Maintained with ☕️ by
IcePanel logo

We released an updated version of the Apigee hybrid software, v1.8.7

Share

Services

## Announcement ### hybrid v1.8.7 On May 8, 2023 we released an updated version of the Apigee hybrid software, v1.8.7. * For information on upgrading, see [Upgrading Apigee hybrid to version 1.8](https://cloud.google.com/apigee/docs/hybrid/v1.8/upgrade). * For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.8/big-picture). ## Fix | Bug ID | Description | | ----------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **279053612** | **x-forwarded-client-cert (XFCC) HTTP headers handled with the istiod.forwardClientCertDetails configuration property.** See [istiod.forwardClientCertDetails](https://cloud.google.com/apigee/docs/hybrid/v1.8/config-prop-ref#istiod-forwardclientcertdetails) in the Configuration properties reference for details. | | **278646149** | **In certain circumstances, the logger.livenessProbe.timeoutSeconds configuration property was not working as expected.** See [logger.livenessProbe.timeoutSeconds](https://cloud.google.com/apigee/docs/hybrid/v1.8/config-prop-ref#logger-livenessprobe-timeoutseconds) in the Configuration property reference. | | **QUESTION 1.8.7 too? - 272212164** | **Cassandra CSI backup could clash with Azure default configuration.** The CSI backup script has been fixed to prevent a resource naming issue that could cause backups to fail. | | **270371160** | **In Apigee hybrid v1.8.7, we removed certain insecure TLS ciphers.** Apigee hybrid supports the TLS cipher suites supported by the [Boring FIPS build of Envoy](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport%5Fsockets/tls/v3/common.proto.html). You can now specify specific cipher suites with the [virtualhosts.cipherSuites configuration property](https://cloud.google.com/apigee/docs/hybrid/v1.8/config-prop-ref#virtualhosts) in your overrides. | ## Security | Bug ID | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **279194142** | **Fixes build issues to achieve FIPS compliance.** | | **277367440** | **Security fixes for Apigee Controller, Watcher, and apigeectl.** This addresses the following vulnerabilities: [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-28948](https://nvd.nist.gov/vuln/detail/CVE-2022-28948) | | **273800965** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-runtime, and synchronizer.** This addresses the following vulnerabilities: [CVE-2019-10172](https://nvd.nist.gov/vuln/detail/CVE-2019-10172) | | **273800717** | **Security fixes for apigee-emulator, apigee-diagnostics-collector, apigee-mart-serve, apigee-mint-task-scheduler, apigee-mock-server, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerabilities: [CVE-2022-46364](https://nvd.nist.gov/vuln/detail/CVE-2022-46364) [CVE-2022-46363](https://nvd.nist.gov/vuln/detail/CVE-2022-46363) |