Maintained with ☕️ by
IcePanel logo
StackFeed logo
Google Cloud Platform logo
Original post

We released an updated version of the Apigee hybrid software, v1.11.0

Share

Services

## Announcement On November 17, 2023 we released an updated version of the Apigee hybrid software, v1.11.0. * For information on upgrading, see [Upgrading Apigee hybrid to version v1.11.0](https://cloud.google.com/apigee/docs/hybrid/v1.11/upgrade). * For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.11/big-picture). ## Feature **Helm charts management for Apigee hybrid** Starting in version v1.11, you have the choice of installing and managing your clusters with either Helm or `apigeectl`. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See [Apigee hybrid Helm charts reference](https://cloud.google.com/apigee/docs/hybrid/v1.11/helm-reference). ## Feature **Vault integration for Cassandra credentials (preview)** Starting in version v1.11, you can store Cassandra credentials in Hashicorp Vault. **Note:** Using Vault requires Helm management of your Apigee installation. See [Storing Cassandra credentials in Hashicorp Vault](https://cloud.google.com/apigee/docs/hybrid/v1.11/storing-cassandra-secrets-in-vault). Vault integration is in preview as of the Apigee hybrid 1.11 release. ## Feature **Kubernetes Tolerations** Starting in version v1.11, Apigee hybrid supports Kubernetes Tolerations. See [Using Kubernetes Tolerations](https://cloud.google.com/apigee/docs/hybrid/v1.11/tolerations). ## Feature **Apigee Advance API Security Actions for Apigee hybrid** Advanced API Security's new [Security Actions](https://cloud.google.com/apigee/docs/api-security/security-actions) feature is now available in Apigee hybrid. ## Fix | Bug ID | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **295929616** | **Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues.** (Fixed in Apigee hybrid v1.10.3) | | **294069799** | **Updated the security context settings for the Apigee Hybrid Backup and Restore pod.** | | **292571089** | **An error with support for CSI backup and restore for Cassandra was fixed.** (Fixed in Apigee hybrid v1.10.3) | | **292118812** | **Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration.** (Fixed in Apigee hybrid v1.10.2) | | **289254725** | **Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy.** (Fixed in Apigee hybrid v1.10.1) | | **287321226** | **Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation.** (Fixed in Apigee hybrid v1.10.3) | | **240180122** | **Disable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init".** If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC\_LOCK and SYS\_RESOURCES. (Fixed in Apigee hybrid v1.11.0) | | **205666368** | **Fixed issue with default validation of TLS target endpoint certificates.** To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block. See [About setting TLS options in a target endpoint or target server](https://cloud.google.com/apigee/docs/api-platform/system-administration/options-configuring-tls#about-setting-tls-options-in-a-target-endpoint-target-server). See also [Known Issue #205666368](https://cloud.google.com/apigee/docs/release/known-issues#205666368). (Fixed in Apigee hybrid v1.10.3-hotfix.1) | | **158132963** | **Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts.** (Fixed in Apigee hybrid v1.10.2) | ## Security | Bug ID | Description | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **303292806** | **Set backup utility to only connect to Cassandra server pods in the apigee namespace.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **300542690** | **Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **297938600, 297938559, 297938486, 294892344** | **Security fixes for apigee-diagnostics-collector.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1436](https://nvd.nist.gov/vuln/detail/CVE-2023-1436) [CVE-2022-45693](https://nvd.nist.gov/vuln/detail/CVE-2022-45693) [CVE-2022-45685](https://nvd.nist.gov/vuln/detail/CVE-2022-45685) [CVE-2022-40150](https://nvd.nist.gov/vuln/detail/CVE-2022-40150) | | **297938498, 297938487** | **Security fixes for apigee-fluent-bit.**(Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-2650](https://nvd.nist.gov/vuln/detail/CVE-2023-2650) [CVE-2023-0464](https://nvd.nist.gov/vuln/detail/CVE-2023-0464) | | **297938441** | **Security fixes for apigee-runtime.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1370](https://nvd.nist.gov/vuln/detail/CVE-2023-1370) [CVE-2021-31684](https://nvd.nist.gov/vuln/detail/CVE-2021-31684) | | **297286274** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **296719459, 296719400, 296719348, 296719307, 296719306, 296719188, 296719187, 296719186, 296719115, 296719018, 296718937, 296718918, 296718917, 296718916, 296716670, 296716669, 296716472, 296716471, 296715155** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **296717666, 296717283, 296716668, 296716667, 296716650, 296716635, 296716634, 296716633, 296716470, 296716234, 296715734, 296715733, 296715154, 296715153** | **Security fixes for apigee-hybrid-cassandra-client.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **296717665, 296717664, 296717663, 296717662, 296717185, 296716666, 296716649, 296716632, 296716468, 296716467, 296716232, 296715152, 296715151, 296714218** | **Security fixes for apigee-cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **295936113** | **Security fixes for apigee-mart-server.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerability: [CVE-2023-3635](https://nvd.nist.gov/vuln/detail/CVE-2023-3635) | | **294906706** | **Security fixes for apigee-prom-prometheus.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-46146](https://nvd.nist.gov/vuln/detail/CVE-2022-46146) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) | | **293925856** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-27191](https://nvd.nist.gov/vuln/detail/CVE-2022-27191) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **293348130** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **291994501** | **Security fixes for apigee-operator and apigee-watcher.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) | | **291994501** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) | | **290829031** | **Security fixes for apigee-hybrid-cassandra, apigee-cassandra-client, and cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2020-29511](https://nvd.nist.gov/vuln/detail/CVE-2020-29511) [CVE-2020-29509](https://nvd.nist.gov/vuln/detail/CVE-2020-29509) | | **290829028** | **Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-29526](https://nvd.nist.gov/vuln/detail/CVE-2022-29526) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-21698](https://nvd.nist.gov/vuln/detail/CVE-2022-21698) | | **290068742** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) | | **290067464** | **Security fixes for apigee-stackdriver-logging-agent.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-32511](https://nvd.nist.gov/vuln/detail/CVE-2022-32511) | | **290065830** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889) | | **281561243** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) (Fixed in Apigee hybrid v1.10.1) | | **N/A** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-prom-prometheus/master.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-40577](https://nvd.nist.gov/vuln/detail/CVE-2023-40577) [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **N/A** | **Security fixes for apigee-kube-rbac-proxy.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) | | **N/A** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) | | **N/A** | **Security fixes for apigee-fluent-bit.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-3817](https://nvd.nist.gov/vuln/detail/CVE-2023-3817) [CVE-2023-36054](https://nvd.nist.gov/vuln/detail/CVE-2023-36054) [CVE-2023-3446](https://nvd.nist.gov/vuln/detail/CVE-2023-3446) | | **N/A** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-4586](https://nvd.nist.gov/vuln/detail/CVE-2023-4586) [CVE-2023-34462](https://nvd.nist.gov/vuln/detail/CVE-2023-34462) | | **N/A** | **Security fixes for apigee-cassandra-backup-utility, apigee-hybrid-cassandra-client, and apigee-connect-agent.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-asm-ingress and apigee-asm-istiod.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) |

What else is happening at Google Cloud Platform?

Google Cloud Platform logo

The CPU allocation setting has been renamed to Billing in the Google Cloud console for Cloud Run services

December 13th, 2024

Share
Google Cloud Platform logo

Reporting of the "pending" status of the Ops Agent on the Cloud Monitoring VM Instances dashboard has been refined to include additional states

December 13th, 2024

Share
Google Cloud Platform logo

Google Cloud Firewall - December 13th, 2024 [Feature]

December 13th, 2024

Share
Google Cloud Platform logo

Google Kubernetes Engine (GKE) - December 13th, 2024 [Feature]

December 13th, 2024

Share
Google Cloud Platform logo

Regional endpoints, which help you run your workloads in compliance with data residency and data sovereignty requirements, are now generally available (GA)

December 12th, 2024

Share
Google Cloud Platform logo

Memorystore for Redis is supported by Database Center. Database Center is an AI-assisted dashboard that gives you one centralized view across your entire database fleet

December 12th, 2024

Share