cert-manager v1.4.1 Released!

[Ashley Davis]

Hi cert-manager-dev,

We've just released cert-manager v1.4.1, fixing a bug which was exposed by cert-manager v1.4.0 but which had been around in the codebase since early 2019.

Most certificates are unlikely be affected, but you should probably upgrade from v1.4.0 to v1.4.1 to be safe. The bug arises when a non-root certificate has the same subject DN as its issuer.

For example, the bug is triggered if a leaf certificate whose DN is a CommonName set to "abc" is issued by an intermediate certificate whose DN matches exactly. If you hit the bug, the effect will be a failure to issue or renew the certificate in question.

For more detail, see this issue: https://github.com/jetstack/cert-manager/issues/4142

Thanks again to everyone who reported this issue and helped us diagnose and fix it! As ever, if you have any questions please feel free to reach out in #cert-manager on Kubernetes Slack.

- Ash