v3.15.4
📦 quay-ioView on GitHub →
🐛 7 fixes🔧 2 symbols
Summary
This release focuses heavily on dependency upgrades to address security vulnerabilities (CVEs) and includes several bug fixes related to permissions, health checks, and configuration tools. It also updates CI practices for multi-arch builds.
Migration Steps
- Ensure CI workflows use GitHub ARM runners for arm64 builds.
- Ensure CI uses unique intermediate tags for multi-arch builds.
🐛 Bug Fixes
- Apply org_filter in get_org_wide_permissions().
- Use usermanager for superuser check in org creation.
- Fix potential health check connection poisoning.
- Fall back to pure-Python rsa for CloudFront signing.
- Use dynamic redirect URL for OIDC validation in config-tool.
- Fix CVE-2026-30922 in pyasn1.
- Add callback URL validation to export action logs.