Skip to content

v1.11.1

Choose a tag to compare

View all tags
@koponen-styra koponen-styra released this 15 Aug 09:01
· 132 commits to main since this release
v1.11.1
3239dbf

This is a bug fix release addressing the following security issue:

OpenTelemetry-Go Contrib security fix CVE-2023-45142:

Denial of service in otelhttp due to unbound cardinality metrics.

Note: GO-2023-2102 was fixed in v1.11.0

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption.

Assets 8
Loading