Releases: wiremock/wiremock-docker
Releases Β· wiremock/wiremock-docker
3.2.0-1
π Dependency Updates
- Update to WireMock 3.2.0
π» Maintenance
- Document the integration test suite (#89) @oleg-nenashev
- Add integration test for the webhooks extension (#88) @oleg-nenashev
- Update the test suite to WireMock Testcontainers 1.0-alpha-7 (#87) @oleg-nenashev
Contributors
oleg-nenashev
Assets 2
3.1.0-1
π¦ Dependency updates
- Update to WireMock 3.1.0. This is a BREAKING CHANGE if you use the WireMock Webhooks extension (#86) @oleg-nenashev
π» Maintenance
- Fix version matching in the release pipelines (#86) @oleg-nenashev
Contributors
oleg-nenashev
Assets 2
3.0.4-1
π¦ Dependency updates
- Update WireMock to 3.0.4 with bugfixes - Changelog
π» Maintenance
- Fix release pipelines to push proper new bundled version to git( #85) @oleg-nenashev
- Support releasing 3-digit tags (#85) @oleg-nenashev
Contributors
oleg-nenashev
Assets 2
3.0.3-1 - Security Release
π Security
This security release addresses the following issues
- CVE-2023-41327 - Controlled SSRF through URL in the WireMock Webhooks Extension and WireMock Studio
- Overall CVSS Score: 4.3 (AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:F/RL:O/RC:C)
- CVE-2023-41329 - Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modes
- Overall CVSS Score: 3.6 (AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C)
NOTE: WireMock Studio, a proprietary distribution discontinued in 2022, is also affected by those issues and also affected by CVE-2023-39967 - Overall CVSS Score 8.6 - βControlled and full-read SSRF through URL parameter when testing a request, webhooks and proxy modeβ. The fixes will not be provided. The vendor recommends migrating to WireMock Cloud which is available as SaaS and private beta for on-premises deployments
π» Maintenance
- Create release Pipeline for 2.x (#83) @oleg-nenashev
- Remove broken DockerHub description updater from the release pipeline (#82) @oleg-nenashev
π Related releases
- WireMock Docker 3.0.3-1 - Docker Image with the Patch
- WireMock 2.35.1 / WireMock Docker 2.35.1-1 - Backport to WireMock 2.x
- Python WireMock 2.6.1 - Python library that bundles the WireMock JAR file
- NOTE: Other distributions like Testcontainers modules or Helm chart need explicit version declaration, and hence a user action is needed to update the dependencies should they be considered a risk
Contributors
oleg-nenashev
Assets 2
2.35.1-1 - Security Release
This security release addresses the following issues
- CVE-2023-41327 - Controlled SSRF through URL in the WireMock Webhooks Extension and WireMock Studio
- Overall CVSS Score: 4.3 (AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L/E:F/RL:O/RC:C)
- CVE-2023-41329 - Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modes
- Overall CVSS Score: 3.6 (AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C)
NOTE: WireMock Studio, a proprietary distribution discontinued in 2022, is also affected by those issues and also affected by CVE-2023-39967 - Overall CVSS Score 8.6 - βControlled and full-read SSRF through URL parameter when testing a request, webhooks and proxy modeβ. The fixes will not be provided. The vendor recommends migrating to WireMock Cloud which is available as SaaS and private beta for on-premises deployments
3.0.1-1
π¦ Dependency updates
- Update WireMock to 3.0.1 with bugfixes - Changelog (#79 #80) @bbezanson @oleg-nenashev
- Update Eclipse Temurin to 11.0.20_8 (#79 #80) @bbezanson @oleg-nenashev
Contributors
bbezanson and oleg-nenashev
Assets 2
WireMock 3.0.0-1
π New features and improvements
- Update images to WireMock 3.0.0 (#74) @oleg-nenashev
- This is a potentially breaking change but the impact on the image end users should be minimal unless you use extensions. relying on incompatible API changes See the WireMock 3.0.0 changelog for all the references and details
π» Maintenance
- Update integration tests to the the WireMock Testcontainers module 1.0-alpha-6 version (#72) @oleg-nenashev
- Adopt Testcontainers integration tests in Main and Nightly baseline builds (#72) @oleg-nenashev
Contributors
oleg-nenashev
Assets 2
2.35.0-1
π New features and improvements
- Update Java to Eclipse Temurin JRE 11 latest version AND pin the version (#65) @oleg-nenashev
- Create placeholder directories for mappings, files and extensions (#68) @oleg-nenashev
π» Maintenance
- Use the Manual release flow, support different Docker image tags and bundled versions (#71) @oleg-nenashev
- Use the
wiremockbotDockerHub Account for deployments (#70) @oleg-nenashev - Add Release Drafter to automate changelogs (#69) @oleg-nenashev
- WireMock Integration Tests (#67) @oleg-nenashev
- Add community Slack badge to the header (#63) @oleg-nenashev
Contributors
oleg-nenashev
Assets 2
2.35.0
upgrade to version 2.35.0
2.34.0
upgrade to version 2.34.0