Maintained with ☕️ by
IcePanel logo
StackFeed logo
Google Cloud Platform logo
Original post

We released an updated version of the Apigee hybrid software, v1.11.0

Share

Services

## Announcement On November 17, 2023 we released an updated version of the Apigee hybrid software, v1.11.0. * For information on upgrading, see [Upgrading Apigee hybrid to version v1.11.0](https://cloud.google.com/apigee/docs/hybrid/v1.11/upgrade). * For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.11/big-picture). ## Feature **Helm charts management for Apigee hybrid** Starting in version v1.11, you have the choice of installing and managing your clusters with either Helm or `apigeectl`. You cannot manage a cluster with both. Apigee recommends using Helm for new hybrid installations. See [Apigee hybrid Helm charts reference](https://cloud.google.com/apigee/docs/hybrid/v1.11/helm-reference). ## Feature **Vault integration for Cassandra credentials (preview)** Starting in version v1.11, you can store Cassandra credentials in Hashicorp Vault. **Note:** Using Vault requires Helm management of your Apigee installation. See [Storing Cassandra credentials in Hashicorp Vault](https://cloud.google.com/apigee/docs/hybrid/v1.11/storing-cassandra-secrets-in-vault). Vault integration is in preview as of the Apigee hybrid 1.11 release. ## Feature **Kubernetes Tolerations** Starting in version v1.11, Apigee hybrid supports Kubernetes Tolerations. See [Using Kubernetes Tolerations](https://cloud.google.com/apigee/docs/hybrid/v1.11/tolerations). ## Feature **Apigee Advance API Security Actions for Apigee hybrid** Advanced API Security's new [Security Actions](https://cloud.google.com/apigee/docs/api-security/security-actions) feature is now available in Apigee hybrid. ## Fix | Bug ID | Description | | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | **295929616** | **Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues.** (Fixed in Apigee hybrid v1.10.3) | | **294069799** | **Updated the security context settings for the Apigee Hybrid Backup and Restore pod.** | | **292571089** | **An error with support for CSI backup and restore for Cassandra was fixed.** (Fixed in Apigee hybrid v1.10.3) | | **292118812** | **Fixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration.** (Fixed in Apigee hybrid v1.10.2) | | **289254725** | **Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy.** (Fixed in Apigee hybrid v1.10.1) | | **287321226** | **Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation.** (Fixed in Apigee hybrid v1.10.3) | | **240180122** | **Disable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init".** If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC\_LOCK and SYS\_RESOURCES. (Fixed in Apigee hybrid v1.11.0) | | **205666368** | **Fixed issue with default validation of TLS target endpoint certificates.** To enable strict SSL on southbound connections to a proxy target endpoint, add the tag <Enforce>true</Enforce> in the target <SSLInfo> block. See [About setting TLS options in a target endpoint or target server](https://cloud.google.com/apigee/docs/api-platform/system-administration/options-configuring-tls#about-setting-tls-options-in-a-target-endpoint-target-server). See also [Known Issue #205666368](https://cloud.google.com/apigee/docs/release/known-issues#205666368). (Fixed in Apigee hybrid v1.10.3-hotfix.1) | | **158132963** | **Added improvements to capture relevant target flow variables in trace and analytics in case of target timeouts.** (Fixed in Apigee hybrid v1.10.2) | ## Security | Bug ID | Description | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **303292806** | **Set backup utility to only connect to Cassandra server pods in the apigee namespace.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **300542690** | **Added dedicated service accounts for Apigee Connect, Redis, and UDCA to prevent Kubernetes from automatically injecting credentials for a specified ServiceAccount or the default ServiceAccount.** (Fixed in Apigee hybrid v1.10.3-hotfix.3) | | **297938600, 297938559, 297938486, 294892344** | **Security fixes for apigee-diagnostics-collector.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1436](https://nvd.nist.gov/vuln/detail/CVE-2023-1436) [CVE-2022-45693](https://nvd.nist.gov/vuln/detail/CVE-2022-45693) [CVE-2022-45685](https://nvd.nist.gov/vuln/detail/CVE-2022-45685) [CVE-2022-40150](https://nvd.nist.gov/vuln/detail/CVE-2022-40150) | | **297938498, 297938487** | **Security fixes for apigee-fluent-bit.**(Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-2650](https://nvd.nist.gov/vuln/detail/CVE-2023-2650) [CVE-2023-0464](https://nvd.nist.gov/vuln/detail/CVE-2023-0464) | | **297938441** | **Security fixes for apigee-runtime.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-1370](https://nvd.nist.gov/vuln/detail/CVE-2023-1370) [CVE-2021-31684](https://nvd.nist.gov/vuln/detail/CVE-2021-31684) | | **297286274** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **296719459, 296719400, 296719348, 296719307, 296719306, 296719188, 296719187, 296719186, 296719115, 296719018, 296718937, 296718918, 296718917, 296718916, 296716670, 296716669, 296716472, 296716471, 296715155** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **296717666, 296717283, 296716668, 296716667, 296716650, 296716635, 296716634, 296716633, 296716470, 296716234, 296715734, 296715733, 296715154, 296715153** | **Security fixes for apigee-hybrid-cassandra-client.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **296717665, 296717664, 296717663, 296717662, 296717185, 296716666, 296716649, 296716632, 296716468, 296716467, 296716232, 296715152, 296715151, 296714218** | **Security fixes for apigee-cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **295936113** | **Security fixes for apigee-mart-server.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerability: [CVE-2023-3635](https://nvd.nist.gov/vuln/detail/CVE-2023-3635) | | **294906706** | **Security fixes for apigee-prom-prometheus.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-46146](https://nvd.nist.gov/vuln/detail/CVE-2022-46146) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) | | **293925856** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid v1.10.3) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-27191](https://nvd.nist.gov/vuln/detail/CVE-2022-27191) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) | | **293348130** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) | | **291994501** | **Security fixes for apigee-operator and apigee-watcher.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) | | **291994501** | **Security fixes for apigee-installer.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-41721](https://nvd.nist.gov/vuln/detail/CVE-2022-41721) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) | | **290829031** | **Security fixes for apigee-hybrid-cassandra, apigee-cassandra-client, and cassandra-backup-utility.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32190](https://nvd.nist.gov/vuln/detail/CVE-2022-32190) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2020-29511](https://nvd.nist.gov/vuln/detail/CVE-2020-29511) [CVE-2020-29509](https://nvd.nist.gov/vuln/detail/CVE-2020-29509) | | **290829028** | **Security fixes for Apigee Connect and apigee-connect-agent and apigee-redis.** (Fixed in Apigee hybrid v1.10.2) This addresses the following vulnerabilities: [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2023-24532](https://nvd.nist.gov/vuln/detail/CVE-2023-24532) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41717](https://nvd.nist.gov/vuln/detail/CVE-2022-41717) [CVE-2022-32149](https://nvd.nist.gov/vuln/detail/CVE-2022-32149) [CVE-2022-29526](https://nvd.nist.gov/vuln/detail/CVE-2022-29526) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-21698](https://nvd.nist.gov/vuln/detail/CVE-2022-21698) | | **290068742** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) | | **290067464** | **Security fixes for apigee-stackdriver-logging-agent.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-32511](https://nvd.nist.gov/vuln/detail/CVE-2022-32511) | | **290065830** | **Security fixes for apigee-udca.** (Fixed in Apigee hybrid v1.10.1) This addresses the following vulnerability: [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889) | | **281561243** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** This addresses the following vulnerability: [CVE-2022-1471](https://nvd.nist.gov/vuln/detail/CVE-2022-1471) (Fixed in Apigee hybrid v1.10.1) | | **N/A** | **Security fixes for apigee-prometheus-adapter.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-prom-prometheus/master.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-40577](https://nvd.nist.gov/vuln/detail/CVE-2023-40577) [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) | | **N/A** | **Security fixes for apigee-kube-rbac-proxy.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) | | **N/A** | **Security fixes for apigee-hybrid-cassandra.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) | | **N/A** | **Security fixes for apigee-fluent-bit.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-3817](https://nvd.nist.gov/vuln/detail/CVE-2023-3817) [CVE-2023-36054](https://nvd.nist.gov/vuln/detail/CVE-2023-36054) [CVE-2023-3446](https://nvd.nist.gov/vuln/detail/CVE-2023-3446) | | **N/A** | **Security fixes for apigee-diagnostics-collector, apigee-mart-server, apigee-mint-task-scheduler, apigee-runtime, and apigee-synchronizer.** (Fixed in Apigee hybrid hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-4586](https://nvd.nist.gov/vuln/detail/CVE-2023-4586) [CVE-2023-34462](https://nvd.nist.gov/vuln/detail/CVE-2023-34462) | | **N/A** | **Security fixes for apigee-cassandra-backup-utility, apigee-hybrid-cassandra-client, and apigee-connect-agent.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) | | **N/A** | **Security fixes for apigee-asm-ingress and apigee-asm-istiod.** (Fixed in Apigee hybrid v1.11) This addresses the following vulnerabilities: [CVE-2023-39533](https://nvd.nist.gov/vuln/detail/CVE-2023-39533) [CVE-2023-39319](https://nvd.nist.gov/vuln/detail/CVE-2023-39319) [CVE-2023-39318](https://nvd.nist.gov/vuln/detail/CVE-2023-39318) [CVE-2023-29409](https://nvd.nist.gov/vuln/detail/CVE-2023-29409) [CVE-2023-29406](https://nvd.nist.gov/vuln/detail/CVE-2023-29406) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-28842](https://nvd.nist.gov/vuln/detail/CVE-2023-28842) [CVE-2023-28841](https://nvd.nist.gov/vuln/detail/CVE-2023-28841) [CVE-2023-28840](https://nvd.nist.gov/vuln/detail/CVE-2023-28840) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-2253](https://nvd.nist.gov/vuln/detail/CVE-2023-2253) |

What else is happening at Google Cloud Platform?

Google Cloud Platform logo

M121 release CUDA 12.2 images are now available. Updated TensorFlow 2.15 images from CUDA 12.1 to CUDA 12.2

about 10 hours ago

Share
Google Cloud Platform logo

Storage Transfer Service now supports transfers from Amazon S3 over a Google-managed private network

about 10 hours ago

Share
Google Cloud Platform logo

M121 release Updated the R CPU container image from R 4.3 to R 4.4

about 10 hours ago

Share
Google Cloud Platform logo

We released an updated version of Apigee (1-12-0-apigee-4-hotfix)

about 11 hours ago

Share
Google Cloud Platform logo

Dataflow no longer supports the NVIDIA Tesla K80 GPU type. For a list of supported GPU types, see Dataflow support for GPUs

about 12 hours ago

Share
Google Cloud Platform logo

Node.js 22 is now available in preview

about 14 hours ago

Share