We released an updated version of Apigee X (1-11-0-apigee-3)

## Announcement On September 11, 2023, we released an updated version of Apigee X (1-11-0-apigee-3). **Note:** Rollouts of this release to production instances will begin within two business days and may take four or more business days to be completed across all Google Cloud zones. Your instances may not have the features and fixes available until the rollout is complete. ## Fix | Bug ID | Description | | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | **296296456** | **Implemented fix to ensure that continueOnError is honored in the SpikeArest policy.** | | **229615887** | **The flow variable target.scheme is now set consistently with the target server URL.** | | **78106145** | **Fixed issue in the RegularExpressionProtection policy to ensure that multiple JSONPaths elements in a JSON payload are checked.** | | **294090782** | **Implemented fix to allow the Apigee runtime to connect to a target server using a wildcard CNAME that references a wildcard A record.** | | **285592278** | **Fixed issue with deduction of recurring fees from prepaid balances.** | | **N/A** | **Upgraded infrastructure and libraries.** | ## Security | Bug ID | Description | | -------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **296506425, 295936113, 295925991, 295688738, 296110120, 281112632** | **Security fix for apigee-runtime.** This addresses the following vulnerability: [CVE-2023-2976](https://nvd.nist.gov/vuln/detail/CVE-2023-2976) [CVE-2023-3635](https://nvd.nist.gov/vuln/detail/CVE-2023-3635) [CVE-2020-8908](https://nvd.nist.gov/vuln/detail/CVE-2020-8908) [CVE-2022-34169](https://nvd.nist.gov/vuln/detail/CVE-2022-34169) [CVE-2023-28867](https://nvd.nist.gov/vuln/detail/CVE-2023-28867) [CVE-2022-37734](https://nvd.nist.gov/vuln/detail/CVE-2022-37734) | | **287218068** | **Fixed security vulnerability to prevent header injection using flow variables.** |