We released an updated version of the Apigee hybrid software, 1.12.1
Share
Services
## Announcement
### hybrid v1.12.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.12.1.
* For information on upgrading, see [Upgrading Apigee hybrid to version 1.12.1](https://cloud.google.com/apigee/docs/hybrid/v1.12/upgrade).
* For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.12/big-picture).
## Fix
| Bug ID | Description |
| ------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **347798999** | **Fixed an issue preventing configuration of forward proxies for OpenTelemetry collector pods.** |
| **345501069** | **Fixed issue with Hybrid Guardrails resource configuration preventing the Guardails pod from starting.** |
| **341797795** | **Autofill the Hybrid Guardrails checkpoint value if a checkpoint is not provided.** |
| **340248314** | **Added support for targetCPUUtilizationPercentage to [apigeeIngressGateway](https://cloud.google.com/apigee/docs/hybrid/v1.12/config-prop-ref.html#apigeeingressgateway-targetcpuutilizationpercentage) and [ingressGateways](https://cloud.google.com/apigee/docs/hybrid/v1.12/config-prop-ref.html#ingressgateways-targetcpuutilizationpercentage).** The default value is 75. |
| **324779388** | **Improved error handling for backup and restore.** |
| **311489774** | **Removed inclusion of Java in Cassandra client image..** |
| **310338146** | **Fixed invalid download directory output from the [create-service-account](https://cloud.google.com/apigee/docs/hybrid/v1.12/create-service-account) tool.** |
| **300135626** | **Removed inclusion of Java in Cassandra Backup Utility image.** |
| **239523766** | **Remove "Unable to evaluate jsonVariable, returning null" logging string from _ExtractVariables_ Policy** |
## Security
| Bug ID | Description |
| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **345791712** | **Security fix for fluent-bit.** This addresses the following vulnerability: [CVE-2024-4323](https://nvd.nist.gov/vuln/detail/CVE-2024-4323) |
| **335910066** | **Security fixes for apigee-kube-rbac-proxy.** This addresses the following vulnerability: [CVE-2023-47108](https://nvd.nist.gov/vuln/detail/CVE-2023-47108) |
| **335909737** | **Security fixes for apigee-asm-ingress.** This addresses the following vulnerabilities: [CVE-2024-24557](https://nvd.nist.gov/vuln/detail/CVE-2024-24557) [CVE-2024-21664](https://nvd.nist.gov/vuln/detail/CVE-2024-21664)[CVE-2023-6779](https://nvd.nist.gov/vuln/detail/CVE-2023-6779) [CVE-2023-6246](https://nvd.nist.gov/vuln/detail/CVE-2023-6246) |
| **335909397** | **Security fixes for apigee-open-telemetry-collector.** This addresses the following vulnerability: [CVE-2023-47108](https://nvd.nist.gov/vuln/detail/CVE-2023-47108) |
| **335908990** | **Security fixes for apigee-asm-istiod.** This addresses the following vulnerabilities: [CVE-2024-24557](https://nvd.nist.gov/vuln/detail/CVE-2024-24557) [CVE-2024-21664](https://nvd.nist.gov/vuln/detail/CVE-2024-21664) |
| **335908985** | **Security fix for apigee-prometheus-adapter.** This addresses the following vulnerabilities: [CVE-2023-47108](https://nvd.nist.gov/vuln/detail/CVE-2023-47108) [CVE-2023-45285](https://nvd.nist.gov/vuln/detail/CVE-2023-45285) [CVE-2023-45142](https://nvd.nist.gov/vuln/detail/CVE-2023-45142) [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487) [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325) . |
| **335908657** | **Security fixes for apigee-prom-prometheus.** This addresses the following vulnerabilities: [CVE-2024-24557](https://nvd.nist.gov/vuln/detail/CVE-2024-24557) [CVE-2023-45285](https://nvd.nist.gov/vuln/detail/CVE-2023-45285) |
| **335908139** | **Security fix for fluent-bit.** This addresses the following vulnerability: [CVE-2024-0985](https://nvd.nist.gov/vuln/detail/CVE-2024-0985) |
| **332821083** | **Security fix for apigee-operators.** This addresses the following vulnerability: [CVE-2024-24786](https://nvd.nist.gov/vuln/detail/CVE-2024-24786) |
| **317528509** | **Security fixes for apigee-synchronizer.** This addresses the following vulnerabilities: [CVE-2023-34462](https://nvd.nist.gov/vuln/detail/CVE-2023-34462)[CVE-2023-32732](https://nvd.nist.gov/vuln/detail/CVE-2023-32732)[CVE-2023-32731](https://nvd.nist.gov/vuln/detail/CVE-2023-32731)[CVE-2023-1428](https://nvd.nist.gov/vuln/detail/CVE-2023-1428) |
| **308835165** | **Security fix for apigee-synchronizer.** This addresses the following vulnerability: [CVE-2023-34462](https://nvd.nist.gov/vuln/detail/CVE-2023-34462) |
| **N/A** | **Security fixes for apigee-asm-ingress.** This addresses the following vulnerabilities: [CVE-2023-6779](https://nvd.nist.gov/vuln/detail/CVE-2023-6779) [CVE-2023-6246](https://nvd.nist.gov/vuln/detail/CVE-2023-6246) |
| **N/A** | **Security fixes for apigee-asm-istiod.** This addresses the following vulnerabilities: [CVE-2024-21664](https://nvd.nist.gov/vuln/detail/CVE-2024-21664) |
| **N/A** | **Security fixes for apigee-cassandra-backup-utility.** This addresses the following vulnerabilities: [CVE-2023-50782](https://nvd.nist.gov/vuln/detail/CVE-2023-50782) |
| **N/A** | **Security fixes for apigee-fluent-bit.** This addresses the following vulnerabilities: [CVE-2022-4899](https://nvd.nist.gov/vuln/detail/CVE-2022-4899) |
| **N/A** | **Security fixes for apigee-hybrid-cassandra.** This addresses the following vulnerabilities: [CVE-2023-50782](https://nvd.nist.gov/vuln/detail/CVE-2023-50782) |
| **N/A** | **Security fixes for apigee-kube-rbac-proxy.** This addresses the following vulnerabilities: [CVE-2023-47108](https://nvd.nist.gov/vuln/detail/CVE-2023-47108) |
| **N/A** | **Security fixes for apigee-prometheus-adapter.** This addresses the following vulnerabilities: [CVE-2023-47108](https://nvd.nist.gov/vuln/detail/CVE-2023-47108) [CVE-2023-45142](https://nvd.nist.gov/vuln/detail/CVE-2023-45142) [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487) [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325) |
| **N/A** | **Security fixes for apigee-stackdriver-prometheus-sidecar.** This addresses the following vulnerabilities: [CVE-2023-45287](https://nvd.nist.gov/vuln/detail/CVE-2023-45287) [CVE-2023-45285](https://nvd.nist.gov/vuln/detail/CVE-2023-45285) [CVE-2023-45283](https://nvd.nist.gov/vuln/detail/CVE-2023-45283) [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487) [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325) [CVE-2023-39323](https://nvd.nist.gov/vuln/detail/CVE-2023-39323) [CVE-2023-29405](https://nvd.nist.gov/vuln/detail/CVE-2023-29405) [CVE-2023-29404](https://nvd.nist.gov/vuln/detail/CVE-2023-29404) [CVE-2023-29403](https://nvd.nist.gov/vuln/detail/CVE-2023-29403) [CVE-2023-29402](https://nvd.nist.gov/vuln/detail/CVE-2023-29402) [CVE-2023-29400](https://nvd.nist.gov/vuln/detail/CVE-2023-29400) [CVE-2023-24540](https://nvd.nist.gov/vuln/detail/CVE-2023-24540) [CVE-2023-24539](https://nvd.nist.gov/vuln/detail/CVE-2023-24539) [CVE-2023-24538](https://nvd.nist.gov/vuln/detail/CVE-2023-24538) [CVE-2023-24537](https://nvd.nist.gov/vuln/detail/CVE-2023-24537) [CVE-2023-24536](https://nvd.nist.gov/vuln/detail/CVE-2023-24536) [CVE-2023-24534](https://nvd.nist.gov/vuln/detail/CVE-2023-24534) [CVE-2022-41725](https://nvd.nist.gov/vuln/detail/CVE-2022-41725) [CVE-2022-41724](https://nvd.nist.gov/vuln/detail/CVE-2022-41724) [CVE-2022-41723](https://nvd.nist.gov/vuln/detail/CVE-2022-41723) [CVE-2022-41722](https://nvd.nist.gov/vuln/detail/CVE-2022-41722) [CVE-2022-41720](https://nvd.nist.gov/vuln/detail/CVE-2022-41720) [CVE-2022-41716](https://nvd.nist.gov/vuln/detail/CVE-2022-41716) [CVE-2022-41715](https://nvd.nist.gov/vuln/detail/CVE-2022-41715) [CVE-2022-32189](https://nvd.nist.gov/vuln/detail/CVE-2022-32189) [CVE-2022-30635](https://nvd.nist.gov/vuln/detail/CVE-2022-30635) [CVE-2022-30633](https://nvd.nist.gov/vuln/detail/CVE-2022-30633) [CVE-2022-30632](https://nvd.nist.gov/vuln/detail/CVE-2022-30632) [CVE-2022-30631](https://nvd.nist.gov/vuln/detail/CVE-2022-30631) [CVE-2022-30630](https://nvd.nist.gov/vuln/detail/CVE-2022-30630) [CVE-2022-30580](https://nvd.nist.gov/vuln/detail/CVE-2022-30580) [CVE-2022-29804](https://nvd.nist.gov/vuln/detail/CVE-2022-29804) [CVE-2022-2880](https://nvd.nist.gov/vuln/detail/CVE-2022-2880) [CVE-2022-2879](https://nvd.nist.gov/vuln/detail/CVE-2022-2879) [CVE-2022-28327](https://nvd.nist.gov/vuln/detail/CVE-2022-28327) [CVE-2022-28131](https://nvd.nist.gov/vuln/detail/CVE-2022-28131) [CVE-2022-27664](https://nvd.nist.gov/vuln/detail/CVE-2022-27664) [CVE-2022-27536](https://nvd.nist.gov/vuln/detail/CVE-2022-27536) [CVE-2022-27191](https://nvd.nist.gov/vuln/detail/CVE-2022-27191) [CVE-2022-24921](https://nvd.nist.gov/vuln/detail/CVE-2022-24921) [CVE-2022-24675](https://nvd.nist.gov/vuln/detail/CVE-2022-24675) [CVE-2022-23806](https://nvd.nist.gov/vuln/detail/CVE-2022-23806) [CVE-2022-23773](https://nvd.nist.gov/vuln/detail/CVE-2022-23773) [CVE-2022-23772](https://nvd.nist.gov/vuln/detail/CVE-2022-23772) [CVE-2022-21698](https://nvd.nist.gov/vuln/detail/CVE-2022-21698) [CVE-2021-44716](https://nvd.nist.gov/vuln/detail/CVE-2021-44716) [CVE-2021-43565](https://nvd.nist.gov/vuln/detail/CVE-2021-43565) [CVE-2021-41772](https://nvd.nist.gov/vuln/detail/CVE-2021-41772) [CVE-2021-41771](https://nvd.nist.gov/vuln/detail/CVE-2021-41771) [CVE-2021-39293](https://nvd.nist.gov/vuln/detail/CVE-2021-39293) [CVE-2021-38297](https://nvd.nist.gov/vuln/detail/CVE-2021-38297) [CVE-2021-37219](https://nvd.nist.gov/vuln/detail/CVE-2021-37219) [CVE-2021-33198](https://nvd.nist.gov/vuln/detail/CVE-2021-33198) [CVE-2021-33196](https://nvd.nist.gov/vuln/detail/CVE-2021-33196) [CVE-2021-33195](https://nvd.nist.gov/vuln/detail/CVE-2021-33195) [CVE-2021-33194](https://nvd.nist.gov/vuln/detail/CVE-2021-33194) [CVE-2021-3121](https://nvd.nist.gov/vuln/detail/CVE-2021-3121) [CVE-2021-3115](https://nvd.nist.gov/vuln/detail/CVE-2021-3115) [CVE-2021-27918](https://nvd.nist.gov/vuln/detail/CVE-2021-27918) [CVE-2020-7919](https://nvd.nist.gov/vuln/detail/CVE-2020-7919) [CVE-2020-29652](https://nvd.nist.gov/vuln/detail/CVE-2020-29652) [CVE-2020-28852](https://nvd.nist.gov/vuln/detail/CVE-2020-28852) [CVE-2020-28367](https://nvd.nist.gov/vuln/detail/CVE-2020-28367) [CVE-2020-28366](https://nvd.nist.gov/vuln/detail/CVE-2020-28366) [CVE-2020-26160](https://nvd.nist.gov/vuln/detail/CVE-2020-26160) [CVE-2020-16845](https://nvd.nist.gov/vuln/detail/CVE-2020-16845) [CVE-2020-14040](https://nvd.nist.gov/vuln/detail/CVE-2020-14040) [CVE-2019-9634](https://nvd.nist.gov/vuln/detail/CVE-2019-9634) [CVE-2019-17596](https://nvd.nist.gov/vuln/detail/CVE-2019-17596) [CVE-2019-14809](https://nvd.nist.gov/vuln/detail/CVE-2019-14809) [CVE-2019-11888](https://nvd.nist.gov/vuln/detail/CVE-2019-11888) |
## Announcement
### hybrid 1.11.2-hotfix.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.11.2-hotfix.1.
**Note:** This release reflects a change to the Helm chart templates and not a change to the images. If your hybrid installation is currently on Apigee hybrid v1.11.2, Apply this hotfix with the following steps:
1. In your overrides file, update the `ao.image` `url` and `tag`:
```
ao:
image:
url: "gcr.io/apigee-release/hybrid/apigee-operators"
tag: "1.11.2-hotfix.1"
```
2. Install the hotfix release:
* For Helm-managed releases, update the `apigee-operator` with the `helm upgrade` command and your current overrides files:
```
helm upgrade operator apigee-operator/ \
--namespace apigee-system \
--atomic \
-f overrides.yaml
```
* For `apigeectl`\-managed releases, install the hotfix release with `apigeectl init` using your updated overrides files:
```
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE --dry-run=client
```
Followed by:
```
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE
```
* For information on upgrading, see [Upgrading Apigee hybrid to version 1.11.2-hotfix.1](https://cloud.google.com/apigee/docs/hybrid/v1.11/upgrade).
* For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.11/big-picture).
## Fix
| Bug ID | Description |
| ------------- | --------------------------------------------------------------------------- |
| **347997965** | **Upgrading to Apigee Hybrid 1.11.2 and 1.10.5 can cause missing metrics.** |
## Announcement
### hybrid 1.10.5-hotfix.1
On June 28, 2024 we released an updated version of the Apigee hybrid software, 1.10.5-hotfix.1.
**Note:** This release reflects a change to the Helm chart templates and not a change to the images. If your hybrid installation is currently on Apigee hybrid v1.10.5, Apply this hotfix with the following steps:
1. In your overrides file, update the `ao.image` `url` and `tag`:
```
ao:
image:
url: "gcr.io/apigee-release/hybrid/apigee-operators"
tag: "1.10.5-hotfix.1"
```
2. Install the hotfix release with `apigeectl init` using your updated overrides files:
```
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE --dry-run=client
```
Followed by:
```
${APIGEECTL_HOME}/apigeectl init -f OVERRIDES_FILE
```
* For information on upgrading, see [Upgrading Apigee hybrid to version 1.10.5-hotfix.1](https://cloud.google.com/apigee/docs/hybrid/v1.10/upgrade).
* For information on new installations, see [The big picture](https://cloud.google.com/apigee/docs/hybrid/v1.10/big-picture).
## Fix
| Bug ID | Description |
| ------------- | --------------------------------------------------------------------------- |
| **347997965** | **Upgrading to Apigee Hybrid 1.11.2 and 1.10.5 can cause missing metrics.** |