SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for ruby2.7-rubygem-kubeclient-4.10.1-1.2.x86_64.rpm :

* Mon Oct 10 2022 cooloAATTsuse.comupdated to version 4.10.1 see installed CHANGELOG.md
* Thu Apr 28 2022 cooloAATTsuse.comupdated to version 4.9.3 see installed CHANGELOG.md [#]# 4.9.3 — 2021-03-23 [#]## Fixed - VULNERABILITY FIX: Previously, whenever kubeconfig did not define custom CA (normal situation for production clusters with public domain and certificate!), `Config` was returning ssl_options[:verify_ssl] hard-coded to `VERIFY_NONE` :-( Assuming you passed those ssl_options to Kubeclient::Client, this means that instead of checking server\'s certificate against your system CA store, it would accept ANY certificate, allowing easy man-in-the middle attacks. This is especially dangerous with user/password or token credentials because MITM attacker could simply steal those credentials to the cluster and do anything you could do on the cluster. This was broken IN ALL RELEASES MADE BEFORE 2022, ever since [`Kubeclient::Config` was created](https://github.com/ManageIQ/kubeclient/pull/127/files#diff-32e70f2f6781a9e9c7b83ae5e7eaf5ffd068a05649077fa38f6789e72f3de837R41-R48). - Bug fix: kubeconfig `insecure-skip-tls-verify` field was ignored. When kubeconfig did define custom CA, `Config` was returning hard-coded `VERIFY_PEER`. Now we honor it, return `VERIFY_NONE` iff kubeconfig has explicit `insecure-skip-tls-verify: true`, otherwise `VERIFY_PEER`. - `Config`: fixed parsing of `certificate-authority` file containing concatenation of several certificates. Previously, server\'s cert was checked against only first CA cert, resulting in possible \"certificate verify failed\" errors. An important use case is a chain of root & intermediate cert(s) - necessary when cluster\'s CA itself is signed by another custom CA. But also helps when you simply concatenate independent certs. (#461, #552) - Still broken (#460): inline `certificate-authority-data` is still parsed using `add_cert` method that handles only one cert. These don\'t affect code that supplies `Client` parameters directly, only code that uses `Config`.
* Thu Jun 24 2021 cooloAATTsuse.comupdated to version 4.9.2 see installed CHANGELOG.md [#]# 4.9.2 — 2021-05-30 [#]## Added - Ruby 3.0 compatibility (#500, #505). [#]## Removed - Reduce .gem size by dropping test/ directory, it\'s useless at run time (#502).
* Fri Sep 25 2020 cooloAATTsuse.comupdated to version 4.9.1 see installed CHANGELOG.md [#]# 4.9.1 — 2020-08-31 [#]## Fixed - Now should work with apiserver deployed not at root of domain but a sub-path, which is standard with Rancher. Notably, `create_...` methods were sending bad apiVersion and getting 400 error. (#457, hopefully fixes #318, #418 and https://gitlab.com/gitlab-org/gitlab/-/issues/22043) [#]# 4.9.0 - 2020-08-03 [#]## Added - Support for `user: exec` credential plugins using TLS client auth (#453) [#]# 4.8.0 — 2020-07-03 [#]## Added - Support for server-side apply (#448). [#]## Fixed - Declared forgotten dependency on jsonpath, needed for `gcp` provider with `cmd-path` (#450). [#]# 4.7.0 — 2020-06-14 [#]## Fixed - Ruby 2.7 compatibility: bumped minimum recursive-open-struct to one that works on 2.7 (#439). - Ruby 2.7 warnings (#433, #438). - Improved watch documentation, including behavior planned to change in 5.0.0 (#436). [#]## Added - Google Application Default Credentials: Added `userinfo.email` to requested scopes, which is necessary for RBAC policies (#441).
* Mon Feb 10 2020 cooloAATTsuse.com- updated to version 4.6.0 see installed CHANGELOG.md
* Sun May 05 2019 cooloAATTsuse.com- updated to version 4.4.0 see installed CHANGELOG.md [#]# Unreleased [#]# 4.4.0 — 2019-05-03 [#]## Added - GCP configs with `user[auth-provider][name] == \'gcp\'` will execute credential plugin (normally the `gcloud config config-helper` subcommand) when the config specifies it in `cmd-path`, `cmd-args` fields (similar to `exec` support). This code path works without `googleauth` gem. Otherwise, `GoogleApplicationDefaultCredentials` path will be tried as before. (#410) - `AmazonEksCredentials` helper for obtaining a token to authenticate against Amazon EKS. This is not currently integrated in `Config`, you will need to invoke it yourself. You\'ll need some aws gems that Kubeclient _does not_ include. (#404, #406) [#]## Changed - OpenID Connect tokens which cannot be validaded because we cannot identify the key they were signed with will be considered expired and refreshed as usual. (#407)
* Thu Mar 14 2019 cooloAATTsuse.com- updated to version 4.3.0 see installed CHANGELOG.md [#]# 4.3.0 — 2019-03-03 [#]## Changed - `GoogleApplicationDefaultCredentials` will automatically be used in `fetch_user_auth_options` if the `user[auth-provider][name] == \'gcp\'` in the provided context. Note that `user[exec]` is checked first in anticipation of this functionality being added to GCP sometime in the future. Kubeclient _does not_ import the required `googleauth` gem, so you will need to import it in your calling application. (#394) [#]## Added - OpenID Connect credentials will automatically be used if the `user[auth-provider][name] == \'oidc\'` in the provided context. Note that `user[exec]` is checked first. Kubeclient _does not_ import the required `openid_connect` gem, so you will need to import it in your calling application. (#396) - Support for `json_patch_#{entity}` and `merge_patch_#{entity}`. `patch_#{entity}` will continue to use strategic merge patch. (#390)
* Mon Jan 14 2019 cooloAATTsuse.com- updated to version 4.2.2 see installed CHANGELOG.md
* Wed Dec 19 2018 cooloAATTsuse.com- updated to version 4.1.1 see installed CHANGELOG.md
* Sat Dec 08 2018 cooloAATTsuse.com- updated to version 4.1.0 see installed CHANGELOG.md [#]# 4.1.0 — 2018-11-28 [#]## Fixed - Support custom resources with lowercase `kind` (#361). - `create_security_context_constraint` now works (#366). - `get_security_context_constraints.kind`, `get_endpoints.kind` are now plural as in kubernetes (#366). [#]## Added - Add support for retrieving large lists of objects in chunks (#356).
* Wed Sep 05 2018 cooloAATTsuse.com- updated to version 4.0.0 see installed CHANGELOG.md [#]# 4.0.0 — 2018-07-23 [#]## Removed - Bumped officially supported kubernetes versions to >= 1.3. - Specifically `proxy_url` no longer works for <= 1.2 (#323). [#]## Fixed - `proxy_url` now works for kubernetes 1.10 and later (#323). [#]## Changed - Switched `http` gem dependency from 2.y to 3.y (#321).
* Mon Jun 11 2018 factory-autoAATTkulow.org- updated to version 3.1.2 see installed CHANGELOG.md
* Fri Jun 01 2018 factory-autoAATTkulow.org- updated to version 3.1.1 see installed CHANGELOG.md [#]# 3.1.1 - 2018-06-01 [#]## Security - Fixed `Kubeclient::Config.read` to use `YAML.safe_load` (#334). Previously, could deserialize arbitrary ruby classes. The risk depends on ruby classes available in the application; sometimes a class may have side effects - up to arbitrary code execution - when instantiated and/or built up with `x[key] = value` during YAML parsing. Despite this fix, using config from untrusted sources is not recommended.
* Sun May 27 2018 factory-autoAATTkulow.org- updated to version 3.1.0 see installed CHANGELOG.md Kubeclient release versioning follows [SemVer](https://semver.org/).
* Thu Feb 08 2018 cooloAATTsuse.com- updated to version 3.0.0 no changelog found
* Thu Oct 26 2017 cooloAATTsuse.com- updated to version 2.5.1 no changelog found
* Tue May 23 2017 cooloAATTsuse.com- updated to version 2.4.0 no changelog found
* Tue Feb 14 2017 mmeisterAATTsuse.com- Initial packaging
  
ICM