v1.12.6
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
v1.12.6 fixes some CVE alerts and a Venafi issuer bug.
Known bugs
If you misconfigure two Certificate resources to have the same target Secret resource, cert-manager will generate a MANY CertificateRequests, possibly causing high CPU usage and/ or high costs due to the large number of certificates issued (see #6406).
This problem was resolved in v1.13.2 and other later versions, but the fix cannot be easily backported to v1.12.x. We recommend using v1.12.x with caution (avoid misconfigured Certificate resources) or upgrading to a newer version.
Changes since v1.12.5
Bug or Regression
- Bump golang.org/x/net v0.15.0 => v0.17.0 as part of addressing CVE-2023-44487 / CVE-2023-39325 (#6431, @SgtCoDFish)
- The Venafi issuer now properly resets the certificate and should no longer get stuck with
WebSDK CertRequest Module Requested Certificate
orThis certificate cannot be processed while it is in an error state. Fix any errors, and then click Retry.
. (#6401, @maelvls)
Other (Cleanup or Flake)
- Bump go to 1.20.10 to address CVE-2023-39325. Also bumps base images. (#6412, @SgtCoDFish)