We released an updated version of the Apigee hybrid software, v1.9.2
Share
Services
## Announcement
### hybrid v1.9.2
On May 2, 2023 we released an updated version of the Apigee hybrid software, v1.9.2.
* For information on upgrading, see [Upgrading Apigee hybrid to version 1.9](https://cloud.google.com/apigee/docs/hybrid/v1.9/upgrade).
* For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.9/big-picture).
## Fix
| Bug ID | Description |
| ------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **279053612** | **x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property.** See [istiod.forwardClientCertDetails](https://cloud.google.com/apigee/docs/hybrid/v1.9/config-prop-ref#istiod-forwardclientcertdetails) in the Configuration properties reference for details. |
| **278646149** | **In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected.** See [logger.livenessProbe.timeoutSeconds](https://cloud.google.com/apigee/docs/hybrid/v1.8/config-prop-ref#logger-livenessprobe-timeoutseconds) in the Configuration property reference. |
| **272212164** | **Cassandra CSI backup could clash with Azure default configuration.** The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. |
| **270371160** | **In Apigee hybrid v1.9.0, we removed certain insecure TLS ciphers.** Apigee hybrid supports the TLS cipher suites supported by the [Boring FIPS build of Envoy](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport%5Fsockets/tls/v3/common.proto.html). You can now specify specific cipher suites with the [virtualhosts.cipherSuites configuration property](https://cloud.google.com/apigee/docs/hybrid/v1.9/config-prop-ref#virtualhosts) in your overrides. |
## Security
| Bug ID | Description |
| ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **279194142** | **Fixes build issues to achieve FIPS compliance.** |
| **278313047** | **Security fixes for apigee-stackdriver-logging-agent.** This addresses the following vulnerabilities: [CVE-2022-32511](https://nvd.nist.gov/vuln/detail/CVE-2022-32511) [CVE-2022-29181](https://nvd.nist.gov/vuln/detail/CVE-2022-29181) [CVE-2022-24836](https://nvd.nist.gov/vuln/detail/CVE-2022-24836) [CVE-2022-0759](https://nvd.nist.gov/vuln/detail/CVE-2022-0759) [CVE-2021-41817](https://nvd.nist.gov/vuln/detail/CVE-2021-41817) [CVE-2021-41098](https://nvd.nist.gov/vuln/detail/CVE-2021-41098) [CVE-2021-32740](https://nvd.nist.gov/vuln/detail/CVE-2021-32740) [CVE-2021-28965](https://nvd.nist.gov/vuln/detail/CVE-2021-28965) [CVE-2020-8130](https://nvd.nist.gov/vuln/detail/CVE-2020-8130) [CVE-2020-25613](https://nvd.nist.gov/vuln/detail/CVE-2020-25613) [CVE-2019-3881](https://nvd.nist.gov/vuln/detail/CVE-2019-3881) |
| **277367440** | **Security fixes for Apigee Controller, Watcher, and apigeectl.** This addresses the following vulnerabilities: [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-28948](https://nvd.nist.gov/vuln/detail/CVE-2022-28948) |
| **273800965** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and synchronizer.** This addresses the following vulnerabilities: [CVE-2019-10172](https://nvd.nist.gov/vuln/detail/CVE-2019-10172) |
| **273800717** | **Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerabilities: [CVE-2022-46364](https://nvd.nist.gov/vuln/detail/CVE-2022-46364) [CVE-2022-46363](https://nvd.nist.gov/vuln/detail/CVE-2022-46363) |
What else is happening at Google Cloud Platform?
You can now set up AlloyDB clusters using a copy of your Cloud SQL for PostgreSQL backup
about 16 hours ago
Services
Share
If your GKE cluster was created before version 1.26, you can now migrate it to cgroupv2
about 19 hours ago
Services
Share
You can set up AlloyDB clusters using a copy of your Cloud SQL for PostgreSQL backup
about 20 hours ago
Services
Share
Read update
Services
Share