istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cherry pick add a note to address grafana issue (#4029) 

* cherry pick add a note to address grafana issue

 #4027

* make lint happy
This commit is contained in:
Lin Sun 2019-04-24 15:28:30 -04:00 committed by GitHub
parent d138bd479b
commit a6778de3aa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/boilerplates/notes/1.0.6.md
View File

@ -1,7 +1,7 @@
## Security vulnerability fixes
- Updated Go `requests` and `urllib3` libraries in Bookinfo sample code per [`CVE-2018-18074`](https://nvd.nist.gov/vuln/detail/CVE-2018-18074) and [`CVE-2018-20060`](https://nvd.nist.gov/vuln/detail/CVE-2018-20060).
- Fixed username and password being exposed in `Grafana` and `Kiali` ([Issue 7446](https://github.com/istio/istio/issues/7476), [Issue 7447](https://github.com/istio/istio/issues/7447)).
- Fixed username and password being exposed in `Grafana` and `Kiali` ([Issue 7446](https://github.com/istio/istio/issues/7476), [Issue 7447](https://github.com/istio/istio/issues/7447)). If you have trouble to start the `Grafana` pod after upgrade to 1.0.6, please follow [the steps]({{< github_tree >}}/install/kubernetes/helm/istio#installing-the-chart) to create the secrete first.
- Removed in-memory service registry in Pilot. This allowed adding endpoints to proxy configurations from within the cluster through a Pilot debug API.
## Robustness improvements