v1.12.8
cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.
⚠️ Known Issues
-
ACME Issuer (Let's Encrypt): wrong certificate chain may be used if preferredChain is configured: see release docs for more info and mitigations
-
If you misconfigure two Certificate resources to have the same target Secret resource, cert-manager will generate a MANY CertificateRequests, possibly causing high CPU usage and/ or high costs due to the large number of certificates issued (see #6406).
This problem was resolved in v1.13.2 and other later versions, but the fix cannot be easily backported to v1.12.x. We recommend using v1.12.x with caution (avoid misconfigured Certificate resources) or upgrading to a newer version.
ℹ️ Documentation
Release notes
Upgrade notes
Installation instructions
🔧 Breaking changes
See Breaking changes in v1.12.0 release notes
📜 Changes since v1.12.7
Bug or Regression
- BUGFIX: LiteralSubjects with a #= value can result in memory issues due to faulty BER parser (github.com/go-asn1-ber/asn1-ber). (#6773, @jetstack-bot)
Other (Cleanup or Flake)
- Bump go to 1.20.14 (#6733, @SgtCoDFish)
- Cert-manager is now built with Go 1.20.13 (#6629, @SgtCoDFish)
- Fix CVE 2023 48795 by upgrading to golang.org/x/crypto@v0.17.0 (#6678, @wallrj)
- Fix GHSA-7ww5-4wqc-m92c by upgrading to
github.com/containerd/containerd@v1.7.12
(#6689, @wallrj)