ldez)) - **\[nomad]** Fix default configuration settings for Nomad Provider ([#9758](https://togithub.com/traefik/traefik/pull/9758) by [aofei](https://togithub.com/aofei)) - **\[nomad]** Fix Nomad client TLS defaults ([#9795](https://togithub.com/traefik/traefik/pull/9795) by [rtribotte](https://togithub.com/rtribotte)) - **\[server]** Remove User-Agent header removal from ReverseProxy director func ([#9752](https://togithub.com/traefik/traefik/pull/9752) by [rtribotte](https://togithub.com/rtribotte)) **Documentation:** - **\[middleware]** Clarify ratelimit middleware ([#9777](https://togithub.com/traefik/traefik/pull/9777) by [mpl](https://togithub.com/mpl)) - **\[tcp]** Correcting variable name 'server address' in TCP Router ([#9743](https://togithub.com/traefik/traefik/pull/9743) by [ralphg6](https://togithub.com/ralphg6)) ### [`v2.9.8`](https://togithub.com/traefik/traefik/blob/HEAD/CHANGELOG.md#v298-2023-02-15) [Compare Source](https://togithub.com/traefik/traefik/compare/v2.9.7...v2.9.8) [All Commits](https://togithub.com/traefik/traefik/compare/v2.9.7...v2.9.8) **Bug fixes:** - **\[server]** Update golang.org/x/net to v0.7.0 ([#9716](https://togithub.com/traefik/traefik/pull/9716) by [ldez](https://togithub.com/ldez)) ### [`v2.9.7`](https://togithub.com/traefik/traefik/blob/HEAD/CHANGELOG.md#v297-2023-02-14) [Compare Source](https://togithub.com/traefik/traefik/compare/v2.9.6...v2.9.7) [All Commits](https://togithub.com/traefik/traefik/compare/v2.9.6...v2.9.7) **Bug fixes:** - **\[acme]** Update go-acme/lego to v4.10.0 ([#9705](https://togithub.com/traefik/traefik/pull/9705) by [ldez](https://togithub.com/ldez)) - **\[ecs]** Prevent panicking when a container has no network interfaces ([#9661](https://togithub.com/traefik/traefik/pull/9661) by [rtribotte](https://togithub.com/rtribotte)) - **\[file]** Make file provider more resilient wrt first configuration ([#9595](https://togithub.com/traefik/traefik/pull/9595) by [mpl](https://togithub.com/mpl)) - **\[logs]** Differentiate UDP stream and TCP connection in logs ([#9687](https://togithub.com/traefik/traefik/pull/9687) by [rtribotte](https://togithub.com/rtribotte)) - **\[middleware]** Prevent from no rate limiting when average is zero ([#9621](https://togithub.com/traefik/traefik/pull/9621) by [witalisoft](https://togithub.com/witalisoft)) - **\[middleware]** Prevents superfluous WriteHeader call in the error middleware ([#9620](https://togithub.com/traefik/traefik/pull/9620) by [tomMoulard](https://togithub.com/tomMoulard)) - **\[middleware]** Sanitize X-Forwarded-Proto header in RedirectScheme middleware ([#9598](https://togithub.com/traefik/traefik/pull/9598) by [ldez](https://togithub.com/ldez)) - **\[plugins]** Update paerser to v0.2.0 ([#9671](https://togithub.com/traefik/traefik/pull/9671) by [ldez](https://togithub.com/ldez)) - **\[plugins]** Update Yaegi to v0.15.0 ([#9700](https://togithub.com/traefik/traefik/pull/9700) by [ldez](https://togithub.com/ldez)) - **\[tls,http3]** Bump quic-go to [`89769f4`](https://togithub.com/traefik/traefik/commit/89769f409f) ([#9685](https://togithub.com/traefik/traefik/pull/9685) by [mpl](https://togithub.com/mpl)) - **\[tls,tcp]** Adds the support for IPv6 in the TCP HostSNI matcher ([#9692](https://togithub.com/traefik/traefik/pull/9692) by [rtribotte](https://togithub.com/rtribotte)) **Documentation:** - **\[acme]** Add CNAME support and gotchas ([#9698](https://togithub.com/traefik/traefik/pull/9698) by [mpl](https://togithub.com/mpl)) - **\[acme]** Further Let's Encrypt ratelimit warnings ([#9627](https://togithub.com/traefik/traefik/pull/9627) by [hcooper](https://togithub.com/hcooper)) - **\[k8s]** Add info admonition about routing to k8 services ([#9645](https://togithub.com/traefik/traefik/pull/9645) by [svx](https://togithub.com/svx)) - **\[k8s]** Improve TLSStore CRD documentation ([#9579](https://togithub.com/traefik/traefik/pull/9579) by [mloiseleur](https://togithub.com/mloiseleur)) - **\[middleware]** doc: add note about remoteaddr strategy ([#9701](https://togithub.com/traefik/traefik/pull/9701) by [mpl](https://togithub.com/mpl)) - Update copyright to match new standard ([#9651](https://togithub.com/traefik/traefik/pull/9651) by [paulocfjunior](https://togithub.com/paulocfjunior)) - Update copyright for 2023 ([#9631](https://togithub.com/traefik/traefik/pull/9631) by [kevinpollet](https://togithub.com/kevinpollet)) - Update submitting pull requests to include language about drafts ([#9609](https://togithub.com/traefik/traefik/pull/9609) by [tfny](https://togithub.com/tfny))Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.