Skip to content

Sencho

v0.73.0 Security

This release includes 2 security fixes for security teams reviewing exposed deployments.

Published 1mo Containers & Orchestration
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 2 known CVEs

Affected surfaces

auth rbac

Summary

AI summary

Added fleet‑sync anchor, hide identity policies, self‑demote endpoint, retry/backfill, and audit‑hardening for CVE suppressions and secret scanning.

Full changelog

0.73.0 (2026-05-07)

Added

  • fleet-sync: anchor replicas to a control fingerprint (#968) (f3757b4)
  • fleet-sync: hide other replicas' identity-scoped policies on a replica (#973) (a284732)
  • fleet-sync: replica self-demote endpoint and role UX (#969) (7dde257)
  • fleet-sync: retry failed pushes and backfill on add-node (#970) (33b15d6)
  • security: audit-hardening pass for fleet-replicated CVE suppressions (#976) (060bc30)
  • security: audit-hardening pass for secret and misconfiguration scanning (#977) (887d8fb)

Fixed

  • fleet-sync: clear stale policy_evaluation on replica sync swap (#971) (f8c75aa)
  • fleet-sync: hygiene pass on receiver behavior and cleanup (#972) (4007709)
  • fleet-sync: version the wire protocol and serialize per-node pushes (#967) (27660f6)

Security Fixes

  • audit‑hardening pass for fleet‑replicated CVE suppressions
  • audit‑hardening pass for secret and misconfiguration scanning
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Sencho

Get notified when new releases ship.

Sign up free

About Sencho

All releases →

Related context

Beta — feedback welcome: [email protected]