v3.14.8
📦 quay-ioView on GitHub →
🐛 5 fixes🔧 1 symbols
Summary
This release primarily focuses on dependency updates for security and stability, including bumping pgx, pyOpenSSL, node forge, and cryptography, alongside fixing several security vulnerabilities.
🐛 Bug Fixes
- Fixed CVE-2026-29074.
- Removed malformed struct tag space on DistributedStorageArgs.Signature in config-tool.
- Bumped node forge to 1.4.0 to fix security issues.
- Prevented RCE via unsafe pickle deserialization in data handling.
- Stripped skopeo_timeout_interval without rejecting the request during mirroring operations.