We have just released Pomerium v0.10.3, a patch release that fixes several bugs and addresses a potential security issue.
Prior to this patch, when Kubernetes API requests were proxied, Impersonate-* headers were not being stripped which could result in potential header injection. We recommend that all affected users update to this release.
Please review the upgrade guide and changelog
for a complete list of changes and improvements.
You can download binary and source distributions from github
. Or you can pull the v0.10.3 container
image from dockerhub.