Skip to content

v1.0.4
Compare
Choose a tag to compare
@bettio bettio released this 26 Sep 15:52
· 93 commits to master since this release
v1.0.4
This tag was signed with the committer’s verified signature.
bettio Davide Bettio
GPG key ID: 1613A7014CCCBD1C
Learn about vigilant mode.
c6ec413
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Fourth Astarte 1.0 maintenance release.

Official docker image security notice: please, make sure to update to 1.0.4 version, in order to fix CVE-2022-37026.

[1.0.4] - 2022-09-26

Fixed

  • Do not let VerneMQ container start unless the CA cert is retrieved from CFSSL.
  • Prevent the connection from timing out when the client takes more than 5 seconds to perform the
    SSL handshake

Security

  • Rebuild official docker image (updates OTP to 23.3.4.17), in order to fix CVE-2022-37026.
Assets 2
Loading