News KrakenD EE v2.8 released: Configurable logging, Redis-backed rate limits, Lua, YAML encoding and more

Product UpdatesSecurity

1 min read

KrakenD 2.3.3 (patch version) released

by Albert Lombarte

A new patch version KrakenD 2.3.3 is available on the download page and the Docker registry. Upgrading from any 2.x is backward compatible.

This release includes a security fix to mitigate SSL3 CVE-2023-1255 (Base Score: 5.9 MEDIUM) and new Lua helpers fo facilitate developments of custom business logic. The new Lua helpers are:

  • luaTable.new(), which returns a new table.
  • t:keys(), which returns the sorted key names of a table t.
  • luaList.new(), which returns a new list.

See Lua helpers documentation

🚀 Summary of changes for CEv2.3

Fixes on GraphQL, Alpine security upgrade, and added new helpers in Lua

  • Upgrade Lura engine to 2.2.8
  • Add list and table helpers to Lua scripts
  • Automatically set content-type application/json for GraphQL backends, no longer needing the client to pass it + fixes in formatting
  • Fix escaped chars during XML rendering
  • Fix glibc detection on macOS (by @dschanoeh)
  • Avoid startup panic when using proxy rate limit with capacity 0
  • Upgrade Docker image base to Alpine 3.18 to mitigate SSL3 CVE-2023-1255 (by @ksylvan)

Upgrading to the latest version is always advised.

Scarf

Stay up to date with KrakenD releases and important updates