We released an updated version of the Apigee hybrid software, v1.9.2
Share
Services
## Announcement
### hybrid v1.9.2
On May 2, 2023 we released an updated version of the Apigee hybrid software, v1.9.2.
* For information on upgrading, see [Upgrading Apigee hybrid to version 1.9](https://cloud.google.com/apigee/docs/hybrid/v1.9/upgrade).
* For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.9/big-picture).
## Fix
| Bug ID | Description |
| ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **279053612** | **x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property.** See [istiod.forwardClientCertDetails](https://cloud.google.com/apigee/docs/hybrid/v1.9/config-prop-ref#istiod-forwardclientcertdetails) in the Configuration properties reference for details. |
| **278646149** | **In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected.** See [logger.livenessProbe.timeoutSeconds](https://cloud.google.com/apigee/docs/hybrid/v1.8/config-prop-ref#logger-livenessprobe-timeoutseconds) in the Configuration property reference. |
| **272212164** | **Cassandra CSI backup could clash with Azure default configuration.** The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. |
| **270371160** | **In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers.** Apigee hybrid supports the TLS cipher suites supported by the [Boring FIPS build of Envoy](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport%5Fsockets/tls/v3/common.proto.html). You can now specify specific cipher suites with the [virtualhosts.cipherSuites configuration property](https://cloud.google.com/apigee/docs/hybrid/v1.9/config-prop-ref#virtualhosts) in your overrides. |
## Security
| Bug ID | Description |
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **279194142** | **Fixes build issues to achieve FIPS compliance.** |
| **278313047** | **Security fixes for apigee-stackdriver-logging-agent.** This addresses the following vulnerabilities: [CVE-2022-32511](https://nvd.nist.gov/vuln/detail/CVE-2022-32511) [CVE-2022-29181](https://nvd.nist.gov/vuln/detail/CVE-2022-29181) [CVE-2022-24836](https://nvd.nist.gov/vuln/detail/CVE-2022-24836) [CVE-2022-0759](https://nvd.nist.gov/vuln/detail/CVE-2022-0759) [CVE-2021-41817](https://nvd.nist.gov/vuln/detail/CVE-2021-41817) [CVE-2021-41098](https://nvd.nist.gov/vuln/detail/CVE-2021-41098) [CVE-2021-32740](https://nvd.nist.gov/vuln/detail/CVE-2021-32740) [CVE-2021-28965](https://nvd.nist.gov/vuln/detail/CVE-2021-28965) [CVE-2020-8130](https://nvd.nist.gov/vuln/detail/CVE-2020-8130) [CVE-2020-25613](https://nvd.nist.gov/vuln/detail/CVE-2020-25613) [CVE-2019-3881](https://nvd.nist.gov/vuln/detail/CVE-2019-3881) |
| **277367440** | **Security fixes for Apigee Controller, Watcher, and apigeectl.** This addresses the following vulnerabilities: [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-28948](https://nvd.nist.gov/vuln/detail/CVE-2022-28948) |
| **273800965** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and synchronizer.** This addresses the following vulnerabilities: [CVE-2019-10172](https://nvd.nist.gov/vuln/detail/CVE-2019-10172) |
| **273800717** | **Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerabilities: [CVE-2022-46364](https://nvd.nist.gov/vuln/detail/CVE-2022-46364) [CVE-2022-46363](https://nvd.nist.gov/vuln/detail/CVE-2022-46363) |
What else is happening at Google Cloud Platform?
AWS Glue federated datasets are now generally available (GA)
about 8 hours ago
Services
Share
GKE cluster versions have been updated. New versions available for upgrades and new clusters
about 10 hours ago
Services
Share
Read update
Services
Share
Migrate to Virtual Machines now supports importing virtual disk image files in the following formats
about 14 hours ago
Services
Share