Merge pull request #1677 from wallrj/release-notes-1.12.17

wallrj · web-flow · commit 14c7238b9923 · 2025-04-25T16:14:42.000+01:00
Release notes for v1.12.17
diff --git a/content/docs/releases/release-notes/release-notes-1.12.md b/content/docs/releases/release-notes/release-notes-1.12.md
@@ -216,6 +216,19 @@ time and resources towards the continued maintenance of cert-manager projects. V
 cert-manager 1.12 as a long term support release, meaning it will be maintained for much longer
 than other releases to provide a stable platform for enterprises to build upon.
 
+## `v1.12.17`
+
+This patch release addresses several vulnerabilities reported by the Trivy security scanner. It is built with the latest version of Go 1.23 and includes various dependency updates. Changes since `v1.12.16`:
+
+### Bug or Regression
+
+- Bump Go to `v1.23.8` to fix `CVE-2025-22871` ([#7709](https://github.com/cert-manager/cert-manager/pull/7709), [`@wallrj`](https://github.com/wallrj))
+- Bump `golang.org/x/net` to `v0.38.0` to fix `CVE-2025-22872` ([#7709](https://github.com/cert-manager/cert-manager/pull/7709), [`@wallrj`](https://github.com/wallrj))
+- Bump `github.com/golang-jwt/jwt/v4` to `v4.5.2` to fix `CVE-2025-30204` ([#7709](https://github.com/cert-manager/cert-manager/pull/7709), [`@wallrj`](https://github.com/wallrj))
+- Bump `go-jose` to address `CVE-2025-27144` ([#7597](https://github.com/cert-manager/cert-manager/pull/7597), [`@SgtCoDFish`](https://github.com/SgtCoDFish))
+- Bump `golang.org/x/net` to address `CVE-2025-22870` reported by Trivy ([#7624](https://github.com/cert-manager/cert-manager/pull/7624), [`@SgtCoDFish`](https://github.com/SgtCoDFish))
+- Bump `golang.org/x/net` to address `CVE-2025-22870` reported by Trivy ([#7623](https://github.com/cert-manager/cert-manager/pull/7623), [`@SgtCoDFish`](https://github.com/SgtCoDFish))
+
 ## `v1.12.16`
 
 This patch release is primarily intended to address a [breaking change](https://github.com/cert-manager/cert-manager/issues/7540) in Cloudflare's API which impacted ACME DNS-01 challenges using Cloudflare.
diff --git a/content/v1.12-docs/variables.json b/content/v1.12-docs/variables.json
@@ -1,3 +1,3 @@
 {
-  "cert_manager_latest_version": "v1.12.15"
+  "cert_manager_latest_version": "v1.12.17"
 }

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`{`
`2`		`- "cert_manager_latest_version": "v1.12.15"`
	`2`	`+ "cert_manager_latest_version": "v1.12.17"`
`3`	`3`	`}`