Update Info

openSUSE-2022-10007


Security update for caddy


Type: security
Severity: moderate
Issued: 2022-06-10
Description:
This update for caddy fixes the following issues:

Update to version 2.5.1:

* Fixed regression in Unix socket admin endpoints.
* Fixed regression in caddy trust commands.
* Hash-based load balancing policies (ip_hash, uri_hash, header, and cookie)
  use an improved highest-random-weight (HRW) algorithm for increased
  consistency.
* Dynamic upstreams, which is the ability to get the list of upstreams at
  every request (more specifically, every iteration in the proxy loop of
  every request) rather than just once at config-load time.
* Caddy will automatically try to get relevant certificates from the local
  Tailscale instance.
* New OpenTelemetry integration.
* Added new endpoints /pki/ca/<id> and /pki/ca/<id>/certificates for
  getting information about Caddy's managed CAs.
* Rename _caddy to zsh-completion
* Fix MatchPath sanitizing [bsc#1200279, CVE-2022-29718]


              

Packages


  • caddy-2.5.1-bp154.2.5.1