build: update openpolicyagent/opa docker tag to v0.62.1
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
openpolicyagent/opa | final | patch |
0.62.0-static -> 0.62.1-static
|
Release Notes
open-policy-agent/opa (openpolicyagent/opa)
v0.62.1
This is a security fix release for the fixes published in Golang 1.22.1.
OPA servers using --authentication=tls
would be affected: crafted malicious client
certificates could cause a panic in the server.
Also, crafted server certificates could panic OPA's HTTP clients, in bundle plugin,
status and decision logs; and http.send
calls that verify TLS.
This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
This is CVE-2024-24783 (https://pkg.go.dev/vuln/GO-2024-2598).
Note that there are other security fixes in this Golang release, but whether or not OPA is affected is harder to tell. An update is advised.
Miscellaneous
- Add Trino to OPA ecosystem (authored by @mosabua)
- update: ADOPTERS.md (#6608) (authored by @fredmaggiowski)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.