[security] Pomerium v0.22.2, v0.21.4, v0.20.1, v0.19.2, v0.18.1, and v0.17.4 release
44 views
Skip to first unread message
b...@pomerium.com
May 26, 2023, 5:36:32 PM5/26/23
to pomerium-announce
As mentioned in our pre-announcement yesterday, we have released Pomerium v0.22.2, v0.21.4, v0.20.1, v0.19.2, v0.18.1, and v0.17.4. We recommend all users immediately upgrade.
These patch releases include a CRITICAL security fix to Pomerium Core. In versions prior to v0.22.2, a specially crafted requests could result in incorrect authorization decisions made by Pomerium.
This is CVE-2023-33189 and issue GHSA-pvrc-wvj2-f59p.
Thank you to Alex Bessonov for reporting this issue.
Thank you to Alex Bessonov for reporting this issue.
Downloads are immediately available at Github Releases, and Dockerhub for all supported platforms.
Thank you,
Bobby
Reply all
Reply to author
Forward
0 new messages