Releases: envoyproxy/envoy
v1.30.7
repo: Release v1.30.7
Summary of changes
- Minor tracing bug fix
- CI and release container updates
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.7
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.7/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.7/version_history/v1.30/v1.30.7
Full changelog:
v1.30.6...v1.30.7
Signed-off-by: Kateryna Nezdolii kateryna.nezdolii@gmail.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.29.10
repo: Release v1.29.10
Summary of changes
- Minor tracing bug fix
- CI and release container updates
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.10
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.10/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.10/version_history/v1.29/v1.29.10
Full changelog:
v1.29.9...v1.29.10
Signed-off-by: Ryan Northey ryan@synca.io
Signed-off-by: Kateryna Nezdolii kateryna.nezdolii@gmail.com
v1.32.0
repo: Release v1.32.0 (#36597)
Summary of changes:
- Envoy now logs warnings when
internal_address_config
is not set. If
you see this logged warning and wish to retain trusted status for
internal addresses you must explicitly configure
internal_address_config
(which will turn off the warning) before the
next Envoy release. - Removed support for (long deprecated) opentracing.
- Added a configuration setting for the maximum size of response headers
in responses. - Added support for
connection_pool_per_downstream_connection
flag in
tcp connection pool. - For the strict DNS and logical DNS cluster types, the
dns_jitter
field allows spreading out DNS refresh requests - Added dynamic metadata matcher support
dynamic metadata input
and
dynamic metadata input matcher
. - The xff original IP detection method now supports using a list of
trusted CIDRs when parsingx-forwarded-for
. - QUIC server and client support certificate compression, which can in
some cases reduce the number of round trips required to setup a
connection. - Added the ability to monitor CPU utilization in Linux based systems
viacpu utilization monitor
in overload manager. - Added new access log command operators (
%START_TIME_LOCAL%
and
%EMIT_TIME_LOCAL%
) formatters (%UPSTREAM_CLUSTER_RAW%
%DOWNSTREAM_PEER_CHAIN_FINGERPRINTS_256%
, and
%DOWNSTREAM_PEER_CHAIN_SERIALS%
) as well as significant boosts to json
parsing. See release notes for details - Added support for
%BYTES_RECEIVED%
,%BYTES_SENT%
,
%UPSTREAM_HEADER_BYTES_SENT%
,%UPSTREAM_HEADER_BYTES_RECEIVED%
,
%UPSTREAM_WIRE_BYTES_SENT%
,%UPSTREAM_WIRE_BYTES_RECEIVED%
and
access log substitution strings for UDP tunneling flows. - Added ECDS support for UDP session filters.
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.32.0
Docs:
https://www.envoyproxy.io/docs/envoy/v1.32.0/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.32.0/version_history/v1.32/v1.32.0
Full changelog:
v1.31.0...v1.32.0
Signed-off-by: Alyssa Wilk alyssar@chromium.org
v1.31.2
CVE-2024-45807: oghttp2 crash on OnBeginHeadersForStream
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy
headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.2
Docs:
https://www.envoyproxy.io/docs/envoy/v1.31.2/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.31.2/version_history/v1.31/v1.31.2
Full changelog:
v1.31.1...v1.31.2
Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.30.6
Summary of changes
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy
headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.6
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.6/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.6/version_history/v1.30/v1.30.6
Full changelog:
v1.30.5...v1.30.6
Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.29.9
Summary of changes
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy
headers from external sources
CVE-2024-45809: Jwt filter crash in the clear route cache with remote JWKs
CVE-2024-45810: Envoy crashes for LocalReply in http async client
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.9
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.9/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.9/version_history/v1.29/v1.29.9
Full changelog:
v1.29.8...v1.29.9
Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.28.7
Summary of changes
CVE-2024-45808: Malicious log injection via access logs
CVE-2024-45806: Potential manipulate x-envoy
headers from external sources
CVE-2024-45810: Envoy crashes for LocalReply in http async client
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.28.7
Docs:
https://www.envoyproxy.io/docs/envoy/v1.28.7/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.28.7/version_history/v1.28/v1.28.7
Full changelog:
v1.28.6...v1.28.7
Signed-off-by: Boteng Yao boteng@google.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.31.1
repo: Release v1.31.1
Summary of changes:
- Update curl lib to resolve CVE-2024-7264
- Assorted fixes
- Updated container images
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.31.1
Docs:
https://www.envoyproxy.io/docs/envoy/v1.31.1/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.31.1/version_history/v1.31/v1.31.1
Full changelog:
v1.31.0...v1.31.1
Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.30.5
repo: Release v1.30.5
Summary of changes:
- Update curl lib to resolve CVE-2024-7264
- Assorted fixes
- Updated container images
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.30.5
Docs:
https://www.envoyproxy.io/docs/envoy/v1.30.5/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.30.5/version_history/v1.30/v1.30.5
Full changelog:
v1.30.4...v1.30.5
Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io
v1.29.8
repo: Release v1.29.8
Summary of changes:
- Update curl lib to resolve CVE-2024-7264
- Assorted fixes
- Updated container images
Docker images:
https://hub.docker.com/r/envoyproxy/envoy/tags?page=1&name=v1.29.8
Docs:
https://www.envoyproxy.io/docs/envoy/v1.29.8/
Release notes:
https://www.envoyproxy.io/docs/envoy/v1.29.8/version_history/v1.29/v1.29.8
Full changelog:
v1.29.7...v1.29.8
Signed-off-by: Raven Black ravenblack@dropbox.com
Signed-off-by: Ryan Northey ryan@synca.io