Skip to content

Commit

Permalink
CHANGELOG: add "disable CommonName authentication for gRPC-gateway" PR
Browse files Browse the repository at this point in the history 
Signed-off-by: Sam Batschelet <sbatsche@redhat.com>
  • Loading branch information
@hexfusion
hexfusion committed Jan 7, 2019
1 parent e59f9df commit 3ec79d4
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG-3.3.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,10 @@ See [code changes](https://github.com/etcd-io/etcd/compare/v3.3.10...v3.3.11) an

- Add [`etcd gateway --discovery-srv-name`](https://github.com/etcd-io/etcd/pull/10250) flag.

### Security, Authentication

- Disable [CommonName authentication for gRPC-gateway](https://github.com/etcd-io/etcd/pull/10366) gRPC-gateway proxy requests to etcd server use the etcd client server TLS certificate. If that certificate contains CommonName we do not want to use that for authentication as it could lead to permission escalation.

### Go

- Compile with [*Go 1.10.7*](https://golang.org/doc/devel/release.html#go1.10).
Expand Down

0 comments on commit 3ec79d4

Please sign in to comment.