Skip to main content

Changelog for Ory Oathkeeper OEL

v26.1.16

Pass through HTTP 429 rate-limit errors with upstream headers

Oathkeeper now propagates rate-limit headers (Retry-After, X-Rate-Limit-, RateLimit-) from upstream services when returning HTTP 429 responses. Previously, rate-limit errors lost their headers during error handling, preventing clients from knowing when to retry. This fix also resolves a potential data race caused by mutating shared error sentinel values.

26.1.15

This version contains only minor changes and improvements such as dependency updates.

26.1.14

This version contains only minor changes and improvements such as dependency updates.

26.1.13

This version contains only minor changes and improvements such as dependency updates.

26.1.12

This version contains only minor changes and improvements such as dependency updates.

26.1.11

This version contains only minor changes and improvements such as dependency updates.

26.1.10

This version contains only minor changes and improvements such as dependency updates.

26.1.9

This version contains only minor changes and improvements such as dependency updates.

26.1.8

This version contains only minor changes and improvements such as dependency updates.

26.1.7

This version contains only minor changes and improvements such as dependency updates.

26.1.6

This version contains only minor changes and improvements such as dependency updates.

26.1.5

This version contains only minor changes and improvements such as dependency updates.

26.1.4

This version contains only minor changes and improvements such as dependency updates.

26.1.3

This version contains only minor changes and improvements such as dependency updates.

26.1.2

This version contains only minor changes and improvements such as dependency updates.

26.1.1

This version contains only minor changes and improvements such as dependency updates.

26.1.0

This version contains only minor changes and improvements such as dependency updates.

25.4.12

This version contains only minor changes and improvements such as dependency updates.

25.4.11

This version contains only minor changes and improvements such as dependency updates.

25.4.10

This version contains only minor changes and improvements such as dependency updates.

25.4.9

This version contains only minor changes and improvements such as dependency updates.

25.4.8

This version contains only minor changes and improvements such as dependency updates.

25.4.7

This version contains only minor changes and improvements such as dependency updates.

25.4.6

This version contains only minor changes and improvements such as dependency updates.

25.4.5

This version contains only minor changes and improvements such as dependency updates.

25.4.4

This version contains only minor changes and improvements such as dependency updates.

25.4.3

This version contains only minor changes and improvements such as dependency updates.

25.4.2

This version contains only minor changes and improvements such as dependency updates.

25.4.1

This version contains only minor changes and improvements such as dependency updates.

25.4.0

This version contains only minor changes and improvements such as dependency updates.

25.3.9

This version contains only minor changes and improvements such as dependency updates.

25.3.8

This version contains only minor changes and improvements such as dependency updates.

25.3.7

This version contains only minor changes and improvements such as dependency updates.

25.3.6

This version contains only minor changes and improvements such as dependency updates.

v25.3.5

Change of base image

The base image for OEL images is now set to "gcr.io/distroless/static-debian12:nonroot". Previously, it was "gcr.io/distroless/static-debian12:debug-nonroot", which included BusyBox (a minimal shell and basic debugging utilities). Debug images are still available using the "-debug" tag suffix.

25.3.4

This version contains only minor changes and improvements such as dependency updates.

25.3.3

This version contains only minor changes and improvements such as dependency updates.

2025-05-08

Initial Ory Oathkeeper OEL release

Changes:

fix security vulnerability classified as critical CVE-2025-22871
fix security vulnerability classified as high CVE-2025-30204 (GHSA-mh63-6h87-95cp)

No specific upgrade steps are required for this release. The Ory Kratos OEL image is now available in the Ory Enterprise Docker Registry.

2025-05-08
- Initial Ory Oathkeeper OEL release

Ory Network

The best way to manage identities, authentication, authorization, and access control—designed for speed, security, and compliance.

Sign up for a free account