We’re excited to announce the release of RELIANOID Load Balancer Enterprise Version 6.2.34, introducing some improvements and bugfixing. Below are the detailed release notes:
Changelog
Improvements:
[letsencrypt] automated backup-recovery for autorenewed certificates
[system] add _checkupgrades_ support for major upgrades
Bugfixes:
[letsencrypt] fix certificates corruption during cluster synchronization
[lslb] fix http services ordering
[system] fix cherokee stops after logrotate
[system] fix undefined function in Certificate Activation
[system] security advisories fixed: CVE-2024-1086, CVE-2024-28182, CVE-2024-2961, DLA-3788-1, DLA-3806-1, CVE-2023-50387, CVE-2023-50868, CVE-2024-34397, CVE-2024-3651
Release Notes
The latest release of RELIANOID Load Balancer Enterprise Edition, version 6.2.34, brings a range of significant improvements and crucial bug fixes aimed at enhancing the overall performance and security of the system. One of the standout improvements is the introduction of automated backup-recovery for Let’s Encrypt auto-renewed certificates. This feature ensures that certificate renewals are reliably backed up and can be quickly restored if necessary, minimizing downtime and enhancing operational resilience. Additionally, the system now includes support for major upgrades through the new checkupgrades functionality, such as the upcoming release v8.0, simplifying the upgrade process and ensuring smoother transitions between major versions.
Several critical bug fixes have also been addressed in this release. Notably, issues with certificate corruption during cluster synchronization have been resolved, ensuring more reliable certificate management across synchronized clusters. The ordering of HTTP services has been corrected within the load balancer, addressing previous inconsistencies. Furthermore, the problem where Cherokee would stop after log rotation has been fixed, ensuring uninterrupted service operation. Additional system fixes include resolving an undefined function issue in Certificate Activation and addressing multiple security advisories to protect against various vulnerabilities.
Security remains a top priority in this release, with fixes for several high-impact vulnerabilities. These include CVE-2024-1086, CVE-2024-28182, CVE-2024-2961, DLA-3788-1, DLA-3806-1, CVE-2023-50387, CVE-2023-50868, CVE-2024-34397, and CVE-2024-3651. Notable among these is the mitigation of the “KeyTrap” and “NSEC3” issues that could previously cause denial of service via DNSSEC responses, as well as vulnerabilities in the nghttp2 library that could lead to excessive CPU usage. Addressing these vulnerabilities fortifies the load balancer against potential attacks, ensuring a more secure and robust environment for users.
Download the latest Enterprise version here.
Enjoy seamless load balancing with RELIANOID!
Best Regards,
The RELIANOID Team
Related Blogs
