We have just released Pomerium v0.10.3, a patch release that fixes several bugs and addresses a potential security issue.
Prior to this patch, when Kubernetes API requests were proxied, Impersonate-* headers were not being stripped which could result in potential header injection. We recommend that all affected users update to this release.
Please review the upgrade guide and
changelog for a complete list of changes and improvements.
You can download binary and source distributions from
github. Or you can pull the
v0.10.3 container image from dockerhub.
Best,
Bobby